Valentin Tolmer
a13bfc3575
server: Implement password reset
...
It's still missing the email.
This also secures the password change method with a JWT token check: you
have to be logged in to change the password.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
7b5ad47ee2
server: Make the JWT cookies valid for /
...
This will be used to secure the password change API.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
e1503743b5
server: Add methods to get/set a password reset token
2021-11-23 00:25:47 +01:00
Valentin Tolmer
88732556c1
server: Add an SQL table to store password reset tokens
2021-11-23 00:25:47 +01:00
Valentin Tolmer
790fd7c5d1
cargo: Update to 2021 edition
2021-11-23 00:25:47 +01:00
Valentin Tolmer
ad1ee52d76
server: Prevent sqlx from logging unless verbose
2021-11-23 00:25:47 +01:00
Valentin Tolmer
9124339b96
server: Prevent passwords and secrets from being printed
2021-11-23 00:25:47 +01:00
Valentin Tolmer
617a0f53fa
server: Send an email with the test command
2021-11-23 00:25:47 +01:00
Valentin Tolmer
1d54ca8040
server: Load config for both run and mail
2021-11-23 00:25:47 +01:00
Valentin Tolmer
77ced7ea43
misc: Forbid non-ascii identifiers
...
That prevents a class of unicode attacks, e.g. invisible characters.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
fa0105fa96
cli: Add a "send test email" command
...
Still unimplemented. This re-organizes the command-line flags.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
18e3892e55
configuration: Add smtp config values.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
350fdcdf9b
server: improve error messages
2021-11-23 00:25:47 +01:00
Valentin Tolmer
adf088c74b
configuration: move default values inline
2021-11-23 00:25:47 +01:00
Valentin Tolmer
47ee56873e
ldap: Improve coverage of filters
2021-11-08 11:10:40 +01:00
Valentin Tolmer
ee863f74fc
ldap: Add tests for password change
2021-11-08 11:10:40 +01:00
Valentin Tolmer
24e3125e34
ldap: Test the "memberOf" filter
2021-11-08 11:10:40 +01:00
Valentin Tolmer
06b6653dff
ldap: Test more invalid DNs
2021-11-08 11:10:40 +01:00
Valentin Tolmer
62745970c6
ldap: Add context to the errors
2021-11-08 11:10:40 +01:00
Valentin Tolmer
ea3142da5d
ldap: test message handler
2021-11-08 11:10:40 +01:00
Valentin Tolmer
d96b534921
ldap: Improve debug messages
2021-11-08 09:31:29 +01:00
Valentin Tolmer
9a024cd7fc
ldap: Fix response when both users and groups are returned
2021-11-08 09:31:29 +01:00
Valentin Tolmer
c964428858
fixup: group filters
2021-11-08 09:31:29 +01:00
Valentin Tolmer
f98023e67f
ldap: Improve support for group filters
2021-11-08 09:31:29 +01:00
Valentin Tolmer
e68d46d4fe
ldap: Make attribute matching case insensitive
2021-11-08 09:31:29 +01:00
Valentin Tolmer
9a680a7d06
server: Add a debug log for LDAP messages
2021-11-08 09:31:29 +01:00
Valentin Tolmer
7345cc42d0
ldap: Add support for createTimestamp and modifyTimestamp
...
This should help with KeyCloak support.
2021-11-08 09:31:29 +01:00
Valentin Tolmer
43ffeca24d
ldap: Add support for password modify extension
...
This allows other systems (e.g. Authelia) to reset passwords for users.
2021-10-28 18:20:01 +02:00
Valentin Tolmer
31e1ff358b
ldap: Implement a rootDSE response
...
This is the message that broadcasts the capabilities of the server,
including the supported extensions.
2021-10-28 18:20:01 +02:00
Valentin Tolmer
d423c64d57
ldap: Switch to using LdapOp instead of ServerOp
...
This is in preparation of supporting the password change message, since
this is from the Extended Operations that is not available in the simple
ServerOp.
2021-10-28 18:20:01 +02:00
Valentin Tolmer
438ac2818a
ldap: Add support for "dn" attribute
2021-10-28 16:36:13 +02:00
Valentin Tolmer
107c8ec96e
ldap: Implement group listing, fix various bugs
2021-10-23 18:24:03 +02:00
Valentin Tolmer
eef3afd2e2
server: Improve startup error messages and fail fast
2021-10-20 08:58:36 +02:00
Valentin Tolmer
7d9c1b1eec
readme: Add more information about the configuration of LDAP clients
2021-10-19 08:29:34 +02:00
Valentin Tolmer
f4edb99379
app: Add style.css, improve classes
...
Also change the server to be able to serve style.css.
2021-10-15 10:46:17 +02:00
Valentin Tolmer
263fd44156
server: add a display name to the administrator user
2021-10-15 08:05:50 +02:00
Valentin Tolmer
35ee2834a3
graphql: Add a method to create a group
2021-10-15 08:05:50 +02:00
Valentin Tolmer
42da86cf72
graphql: Implement looking up a group's users
2021-10-15 08:05:50 +02:00
Valentin Tolmer
65780ae0fe
graphql: Add a method to look up a group's details
2021-10-15 08:05:50 +02:00
Valentin Tolmer
d9abcd335d
config: Add a minimum password length
2021-10-07 18:33:47 +02:00
Valentin Tolmer
54b6f7d726
graphql: Add guardrails to prevent deleting all the admins
2021-09-28 13:50:56 +02:00
Valentin Tolmer
eb974e781c
graphql: Add a filter by group
2021-09-28 13:50:56 +02:00
Valentin Tolmer
09a23a1e59
ldap: Add support for memberOf and wildcards
2021-09-28 13:50:56 +02:00
Valentin Tolmer
c0d866b77b
graphql: Add a method to update group details
2021-09-28 13:50:56 +02:00
Valentin Tolmer
3b70762b42
graphql: Add a method to delete a group
2021-09-28 13:50:56 +02:00
Valentin Tolmer
e8831f607b
graphql: Add a method to delete a user
2021-09-24 16:46:30 +02:00
Valentin Tolmer
63467e5050
server: Prevent user updates from applying to everyone
2021-09-20 11:23:57 +02:00
Valentin Tolmer
480f48f820
graphql: Add a method to list groups
2021-09-20 11:23:57 +02:00
Valentin Tolmer
e4d6b122c5
graphql: Add methods to add/remove group memberships
2021-09-20 11:23:57 +02:00
Valentin Tolmer
005e18472e
app: reorganize and add a page to change the password
2021-09-13 10:35:39 +02:00
Valentin Tolmer
2954109d96
graphql: Add a method to update a user
2021-09-03 14:32:33 +02:00
Valentin Tolmer
0ac9e134de
schema: make user fields non-nullable
...
They can always be empty. This simplifies mutation, since graphql_client
doesn't have an easy way to conditionally leave out fields (we could do
that with `@include`, but that's one bool per field in addition to the
field, a bit ugly).
2021-09-03 14:32:33 +02:00
Valentin Tolmer
d8df47b35d
Move backend source to server/ subpackage
...
To clarify the organization.
2021-08-31 20:32:55 +02:00