Commit Graph

608 Commits

Author SHA1 Message Date
Valentin Tolmer
f152a78cb6 github: add dependabot for checking actions versions 2021-11-29 09:54:58 +01:00
Valentin Tolmer
6191fb226a docker: Fix permission issues, remove user from container 2021-11-28 00:55:35 +01:00
Valentin Tolmer
9653d64eb1 config: Prevent loading the wrong server_key 2021-11-28 00:55:35 +01:00
kaysond
5b5395103a copy style.css into the container 2021-11-26 08:08:10 +01:00
kaysond
a1e50defbe add docs to config template 2021-11-25 20:41:59 +01:00
kaysond
656451435e move bash install into previous RUN command 2021-11-25 20:41:59 +01:00
kaysond
859ed97ca8 add an entrypoint script that allows setting secrets from a file; version the upstream containers 2021-11-25 20:41:59 +01:00
Valentin Tolmer
df889ee2fe authelia: Re-enable password reset 2021-11-25 10:27:34 +01:00
Valentin Tolmer
faee271705 docker: Fix pkg copy 2021-11-25 10:10:20 +01:00
Valentin Tolmer
ba7848d043 Revert "github: Fix dockerhub description update"
Description updates doesn't work with app passwords.
2021-11-23 13:10:45 +01:00
Valentin Tolmer
45f5bb51d9 github: Fix dockerhub description update 2021-11-23 13:02:31 +01:00
Valentin Tolmer
c0869b4324 docker: add comment 2021-11-23 11:47:59 +01:00
Valentin Tolmer
edf9e538ce gitignore: misc 2021-11-23 00:25:47 +01:00
Valentin Tolmer
4a5abfd395 app: Implement the second part of password reset 2021-11-23 00:25:47 +01:00
Valentin Tolmer
9fb4afcf60 app: Implement the first screen of password reset 2021-11-23 00:25:47 +01:00
Valentin Tolmer
789c8f367e server: Send an email for password resets 2021-11-23 00:25:47 +01:00
Valentin Tolmer
db2b5cbae0 server: Add http_url to the configuration 2021-11-23 00:25:47 +01:00
Valentin Tolmer
a13bfc3575 server: Implement password reset
It's still missing the email.

This also secures the password change method with a JWT token check: you
have to be logged in to change the password.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
7b5ad47ee2 server: Make the JWT cookies valid for /
This will be used to secure the password change API.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
e1503743b5 server: Add methods to get/set a password reset token 2021-11-23 00:25:47 +01:00
Valentin Tolmer
88732556c1 server: Add an SQL table to store password reset tokens 2021-11-23 00:25:47 +01:00
Valentin Tolmer
35d0cc0fb0 readme: Improve title, add comparisons 2021-11-23 00:25:47 +01:00
Valentin Tolmer
6456149e50 release-tools: Add docker flow and release preparation script 2021-11-23 00:25:47 +01:00
Valentin Tolmer
f1bda21cad misc: Make openssl vendored for cross-compil 2021-11-23 00:25:47 +01:00
Valentin Tolmer
7b081fce61 docker: Small improvements 2021-11-23 00:25:47 +01:00
Valentin Tolmer
618e7e3585 dockerignore: ignore more artefacts 2021-11-23 00:25:47 +01:00
Valentin Tolmer
790fd7c5d1 cargo: Update to 2021 edition 2021-11-23 00:25:47 +01:00
Valentin Tolmer
4551e27b55 server, auth: Update some dependencies 2021-11-23 00:25:47 +01:00
Valentin Tolmer
ad1ee52d76 server: Prevent sqlx from logging unless verbose 2021-11-23 00:25:47 +01:00
Valentin Tolmer
9124339b96 server: Prevent passwords and secrets from being printed 2021-11-23 00:25:47 +01:00
Valentin Tolmer
617a0f53fa server: Send an email with the test command 2021-11-23 00:25:47 +01:00
Valentin Tolmer
2a90443ed8 gitignore: Prevent adding .env to git 2021-11-23 00:25:47 +01:00
Valentin Tolmer
1d54ca8040 server: Load config for both run and mail 2021-11-23 00:25:47 +01:00
Valentin Tolmer
77ced7ea43 misc: Forbid non-ascii identifiers
That prevents a class of unicode attacks, e.g. invisible characters.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
fa0105fa96 cli: Add a "send test email" command
Still unimplemented. This re-organizes the command-line flags.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
18e3892e55 configuration: Add smtp config values. 2021-11-23 00:25:47 +01:00
Valentin Tolmer
350fdcdf9b server: improve error messages 2021-11-23 00:25:47 +01:00
Valentin Tolmer
adf088c74b configuration: move default values inline 2021-11-23 00:25:47 +01:00
Valentin Tolmer
c055c4e671 server: Add lettre dependency to handle emails 2021-11-23 00:25:47 +01:00
Przemek Dragańczuk
98a305e877 Keycloak requires a full DN, not just the username 2021-11-12 15:53:51 +01:00
Valentin Tolmer
47ee56873e ldap: Improve coverage of filters 2021-11-08 11:10:40 +01:00
Valentin Tolmer
ee863f74fc ldap: Add tests for password change 2021-11-08 11:10:40 +01:00
Valentin Tolmer
24e3125e34 ldap: Test the "memberOf" filter 2021-11-08 11:10:40 +01:00
Valentin Tolmer
06b6653dff ldap: Test more invalid DNs 2021-11-08 11:10:40 +01:00
Valentin Tolmer
62745970c6 ldap: Add context to the errors 2021-11-08 11:10:40 +01:00
Valentin Tolmer
ea3142da5d ldap: test message handler 2021-11-08 11:10:40 +01:00
Valentin Tolmer
656edc3763 README: Add keycloak config guide 2021-11-08 09:31:29 +01:00
Valentin Tolmer
d96b534921 ldap: Improve debug messages 2021-11-08 09:31:29 +01:00
Valentin Tolmer
9a024cd7fc ldap: Fix response when both users and groups are returned 2021-11-08 09:31:29 +01:00
Valentin Tolmer
c964428858 fixup: group filters 2021-11-08 09:31:29 +01:00