Commit Graph

33 Commits

Author SHA1 Message Date
Clement Michaud
dacdce6c50 Implement session inactivity timeout
This timeout will prevent an attacker from using a session that has been
inactive for too long.
This inactivity timeout combined with the timeout before expiration makes a
good combination of security mechanisms to prevent session theft.

If no activity timeout is provided, then the feature is disabled and only
session expiration remains as a protection.
2017-10-31 07:27:23 +01:00
Clement Michaud
b9fa786df6 Refactor endpoints to get server variables as input parameters
This refactoring aims to ease testability and clean up a lot of soft touchy
typings in test code.

This is the first step of this refactoring introducing the concept and
implementing missing interfaces and stubs. At the end of the day,
ServerVariablesHandler should completely disappear and every variable should
be injected in the endpoint handler builder itself.
2017-10-31 07:26:53 +01:00
Clément Michaud
15615b2741 Merge branch 'develop' into publish-develop-to-docker 2017-10-15 22:49:58 +02:00
Clement Michaud
e8e8c8f7da Publish 'develop' tag to dockerhub 2017-10-15 22:48:56 +02:00
Clement Michaud
e8a1e7c52c Remove configuration schema from source since it is generated 2017-10-15 22:17:36 +02:00
Clement Michaud
8cf58d7b31 Add tests on headers forwarded to backend
Ensure Remote-User and Remote-Groups can be forwarded to the backend app.
2017-10-14 22:11:56 +02:00
Clement Michaud
09b4bcadd4 Deploy latest along with release tag
Prior to this fix, every master commits was released to Dockerhub under latest
tag and tagged commit was released with a version tag in Dockerhub.
'Latest' tag in dockerhub should reference the latest released version and not
the head of master branch.

Thus, after this fix, 'latest' tag references the latest released version of
Authelia and 'master' tag references the head of master git branch.
2017-10-08 18:56:18 +02:00
Clement Michaud
bf56e378e0 Fail docker publication when login to docker fails 2017-10-08 16:11:05 +02:00
Clement Michaud
d8ff186303 Split client and server
Client and server now have their own tsconfig so that the transpilation is only
done on the part that is being modified.

It also allows faster transpilation since tests are now excluded from tsconfig.
They are compiled by ts-node during unit tests execution.
2017-10-07 00:49:42 +02:00
Clement Michaud
4cd78f3f83 Add SMTP notifier as an available option in configuration
One can now plug its own SMTP server to send notifications
for identity validation and password reset requests.

Filesystem has been removed from the template configuration file
since even tests now use mail catcher (the fake webmail) to
retrieve the email and the confirmation link.
2017-09-24 23:20:45 +02:00
Clement Michaud
7128970a53 Add redirection URL as a query parameter during authentication
Before this fix, the redirection URL was stored in the user session,
but this has a big drawback since user could open several pages in
browser and thus override the redirection URL leading the user to
be incorrectly redirected.
2017-09-22 17:53:18 +02:00
FrozenDragoon
489dbf9e30 Merge branch 'master' into feature-dockercompose 2017-09-11 13:28:39 -05:00
Clement Michaud
f4926ac138 Fix npm package missing dist directory 2017-09-09 00:43:19 +02:00
FrozenDragoon
e644fe7b7b Split example scripts, allow running example using pre-built docker container (example-dockerhub) or build build from source, as it is now (example-commit). 2017-09-05 06:32:50 -05:00
Clement Michaud
20536abf8b Introduce LDAP filters to search users and groups for more flexibility. 2017-09-02 22:38:26 +02:00
Clement Michaud
c12a085f8e Replace mocha integration tests by cucumber tests 2017-07-31 22:20:33 +02:00
Clement Michaud
e45ac39c8f Add Mongo as scalable and resilient storage backend 2017-07-31 00:29:00 +02:00
Clement Michaud
a64dbe08f8 Fix dev environment deployment when watching with Gruntfile 2017-07-17 22:37:34 +02:00
Clement Michaud
c648a482d7 Tests deployment commands provided to users in README 2017-07-16 16:20:59 +02:00
Clement Michaud
7fd0f8e144 Fix example deployment script 2017-07-16 16:20:26 +02:00
Clement Michaud
74cbfc637b Add system tests to test the example from end user point of view 2017-07-16 14:55:01 +02:00
Clement Michaud
8f152d2328 Fix example environment 2017-07-14 19:05:42 +02:00
Clement Michaud
d87b21fec0 Fix service checking in travis after adding redis service 2017-07-14 00:53:26 +02:00
Clement Michaud
f516aaf243 Adding one integration test for redis 2017-07-14 00:25:11 +02:00
Clement Michaud
e56c2492ed Fix integration test and package Travis scripts 2017-06-29 13:09:08 +02:00
Clement Michaud
1a6f3137eb npm install breaks because it does not find entrypoint file 2017-06-19 10:14:08 +02:00
Clement Michaud
a84efdb8be Test npm deployment in CI 2017-06-16 21:11:54 +02:00
Clement Michaud
0d58d5bf23 Choose deployment based on tag or master branch depending on Travis env vars 2017-06-01 22:46:42 +02:00
Clement Michaud
bf266648e1 Add more logs to the docker deployment script 2017-06-01 22:35:37 +02:00
Clement Michaud
3b619bf034 Add logs to the docker deployment script 2017-06-01 22:32:35 +02:00
Clement Michaud
96811c093b Tag docker image before pushing it to dockerhub 2017-06-01 22:22:48 +02:00
Clement Michaud
2dd64de2ed Adding docker-publish script to set of deployment scripts 2017-06-01 22:16:19 +02:00
Clement Michaud
8d662c1591 Install libgif-dev in travisci environment 2017-01-28 22:54:27 +01:00