Commit Graph

7 Commits

Author SHA1 Message Date
Clement Michaud
4016ff1bba [BREAKING] Create a suite for Traefik proxy.
* Removal of the Redirect header sent by Authelia /api/verify endpoint.
* Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host
  to compute the link sent in identity verification emails.
* Authelia used Host header as the application name for U2F authentication but it's now using
  X-Forwarded-* headers.
2019-04-12 09:24:54 +02:00
ViViDboarder
0922b3c215 Build x-original-url from forwarded headers
This is to allow broader support for proxies. In particular, this allows
support with Traefik.

This patch also includes some examples of configuration with Traefik.
2019-04-12 09:24:54 +02:00
Clement Michaud
40574bc8ec Fix the bypass strategy.
Before this fix an anonymous user was not able to access a resource
that were configured with a bypass policy. This was due to a useless
check of the userid in the auth session. Moreover, in the case of an
anonymous user, we should not check the inactivity period since there
is no session.

Also refactor /verify endpoint for better testability and add tests
in a new suite.
2019-03-22 23:51:36 +01:00
Clement Michaud
7c3d6cc376 Log what is retrieved from headers to help debugging. 2019-03-22 15:34:38 +01:00
Clement Michaud
48d6107b0b Rename redirect query parameter into rd for compatibility with nginx-ingress 2018-04-24 23:03:09 +02:00
Clement Michaud
9559bff5de Remove artifacts of only_basic_auth query param 2017-10-09 02:03:05 +02:00
Clement Michaud
d8ff186303 Split client and server
Client and server now have their own tsconfig so that the transpilation is only
done on the part that is being modified.

It also allows faster transpilation since tests are now excluded from tsconfig.
They are compiled by ts-node during unit tests execution.
2017-10-07 00:49:42 +02:00