globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2267 commits 5 branches 57 tags 18 MiB
Commit graph

133 commits

Author SHA1 Message Date
Félix Rohrlich
36c73dd3ef Merge branch '173-intruder-lockout-2' into 'main' 
Implement intruder lockout

Closes #173

See merge request yaal/canaille!194
 2024-12-16 15:32:21 +00:00
Éloi Rivard
44c5669d97
doc: prefer 'multi-factor' over 'two-factor' term 2024-12-12 12:04:40 +01:00
Félix Rohrlich
80ef1741a7 feat : Added intruder lockout login delay 2024-12-10 14:23:11 +01:00
Félix Rohrlich
e1d70ef8cd feat : Added sms OTP authentication and multi-factor authentication methods chaining 2024-12-10 11:27:18 +01:00
Félix Rohrlich
6d48ce9043 feat: Added email OTP authentication 2024-12-10 11:27:18 +01:00
Félix Rohrlich
b01e8323d8 feat : Added HOTP authentication and CLI Multi-factor authentication reset 2024-12-10 11:27:18 +01:00
Félix Rohrlich
74e0c8d635 feat : Added time one-time password (TOTP) authentication 2024-12-10 11:27:18 +01:00
Éloi Rivard
77667c6f52
refactor: all domains used in the unit test suite are now .test 
this ensures they will never be valid, and will never generate real
world requests
 2024-11-20 23:30:48 +01:00
Éloi Rivard
0af36824cb
tests: fix assertions on the compromission password tests 2024-11-20 14:32:25 +01:00
sebastien
010bb4ea06 updates tests without API call 2024-11-19 14:49:36 +01:00
sebastien
ce8dba03fe remove admin_group from conftest because, we use a mock to avoid api cal in tests. So we don't need an admin group anymore. 2024-11-19 09:13:31 +01:00
sebastien
d18b555204 adds new log when HIBP API call fails 2024-11-19 09:11:02 +01:00
sebastien
d6dfd439f3 adds tests for ENABLE_PASSWORD_COMPROMISSION_CHECK config 2024-11-14 16:10:43 +01:00
sebastien
4c146cc970 changes flash message when the password is compromised. 2024-11-13 16:21:52 +01:00
sebastien
f67477f5e1 adds tests for ADMIN_EMAIL config variable 2024-11-12 16:50:51 +01:00
sebastien
c13b590cd9 final tests for password compromise investigation failure 2024-11-12 09:18:55 +01:00
sebastien
834eaaa2c4 refacto test 2024-11-08 15:16:38 +01:00
sebastien
f173a66793 adds new tests for compromised_password_check_failure situation. 2024-11-07 15:51:21 +01:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
sebastien
b47c949239 adds tests for check if password is compromised or not 2024-11-05 16:59:03 +01:00
sebastien
ff871f1340 updates tests with compromised password check with api HIBP 2024-11-05 15:44:25 +01:00
sebastien yaal
a4bd03f71c feat: password strength indicator 2024-10-28 21:17:47 +00:00
Félix Rohrlich
603eab0b3c refactor : added proper security logging level and refactored change email logging 2024-10-21 11:17:55 +02:00
Félix Rohrlich
038e6c094e feat: Added security logs for email update, forgotten password mail, token emission/refresh/revokation, new consent, consent revokation #177 2024-10-14 14:04:39 +02:00
Félix Rohrlich
545fb2d342 feat: change password events are logged in #177 2024-10-09 15:55:01 +02:00
Éloi Rivard
b14cc2b5ad
refactor: separate the loading of User permissions 2024-09-18 10:00:58 +02:00
Éloi Rivard
b55b42787f
tests: add assertions on account permissions tests 2024-09-17 20:23:30 +02:00
Éloi Rivard
cfabcc485c
chore: automitaclly fix typos 2024-09-11 09:33:42 +02:00
Éloi Rivard
b46102bb75
fix: crash for passwordless users at login when no SMTP server was configured 2024-05-14 23:15:41 +02:00
Éloi Rivard
3fb5d0149d
fix: SMTP feature can be disabled again 2024-05-14 23:04:32 +02:00
Éloi Rivard
5beee67a61
fix: User group deletion without reading User.groups with LDAP backend 2024-05-12 22:28:32 +02:00
Éloi Rivard
0e6e4d0cb9
tests: fix CI 2024-05-07 17:36:32 +02:00
Éloi Rivard
4e99eaecea
tests: remove SQLAlchemy warnings on double deletions 2024-05-07 16:19:50 +02:00
Éloi Rivard
e44b2bf469
tests: fix CI 2024-05-03 22:35:57 +02:00
Éloi Rivard
473a262ea2
refactor: move BackendModel.reload to Backend.reload 2024-05-03 22:25:20 +02:00
Éloi Rivard
2ccdaeadf6
refactor: move BackendModel.delete to Backend.delete 2024-05-03 22:22:08 +02:00
Éloi Rivard
09588e0f48
refactor: move BackendModel.save to Backend.save 2024-05-03 22:22:06 +02:00
Éloi Rivard
44573713ed
refactor: move BackendModel.get to Backend.get 2024-05-03 21:54:03 +02:00
Éloi Rivard
8425b2a3b8
refactor: move BackendModel.query to Backend.query 2024-05-03 21:42:54 +02:00
Éloi Rivard
4ce9f77a14
tests: use time-travel instead of freezegun 2024-05-02 10:26:32 +02:00
Éloi Rivard
69019763d4
feat: group member removal can be achieved from the group edition page 2024-04-28 19:47:57 +02:00
Éloi Rivard
dc89a20b11
chore: configure ruff 2024-04-23 22:12:04 +02:00
Éloi Rivard
f9989a960b
feat: locked users cannot be impersonated 2024-04-12 12:12:08 +02:00
Éloi Rivard
565d57a887
tests: split test_account.py 2024-04-12 11:23:51 +02:00
Éloi Rivard
4037c296cf
fix: JAVASCRIPT and HTMX configuration settings were ignored 2024-04-09 12:07:00 +02:00
Éloi Rivard
920395c27f
feat: sign in/out events are logged in #177 2024-04-09 10:04:26 +02:00
Éloi Rivard
053156ec18
feat: additional messages on password endpoint errors 
when attempt_login is not found on the session, add a warning to be
displayed on the login page after redirection
 2024-04-09 09:20:38 +02:00
Éloi Rivard
5aaccca4cf
fix: display an error message when trying to remove the last user from a group 2024-04-08 14:44:15 +02:00
Éloi Rivard
fe2665ae32
fix: LDAP user group removal 2024-04-08 14:15:28 +02:00
Éloi Rivard
88832b5b3b
refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 20:17:15 +02:00