globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2162 commits 5 branches 57 tags 18 MiB
Commit graph

205 commits

Author SHA1 Message Date
Éloi Rivard
4181614364
chore: fix first login text mail message 2024-12-05 13:24:03 +01:00
Éloi Rivard
6d8799d052
refactor: use the Features class to know if a feature is available 
instead of simply looking at the configuration
 2024-12-05 12:20:30 +01:00
sebastien
354ffc4b94 replaces http://127.0.0.1:5000 by {{ site_url }} 2024-11-26 13:37:28 +01:00
Éloi Rivard
3ecda0ceab
doc: password compromission details 2024-11-21 10:43:31 +01:00
Éloi Rivard
19159c5a80
refactor: use @example.com for email placeholders 2024-11-20 23:42:58 +01:00
sebastien yaal
734f2a85ac Merge branch 'main' into '179-check-passwords-on-compromised-password-databases' 
# Conflicts:
#   canaille/translations/messages.pot
 2024-11-19 14:38:12 +00:00
sebastien
d9f01fef6e hotfix 2024-11-19 13:56:07 +01:00
sebastien
b49f1df395 Adds configuration variable for hibp api url 2024-11-19 11:20:25 +01:00
sebastien
9b8f8e9cd4 updates configuration and config.sample and demo config files toinclude new parameters. adds new tests for configuration condition. 2024-11-15 16:28:21 +01:00
sebastien
738ea3a5ac adds description on ENABLE_PASSWORD_COMPROMISSION_CHECK config setting 2024-11-13 16:22:50 +01:00
sebastien
ae9c1309b9 adds pre-visualization mail buttons when api request on HIBP have failed in canaille/core/templates/mails/admin.html 2024-11-13 16:20:30 +01:00
sebastien
2a57a05155 adds configuration option set by default False to check password compromise 2024-11-13 16:12:50 +01:00
Éloi Rivard
08e0dd47bd
fix: disable the mail sending test when no SMTP server is configured 2024-11-13 10:58:11 +01:00
sebastien
ea24f96e85 adds new config variable in case there is no default admin group in ACL/ADMIN/FILTER 2024-11-12 16:50:00 +01:00
sebastien
9844818280 Merge branch '179-check-passwords-on-compromised-password-databases' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 10:34:12 +01:00
sebastien
e6a9f2dcc6 Merge branch 'main' of gitlab.com:yaal/canaille into 179-check-passwords-on-compromised-password-databases 2024-11-07 09:15:29 +01:00
Éloi Rivard
6c4ef023cb
fix: disable zxcvbn for Python 3.13 
https://github.com/fief-dev/zxcvbn-rs-py/issues/2
 2024-11-06 19:23:43 +01:00
sebastien
289176a086 replaces 'pwned' by 'compromised' 2024-11-06 15:57:51 +01:00
sebastien
fa3a5f6616 gets the emails of each admin to send them the compromised_password_check_failure_mail 2024-11-06 12:56:35 +01:00
Éloi Rivard
fe8e1160ab
refactor: move session related methods in a dedicated file 2024-11-06 09:10:43 +01:00
sebastien
9708809714 updates file names, variable names to be clearer. 2024-11-05 16:18:45 +01:00
sebastien
ca7f718353 adds mail sending to admin if failure of api HIBP request to check if password is compromised 2024-11-05 15:43:15 +01:00
sebastien
0acbb40ecd consumes haveibeenpwned API directly 2024-11-04 08:55:55 +01:00
sebastien yaal
a4bd03f71c feat: password strength indicator 2024-10-28 21:17:47 +00:00
Éloi Rivard
0b51b01031
refactor: apply ruff migrations for python 3.10+ 2024-10-28 09:13:00 +01:00
Félix Rohrlich
603eab0b3c refactor : added proper security logging level and refactored change email logging 2024-10-21 11:17:55 +02:00
Félix Rohrlich
038e6c094e feat: Added security logs for email update, forgotten password mail, token emission/refresh/revokation, new consent, consent revokation #177 2024-10-14 14:04:39 +02:00
Félix Rohrlich
545fb2d342 feat: change password events are logged in #177 2024-10-09 15:55:01 +02:00
Éloi Rivard
b14cc2b5ad
refactor: separate the loading of User permissions 2024-09-18 10:00:58 +02:00
Éloi Rivard
813640fef9
refactor: User.can_read do not call private vars 
so they get a chance to be loaded if needed
 2024-09-17 19:58:07 +02:00
Éloi Rivard
cfabcc485c
chore: automitaclly fix typos 2024-09-11 09:33:42 +02:00
Éloi Rivard
0cbaa3b3bc
feat: more blocks for theming firstlogin, forgotten-password and 
reset-password pages
 2024-05-21 18:08:44 +02:00
Éloi Rivard
61da0683bd
feat: more blocks for theming login and password pages 2024-05-21 17:17:48 +02:00
Éloi Rivard
b46102bb75
fix: crash for passwordless users at login when no SMTP server was configured 2024-05-14 23:15:41 +02:00
Éloi Rivard
3fb5d0149d
fix: SMTP feature can be disabled again 2024-05-14 23:04:32 +02:00
Éloi Rivard
43f9f328a5
refactor: factorize features definition 2024-05-14 22:53:47 +02:00
Éloi Rivard
194147d84e
doc: actually, document enums without any dependency 2024-05-14 09:32:32 +02:00
Éloi Rivard
345177f519
doc: user enum_tools instead of sphinx-auto-enum 2024-05-14 09:05:46 +02:00
Éloi Rivard
e44b2bf469
tests: fix CI 2024-05-03 22:35:57 +02:00
Éloi Rivard
16c3021a8f
refactor: Rename BaseBackend in Backend 2024-05-03 22:25:20 +02:00
Éloi Rivard
473a262ea2
refactor: move BackendModel.reload to Backend.reload 2024-05-03 22:25:20 +02:00
Éloi Rivard
2ccdaeadf6
refactor: move BackendModel.delete to Backend.delete 2024-05-03 22:22:08 +02:00
Éloi Rivard
09588e0f48
refactor: move BackendModel.save to Backend.save 2024-05-03 22:22:06 +02:00
Éloi Rivard
44573713ed
refactor: move BackendModel.get to Backend.get 2024-05-03 21:54:03 +02:00
Éloi Rivard
ccde88b1bf
refactor: BackendModel.get() is now Backend.instance 2024-05-03 21:46:28 +02:00
Éloi Rivard
8425b2a3b8
refactor: move BackendModel.query to Backend.query 2024-05-03 21:42:54 +02:00
Éloi Rivard
98b26ee6f3
fix: translatable f-string 2024-05-01 18:39:59 +02:00
Éloi Rivard
69019763d4
feat: group member removal can be achieved from the group edition page 2024-04-28 19:47:57 +02:00
Éloi Rivard
ebcaaeaded
tests: fix GHA 
For some reasons, webp mimetypes failed to be guessed on GHA.
 2024-04-27 14:06:20 +02:00
Éloi Rivard
dc89a20b11
chore: configure ruff 2024-04-23 22:12:04 +02:00