globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2270 commits 5 branches 57 tags 18 MiB
Commit graph

629 commits

Author SHA1 Message Date
Félix Rohrlich
36c73dd3ef Merge branch '173-intruder-lockout-2' into 'main' 
Implement intruder lockout

Closes #173

See merge request yaal/canaille!194
 2024-12-16 15:32:21 +00:00
Éloi Rivard
44c5669d97
doc: prefer 'multi-factor' over 'two-factor' term 2024-12-12 12:04:40 +01:00
Éloi Rivard
92214d932d
wip 2024-12-11 17:46:14 +01:00
Éloi Rivard
10abb2013a
feat: scim endpoint authentication 2024-12-11 17:35:16 +01:00
Éloi Rivard
a299bb92ba
feat: basic SCIM server implementation 2024-12-11 17:35:16 +01:00
Félix Rohrlich
80ef1741a7 feat : Added intruder lockout login delay 2024-12-10 14:23:11 +01:00
Félix Rohrlich
e1d70ef8cd feat : Added sms OTP authentication and multi-factor authentication methods chaining 2024-12-10 11:27:18 +01:00
Félix Rohrlich
6d48ce9043 feat: Added email OTP authentication 2024-12-10 11:27:18 +01:00
Félix Rohrlich
c8e774ab46 refactor: moved reset-mfa cli function and added documentation and test cases for it 2024-12-10 11:27:18 +01:00
Félix Rohrlich
b01e8323d8 feat : Added HOTP authentication and CLI Multi-factor authentication reset 2024-12-10 11:27:18 +01:00
Félix Rohrlich
74e0c8d635 feat : Added time one-time password (TOTP) authentication 2024-12-10 11:27:18 +01:00
Éloi Rivard
bbacb1703c
tests: attempt to fix the token creation audience assertion 2024-12-10 08:12:13 +01:00
Éloi Rivard
bab6fc6504
feat: button to create a new client token 2024-12-06 20:21:14 +01:00
Éloi Rivard
5bc438d21d
feat: implement OIDC client_credentials flow 2024-12-06 15:09:25 +01:00
Éloi Rivard
a4985184fa
tests: fix dotenv unit test after 21464e952a 2024-12-06 15:06:20 +01:00
Éloi Rivard
21464e952a
fix: do not automatically load .env files 2024-12-05 15:14:12 +01:00
Éloi Rivard
57bb0e01bc
tests: put 'TESTING=True' in the common conf 2024-12-05 14:56:18 +01:00
Éloi Rivard
3ecda0ceab
doc: password compromission details 2024-11-21 10:43:31 +01:00
Éloi Rivard
ac8dc19ff2
tests: fix LDAP email placeholder test 2024-11-20 23:49:12 +01:00
Éloi Rivard
77667c6f52
refactor: all domains used in the unit test suite are now .test 
this ensures they will never be valid, and will never generate real
world requests
 2024-11-20 23:30:48 +01:00
Éloi Rivard
0af36824cb
tests: fix assertions on the compromission password tests 2024-11-20 14:32:25 +01:00
sebastien
010bb4ea06 updates tests without API call 2024-11-19 14:49:36 +01:00
sebastien
bfff1bcdc1 refacto form test: separating htmx request and form submit 2024-11-19 14:46:38 +01:00
sebastien
b49f1df395 Adds configuration variable for hibp api url 2024-11-19 11:20:25 +01:00
sebastien
ce8dba03fe remove admin_group from conftest because, we use a mock to avoid api cal in tests. So we don't need an admin group anymore. 2024-11-19 09:13:31 +01:00
sebastien
d18b555204 adds new log when HIBP API call fails 2024-11-19 09:11:02 +01:00
sebastien
9b8f8e9cd4 updates configuration and config.sample and demo config files toinclude new parameters. adds new tests for configuration condition. 2024-11-15 16:28:21 +01:00
sebastien
a7a93a7d1c adds comment to explain API response content in test 2024-11-15 12:22:10 +01:00
sebastien
dc2824da2b adds tests for admin mails display 2024-11-15 12:21:28 +01:00
sebastien
d6dfd439f3 adds tests for ENABLE_PASSWORD_COMPROMISSION_CHECK config 2024-11-14 16:10:43 +01:00
sebastien
ec43d9157f avoids api call from tests 2024-11-14 15:32:31 +01:00
sebastien
4c146cc970 changes flash message when the password is compromised. 2024-11-13 16:21:52 +01:00
sebastien
f67477f5e1 adds tests for ADMIN_EMAIL config variable 2024-11-12 16:50:51 +01:00
sebastien
ea24f96e85 adds new config variable in case there is no default admin group in ACL/ADMIN/FILTER 2024-11-12 16:50:00 +01:00
sebastien
c13b590cd9 final tests for password compromise investigation failure 2024-11-12 09:18:55 +01:00
sebastien
834eaaa2c4 refacto test 2024-11-08 15:16:38 +01:00
sebastien
d951c2e18d new tests on failure of api request with htmx and without SMTP 2024-11-08 15:15:12 +01:00
sebastien
f173a66793 adds new tests for compromised_password_check_failure situation. 2024-11-07 15:51:21 +01:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
sebastien
b47c949239 adds tests for check if password is compromised or not 2024-11-05 16:59:03 +01:00
sebastien
ff871f1340 updates tests with compromised password check with api HIBP 2024-11-05 15:44:25 +01:00
sebastien yaal
a4bd03f71c feat: password strength indicator 2024-10-28 21:17:47 +00:00
Éloi Rivard
3a3cd304b8
tests: refactor logging tests 
add restaure 100% coverage
 2024-10-27 21:46:47 +01:00
Félix Rohrlich
603eab0b3c refactor : added proper security logging level and refactored change email logging 2024-10-21 11:17:55 +02:00
Félix Rohrlich
038e6c094e feat: Added security logs for email update, forgotten password mail, token emission/refresh/revokation, new consent, consent revokation #177 2024-10-14 14:04:39 +02:00
Félix Rohrlich
545fb2d342 feat: change password events are logged in #177 2024-10-09 15:55:01 +02:00
Éloi Rivard
b14cc2b5ad
refactor: separate the loading of User permissions 2024-09-18 10:00:58 +02:00
Éloi Rivard
b55b42787f
tests: add assertions on account permissions tests 2024-09-17 20:23:30 +02:00
Éloi Rivard
001d635295
tests: missing client_id on OIDC authorization page 2024-09-13 15:08:23 +02:00
Éloi Rivard
cfabcc485c
chore: automitaclly fix typos 2024-09-11 09:33:42 +02:00