Commit graph

215 commits

Author SHA1 Message Date
Félix Rohrlich
e1d70ef8cd feat : Added sms OTP authentication and multi-factor authentication methods chaining 2024-12-10 11:27:18 +01:00
Félix Rohrlich
6d48ce9043 feat: Added email OTP authentication 2024-12-10 11:27:18 +01:00
Félix Rohrlich
c8e774ab46 refactor: moved reset-mfa cli function and added documentation and test cases for it 2024-12-10 11:27:18 +01:00
Félix Rohrlich
b01e8323d8 feat : Added HOTP authentication and CLI Multi-factor authentication reset 2024-12-10 11:27:18 +01:00
Félix Rohrlich
74e0c8d635 feat : Added time one-time password (TOTP) authentication 2024-12-10 11:27:18 +01:00
Stéphane
83ab381b13 fix: doc: add a missing dot 2024-12-08 20:04:37 +01:00
Éloi Rivard
13a98fda2c
doc: ACL permissions wording 2024-12-08 12:22:41 +01:00
Éloi Rivard
bdb61a5b38
doc: password length configuration wording 2024-12-08 11:58:21 +01:00
Éloi Rivard
e576a51554
doc: avoid ending sentences with :: 2024-12-08 11:36:38 +01:00
Éloi Rivard
f06053b87e
doc: Fix logging configuration wording 2024-12-08 11:27:56 +01:00
Éloi Rivard
4181614364
chore: fix first login text mail message 2024-12-05 13:24:03 +01:00
Éloi Rivard
6d8799d052
refactor: use the Features class to know if a feature is available
instead of simply looking at the configuration
2024-12-05 12:20:30 +01:00
sebastien
354ffc4b94 replaces http://127.0.0.1:5000 by {{ site_url }} 2024-11-26 13:37:28 +01:00
Éloi Rivard
3ecda0ceab
doc: password compromission details 2024-11-21 10:43:31 +01:00
Éloi Rivard
19159c5a80
refactor: use @example.com for email placeholders 2024-11-20 23:42:58 +01:00
sebastien yaal
734f2a85ac Merge branch 'main' into '179-check-passwords-on-compromised-password-databases'
# Conflicts:
#   canaille/translations/messages.pot
2024-11-19 14:38:12 +00:00
sebastien
d9f01fef6e hotfix 2024-11-19 13:56:07 +01:00
sebastien
b49f1df395 Adds configuration variable for hibp api url 2024-11-19 11:20:25 +01:00
sebastien
9b8f8e9cd4 updates configuration and config.sample and demo config files toinclude new parameters. adds new tests for configuration condition. 2024-11-15 16:28:21 +01:00
sebastien
738ea3a5ac adds description on ENABLE_PASSWORD_COMPROMISSION_CHECK config setting 2024-11-13 16:22:50 +01:00
sebastien
ae9c1309b9 adds pre-visualization mail buttons when api request on HIBP have failed in canaille/core/templates/mails/admin.html 2024-11-13 16:20:30 +01:00
sebastien
2a57a05155 adds configuration option set by default False to check password compromise 2024-11-13 16:12:50 +01:00
Éloi Rivard
08e0dd47bd
fix: disable the mail sending test when no SMTP server is configured 2024-11-13 10:58:11 +01:00
sebastien
ea24f96e85 adds new config variable in case there is no default admin group in ACL/ADMIN/FILTER 2024-11-12 16:50:00 +01:00
sebastien
9844818280 Merge branch '179-check-passwords-on-compromised-password-databases' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 10:34:12 +01:00
sebastien
e6a9f2dcc6 Merge branch 'main' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 09:15:29 +01:00
Éloi Rivard
6c4ef023cb
fix: disable zxcvbn for Python 3.13
https://github.com/fief-dev/zxcvbn-rs-py/issues/2
2024-11-06 19:23:43 +01:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
sebastien
fa3a5f6616 gets the emails of each admin to send them the compromised_password_check_failure_mail 2024-11-06 12:56:35 +01:00
Éloi Rivard
fe8e1160ab
refactor: move session related methods in a dedicated file 2024-11-06 09:10:43 +01:00
sebastien
9708809714 updates file names, variable names to be clearer. 2024-11-05 16:18:45 +01:00
sebastien
ca7f718353 adds mail sending to admin if failure of api HIBP request to check if password is compromised 2024-11-05 15:43:15 +01:00
sebastien
0acbb40ecd consumes haveibeenpwned API directly 2024-11-04 08:55:55 +01:00
sebastien yaal
a4bd03f71c feat: password strength indicator 2024-10-28 21:17:47 +00:00
Éloi Rivard
0b51b01031
refactor: apply ruff migrations for python 3.10+ 2024-10-28 09:13:00 +01:00
Félix Rohrlich
603eab0b3c refactor : added proper security logging level and refactored change email logging 2024-10-21 11:17:55 +02:00
Félix Rohrlich
038e6c094e feat: Added security logs for email update, forgotten password mail, token emission/refresh/revokation, new consent, consent revokation #177 2024-10-14 14:04:39 +02:00
Félix Rohrlich
545fb2d342 feat: change password events are logged in #177 2024-10-09 15:55:01 +02:00
Éloi Rivard
b14cc2b5ad
refactor: separate the loading of User permissions 2024-09-18 10:00:58 +02:00
Éloi Rivard
813640fef9
refactor: User.can_read do not call private vars
so they get a chance to be loaded if needed
2024-09-17 19:58:07 +02:00
Éloi Rivard
cfabcc485c
chore: automitaclly fix typos 2024-09-11 09:33:42 +02:00
Éloi Rivard
0cbaa3b3bc
feat: more blocks for theming firstlogin, forgotten-password and
reset-password pages
2024-05-21 18:08:44 +02:00
Éloi Rivard
61da0683bd
feat: more blocks for theming login and password pages 2024-05-21 17:17:48 +02:00
Éloi Rivard
b46102bb75
fix: crash for passwordless users at login when no SMTP server was configured 2024-05-14 23:15:41 +02:00
Éloi Rivard
3fb5d0149d
fix: SMTP feature can be disabled again 2024-05-14 23:04:32 +02:00
Éloi Rivard
43f9f328a5
refactor: factorize features definition 2024-05-14 22:53:47 +02:00
Éloi Rivard
194147d84e
doc: actually, document enums without any dependency 2024-05-14 09:32:32 +02:00
Éloi Rivard
345177f519
doc: user enum_tools instead of sphinx-auto-enum 2024-05-14 09:05:46 +02:00
Éloi Rivard
e44b2bf469
tests: fix CI 2024-05-03 22:35:57 +02:00
Éloi Rivard
16c3021a8f
refactor: Rename BaseBackend in Backend 2024-05-03 22:25:20 +02:00