globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2341 commits 5 branches 57 tags 18 MiB
Commit graph

231 commits

Author SHA1 Message Date
sebastien
909896077d refacto password validation by adds chanes in class PasswordResetForm instead of in functions, AND readds validators in registration function because of required caracter of the password fields 2024-12-23 10:42:49 +01:00
sebastien
2f1b44d4d9 creates a new function for all password form verifications 2024-12-23 10:42:49 +01:00
sebastien
1d5c4b9fa9 restores comparison between 'password' and 'confirmation' and validators in reset form 2024-12-23 10:42:49 +01:00
sebastien
4bdd2de8f2 restores comparison between 'password' and 'confirmation' in registration form 2024-12-23 10:42:49 +01:00
Éloi Rivard
f56032ec4e
doc: wording 2024-12-22 16:36:37 +01:00
Éloi Rivard
29535d5032
doc: 'PASSWORD_LIFETIME' wording 2024-12-22 16:13:10 +01:00
Éloi Rivard
a20ba92064
refactor: rename 'themes' module in 'templating' 2024-12-22 15:59:09 +01:00
Éloi Rivard
527869b6dd
refactor: use 'mfa' term instead of '2fa' 2024-12-21 23:02:04 +01:00
sebastien
6f219b54e8 updates with new path for templates 2024-12-19 12:25:38 +01:00
sebastien
0fb3d588b9 adds password expiry policy with a new method on User class 2024-12-19 11:20:26 +01:00
Éloi Rivard
ad875455b8
doc: document templates 2024-12-19 10:08:09 +01:00
Éloi Rivard
fe8929d992
refactor: move templates in a common directory 
without this, theming was broken because it needs one single directory
for templates.
 2024-12-19 00:17:03 +01:00
Félix Rohrlich
36c73dd3ef Merge branch '173-intruder-lockout-2' into 'main' 
Implement intruder lockout

Closes #173

See merge request yaal/canaille!194
 2024-12-16 15:32:21 +00:00
Éloi Rivard
9fff4e1f7f
doc: fix invalid references 2024-12-12 22:03:10 +01:00
Éloi Rivard
44c5669d97
doc: prefer 'multi-factor' over 'two-factor' term 2024-12-12 12:04:40 +01:00
Félix Rohrlich
80ef1741a7 feat : Added intruder lockout login delay 2024-12-10 14:23:11 +01:00
Félix Rohrlich
e1d70ef8cd feat : Added sms OTP authentication and multi-factor authentication methods chaining 2024-12-10 11:27:18 +01:00
Félix Rohrlich
6d48ce9043 feat: Added email OTP authentication 2024-12-10 11:27:18 +01:00
Félix Rohrlich
c8e774ab46 refactor: moved reset-mfa cli function and added documentation and test cases for it 2024-12-10 11:27:18 +01:00
Félix Rohrlich
b01e8323d8 feat : Added HOTP authentication and CLI Multi-factor authentication reset 2024-12-10 11:27:18 +01:00
Félix Rohrlich
74e0c8d635 feat : Added time one-time password (TOTP) authentication 2024-12-10 11:27:18 +01:00
Stéphane
83ab381b13 fix: doc: add a missing dot 2024-12-08 20:04:37 +01:00
Éloi Rivard
13a98fda2c
doc: ACL permissions wording 2024-12-08 12:22:41 +01:00
Éloi Rivard
bdb61a5b38
doc: password length configuration wording 2024-12-08 11:58:21 +01:00
Éloi Rivard
e576a51554
doc: avoid ending sentences with :: 2024-12-08 11:36:38 +01:00
Éloi Rivard
f06053b87e
doc: Fix logging configuration wording 2024-12-08 11:27:56 +01:00
Éloi Rivard
4181614364
chore: fix first login text mail message 2024-12-05 13:24:03 +01:00
Éloi Rivard
6d8799d052
refactor: use the Features class to know if a feature is available 
instead of simply looking at the configuration
 2024-12-05 12:20:30 +01:00
sebastien
354ffc4b94 replaces http://127.0.0.1:5000 by {{ site_url }} 2024-11-26 13:37:28 +01:00
Éloi Rivard
3ecda0ceab
doc: password compromission details 2024-11-21 10:43:31 +01:00
Éloi Rivard
19159c5a80
refactor: use @example.com for email placeholders 2024-11-20 23:42:58 +01:00
sebastien yaal
734f2a85ac Merge branch 'main' into '179-check-passwords-on-compromised-password-databases' 
# Conflicts:
#   canaille/translations/messages.pot
 2024-11-19 14:38:12 +00:00
sebastien
d9f01fef6e hotfix 2024-11-19 13:56:07 +01:00
sebastien
b49f1df395 Adds configuration variable for hibp api url 2024-11-19 11:20:25 +01:00
sebastien
9b8f8e9cd4 updates configuration and config.sample and demo config files toinclude new parameters. adds new tests for configuration condition. 2024-11-15 16:28:21 +01:00
sebastien
738ea3a5ac adds description on ENABLE_PASSWORD_COMPROMISSION_CHECK config setting 2024-11-13 16:22:50 +01:00
sebastien
ae9c1309b9 adds pre-visualization mail buttons when api request on HIBP have failed in canaille/core/templates/mails/admin.html 2024-11-13 16:20:30 +01:00
sebastien
2a57a05155 adds configuration option set by default False to check password compromise 2024-11-13 16:12:50 +01:00
Éloi Rivard
08e0dd47bd
fix: disable the mail sending test when no SMTP server is configured 2024-11-13 10:58:11 +01:00
sebastien
ea24f96e85 adds new config variable in case there is no default admin group in ACL/ADMIN/FILTER 2024-11-12 16:50:00 +01:00
sebastien
9844818280 Merge branch '179-check-passwords-on-compromised-password-databases' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 10:34:12 +01:00
sebastien
e6a9f2dcc6 Merge branch 'main' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 09:15:29 +01:00
Éloi Rivard
6c4ef023cb
fix: disable zxcvbn for Python 3.13 
https://github.com/fief-dev/zxcvbn-rs-py/issues/2
 2024-11-06 19:23:43 +01:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
sebastien
fa3a5f6616 gets the emails of each admin to send them the compromised_password_check_failure_mail 2024-11-06 12:56:35 +01:00
Éloi Rivard
fe8e1160ab
refactor: move session related methods in a dedicated file 2024-11-06 09:10:43 +01:00
sebastien
9708809714 updates file names, variable names to be clearer. 2024-11-05 16:18:45 +01:00
sebastien
ca7f718353 adds mail sending to admin if failure of api HIBP request to check if password is compromised 2024-11-05 15:43:15 +01:00
sebastien
0acbb40ecd consumes haveibeenpwned API directly 2024-11-04 08:55:55 +01:00
sebastien yaal
a4bd03f71c feat: password strength indicator 2024-10-28 21:17:47 +00:00