Commit Graph

69 Commits

Author SHA1 Message Date
Valentin Tolmer
e1e1d6cd20 ldap: accept "uid" or "cn" as username 2022-04-29 10:02:43 +02:00
Valentin Tolmer
f52197e76f server: allow non-admin user to do limited searches 2022-04-25 09:34:25 +02:00
Valentin Tolmer
3ac38bb96f ldap_handler: Reports groups as groupOfNames as well 2022-04-20 10:54:21 +02:00
Valentin Tolmer
2197fe77a5 server: Handle "1.1" special attribute 2022-04-18 12:01:58 +02:00
Valentin Tolmer
3a6c5fdc65 server: Report errors sending email 2022-04-17 23:14:10 +02:00
Valentin Tolmer
ca19e61f50 domain: introduce UserId to make uid case insensitive
Note that if there was a non-lowercase user already in the DB, it cannot
be found again. To fix this, run in the DB:

sqlite> UPDATE users SET user_id = LOWER(user_id);
2022-03-26 18:23:19 +01:00
Hendrik Schlehlein
82df8d4ca1 feat: add simple login 2022-03-04 12:04:10 +01:00
Valentin Tolmer
c850fa4273 server: refactor group requests to use filters 2022-02-12 14:27:02 +01:00
Valentin Tolmer
a1fe703bf0 server: rename RequestFilter to UserRequestFilter 2022-02-12 14:27:02 +01:00
Valentin Tolmer
d20bd196bc ldap_handler: trim spaces in LDAP identifiers 2022-02-11 09:34:21 +01:00
Valentin Tolmer
8e8614fe2e server: fix clippy warning 2021-12-08 12:01:56 +01:00
Valentin Tolmer
110b7c7d5b server: fix command line version stuck at 0.1 2021-12-08 12:01:56 +01:00
kaysond
82770a5ff0 restore comment 2021-12-01 00:38:54 +01:00
kaysond
e11a8460ff add SRI for other resources; add routing for all root requests 2021-12-01 00:38:54 +01:00
kaysond
7731b8e593 download static fonts to their own directory 2021-12-01 00:38:54 +01:00
kaysond
45c50923b7 fix rust formatting 2021-12-01 00:38:54 +01:00
kaysond
9f138ec4ac server libraries locally in the docker container 2021-12-01 00:38:54 +01:00
Valentin Tolmer
9653d64eb1 config: Prevent loading the wrong server_key 2021-11-28 00:55:35 +01:00
Valentin Tolmer
789c8f367e server: Send an email for password resets 2021-11-23 00:25:47 +01:00
Valentin Tolmer
db2b5cbae0 server: Add http_url to the configuration 2021-11-23 00:25:47 +01:00
Valentin Tolmer
a13bfc3575 server: Implement password reset
It's still missing the email.

This also secures the password change method with a JWT token check: you
have to be logged in to change the password.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
7b5ad47ee2 server: Make the JWT cookies valid for /
This will be used to secure the password change API.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
e1503743b5 server: Add methods to get/set a password reset token 2021-11-23 00:25:47 +01:00
Valentin Tolmer
88732556c1 server: Add an SQL table to store password reset tokens 2021-11-23 00:25:47 +01:00
Valentin Tolmer
790fd7c5d1 cargo: Update to 2021 edition 2021-11-23 00:25:47 +01:00
Valentin Tolmer
ad1ee52d76 server: Prevent sqlx from logging unless verbose 2021-11-23 00:25:47 +01:00
Valentin Tolmer
9124339b96 server: Prevent passwords and secrets from being printed 2021-11-23 00:25:47 +01:00
Valentin Tolmer
617a0f53fa server: Send an email with the test command 2021-11-23 00:25:47 +01:00
Valentin Tolmer
1d54ca8040 server: Load config for both run and mail 2021-11-23 00:25:47 +01:00
Valentin Tolmer
fa0105fa96 cli: Add a "send test email" command
Still unimplemented. This re-organizes the command-line flags.
2021-11-23 00:25:47 +01:00
Valentin Tolmer
18e3892e55 configuration: Add smtp config values. 2021-11-23 00:25:47 +01:00
Valentin Tolmer
350fdcdf9b server: improve error messages 2021-11-23 00:25:47 +01:00
Valentin Tolmer
adf088c74b configuration: move default values inline 2021-11-23 00:25:47 +01:00
Valentin Tolmer
47ee56873e ldap: Improve coverage of filters 2021-11-08 11:10:40 +01:00
Valentin Tolmer
ee863f74fc ldap: Add tests for password change 2021-11-08 11:10:40 +01:00
Valentin Tolmer
24e3125e34 ldap: Test the "memberOf" filter 2021-11-08 11:10:40 +01:00
Valentin Tolmer
06b6653dff ldap: Test more invalid DNs 2021-11-08 11:10:40 +01:00
Valentin Tolmer
62745970c6 ldap: Add context to the errors 2021-11-08 11:10:40 +01:00
Valentin Tolmer
ea3142da5d ldap: test message handler 2021-11-08 11:10:40 +01:00
Valentin Tolmer
d96b534921 ldap: Improve debug messages 2021-11-08 09:31:29 +01:00
Valentin Tolmer
9a024cd7fc ldap: Fix response when both users and groups are returned 2021-11-08 09:31:29 +01:00
Valentin Tolmer
c964428858 fixup: group filters 2021-11-08 09:31:29 +01:00
Valentin Tolmer
f98023e67f ldap: Improve support for group filters 2021-11-08 09:31:29 +01:00
Valentin Tolmer
e68d46d4fe ldap: Make attribute matching case insensitive 2021-11-08 09:31:29 +01:00
Valentin Tolmer
9a680a7d06 server: Add a debug log for LDAP messages 2021-11-08 09:31:29 +01:00
Valentin Tolmer
7345cc42d0 ldap: Add support for createTimestamp and modifyTimestamp
This should help with KeyCloak support.
2021-11-08 09:31:29 +01:00
Valentin Tolmer
43ffeca24d ldap: Add support for password modify extension
This allows other systems (e.g. Authelia) to reset passwords for users.
2021-10-28 18:20:01 +02:00
Valentin Tolmer
31e1ff358b ldap: Implement a rootDSE response
This is the message that broadcasts the capabilities of the server,
including the supported extensions.
2021-10-28 18:20:01 +02:00
Valentin Tolmer
d423c64d57 ldap: Switch to using LdapOp instead of ServerOp
This is in preparation of supporting the password change message, since
this is from the Extended Operations that is not available in the simple
ServerOp.
2021-10-28 18:20:01 +02:00
Valentin Tolmer
438ac2818a ldap: Add support for "dn" attribute 2021-10-28 16:36:13 +02:00