From e700b85648d06005d217eb6e867c00db73350432 Mon Sep 17 00:00:00 2001 From: sebastien Date: Tue, 19 Nov 2024 15:17:09 +0100 Subject: [PATCH] updates features and CHANGES --- CHANGES.rst | 6 +++++- doc/features.rst | 8 +++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index f908bb91..4d65e149 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -3,7 +3,11 @@ Added ^^^^^ -- Password compromise check :issue:`179` +- Password compromission check :issue:`179` +- :attr:`~canaille.core.configuration.CoreSettings.ADMIN_EMAIL` and + :attr:`~canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK` and + :attr:`~canaille.core.configuration.CoreSettings.API_URL_HIBP` + :issue:`179` [0.0.56] - 2024-11-07 --------------------- diff --git a/doc/features.rst b/doc/features.rst index 213e139a..884e02d7 100644 --- a/doc/features.rst +++ b/doc/features.rst @@ -167,6 +167,13 @@ User :attr:`passwords ` are optional. If a :class:`mail server ` is configured, when users with no password attempt to sign in, they are invited to click a button that will send them a password initialization mail. The mail contains a link that leads to a form that allows users to choose a password. +.. _feature_password_compromission_check: + +Password compromission check +============================ + +If :attr:`password compromission check feature ` is enabled, Canaille will check for password compromise on HIBP (https://haveibeenpwned.com/) every time a new password is register. You will need to set an :attr:`admin email `. + .. _feature_i18n: Internationalization @@ -308,7 +315,6 @@ Security - :issue:`Authentication logging policy <177>` - :issue:`Intruder lockout <173>` - :issue:`Password expiry policy <176>` -- :issue:`Password compromission check <179>` - :issue:`Multi-factor authentication: Email <47>` - :issue:`Multi-factor authentication: SMS <47>` - :issue:`Multi-factor authentication: OTP <47>`