Commit Graph

378 Commits

Author SHA1 Message Date
Clement Michaud
acd5a7a26d Fix compilation and unit tests 2018-05-17 00:06:07 +02:00
Clement Michaud
39555179e4 Bump all dependencies 2018-05-07 23:23:29 +02:00
Clément Michaud
5074b8fdde
Merge pull request #220 from clems4ever/update-readme
Update README to mention kubernetes in the description
2018-05-02 22:32:02 +02:00
Clement Michaud
d55a7101f1 Update README to mention kubernetes in the description
Also add a link to the wiki.
2018-05-02 22:12:33 +02:00
Clément Michaud
efd037134a
Merge pull request #219 from clems4ever/helmet-protection
Add helmet dependency and add it as express middleware
2018-04-26 09:46:24 +02:00
Clement Michaud
4da5402cdf Add helmet dependency and add it as express middleware 2018-04-26 09:07:06 +02:00
Clément Michaud
a1786d8108
Merge pull request #209 from clems4ever/kube
Create configurations to run Authelia on Kube
2018-04-26 09:03:35 +02:00
Clement Michaud
7a13523004 Fix basic authentication and tests 2018-04-25 23:22:41 +02:00
Clement Michaud
185419e09e Update README to reference kubernetes deployment documentation 2018-04-25 08:51:43 +02:00
Clement Michaud
bc72f5c508 Use x-original-url instead of host to deduce domain to check permissions for 2018-04-25 00:41:41 +02:00
Clement Michaud
4be299d6eb Adapt kube example to work without custom nginx template 2018-04-24 23:59:15 +02:00
Clement Michaud
48d6107b0b Rename redirect query parameter into rd for compatibility with nginx-ingress 2018-04-24 23:03:09 +02:00
Clement Michaud
a9a14f8586 Add original nginx-ingress template to compare with the new one 2018-04-24 22:32:56 +02:00
Clement Michaud
7acb097040 Add the configuration files to deploy Authelia in a Kube cluster 2018-04-24 22:32:56 +02:00
Clement Michaud
02293536f3 Move docker-compose configuration in dedicated directory 2018-04-24 22:32:56 +02:00
Clement Michaud
479d7ddc09 3.7.1 2018-04-24 22:12:27 +02:00
Clément Michaud
c0a055175c
Merge pull request #217 from clems4ever/custom-mail-attribute
Attribute mail_attribute is not correcty taken into account
2018-04-24 21:50:11 +02:00
Clement Michaud
bf3705b3e9 Attribute mail_attribute is not correcty taken into account 2018-04-24 21:33:31 +02:00
Clément Michaud
bf11bfbcf8
Merge pull request #212 from clems4ever/local-storage-config
Fix local storage configuration in config template
2018-03-30 00:08:52 +02:00
Clement Michaud
3883af0ecc Fix local storage configuration in config template 2018-03-29 23:50:47 +02:00
Clément Michaud
d0954a202a
Merge pull request #215 from clems4ever/update-npm-deps
Update NPM dependencies
2018-03-29 23:50:02 +02:00
Clement Michaud
a64462d3da Update chrome driver to fix integration tests 2018-03-29 23:20:16 +02:00
Clement Michaud
ae84b05645 Add changelog to the project 2018-03-29 23:09:31 +02:00
Clement Michaud
0b2f6ace83 Fix unit and integration tests 2018-03-29 23:09:29 +02:00
Clement Michaud
a5592252c7 Bump npm dependencies 2018-03-23 10:13:00 +01:00
Clément Michaud
8a1f38f2f1
Merge pull request #204 from clems4ever/verify-redirect
Support 'redirect' parameter in /api/verify endpoint to support Traefik
2017-12-06 13:46:25 +01:00
Clement Michaud
6586402114 Support 'redirect' in /api/verify endpoint to support Traefik
Traefik handles auth forwarding but does not manage redirections like Nginx.
Therefore, Authelia must redirect the user and Traefik will forward this
request.

To support both Nginx and Traefik, /api/verify is now configurable with the
'redirect' get parameter. If the verification fails and 'redirect' is not
provided the response will be a 401 error as before.
If the parameter is provided and set to any URL, the response will be a
redirection (302) to this URL.
2017-12-04 22:52:33 +01:00
Clement Michaud
3f6c375446 3.7.0 2017-11-28 22:40:42 +01:00
Clément Michaud
cbd70d076d
Merge pull request #203 from clems4ever/feature/warn-u2f-requirements
Add links and tooltips at second factor stage to better guide the user
2017-11-28 22:36:20 +01:00
Clement Michaud
cea92ba7d0 Upgrade npm version in travis 2017-11-28 21:56:50 +01:00
Clement Michaud
515a82eb8d Add links and tooltips at second factor stage to better guide the user
A link to U2F explains what is a U2F security key and how they are used.

A tooltip on U2F device registration link is telling the user he needs a
security key to register.
2017-11-28 21:56:50 +01:00
Clément Michaud
8f88f45cb2
Merge pull request #202 from clems4ever/feature/reset-password-enum
Reset password form sends 200 status when user does not exist
2017-11-18 23:32:47 +01:00
Clement Michaud
f47d3c2b0b Reset password form sends 200 status when user does not exist
Reset password sends 200 status codes to avoid user enumeration.
2017-11-18 21:27:07 +01:00
Clément Michaud
792afbc476
Merge pull request #198 from clems4ever/bugfix/firefox-u2f-api
Fix not working u2f when using Firefox
2017-11-09 00:51:21 +01:00
Clement Michaud
ca885e4b15 Fix not working u2f when using Firefox
The u2f-api package does not use the official u2f script provided by Yubikey.
Unfortunately, it was blocked by Firefox.  This change reintroduces the
official u2f script.
2017-11-09 00:21:24 +01:00
Clément Michaud
899246c374
Merge pull request #197 from clems4ever/feature/split-authelia-backend
Create a more real world example with multiple reverse proxies
2017-11-03 00:47:16 +01:00
Clement Michaud
a8974a9d8e Change domain from test.local to example.com
Warning: you will need to update your /etc/hosts to take this change into
account for the example environment to work.
2017-11-03 00:20:10 +01:00
Clement Michaud
bbbffaa3ae Split nginx service into portal, backend and authelia services
This setup is closer to real production infrastructure.
2017-11-03 00:20:10 +01:00
Clement Michaud
b8c8c3bd75 Move docker-compose files to the example directory 2017-11-03 00:20:10 +01:00
Clément Michaud
40a4fd0918
Merge pull request #196 from clems4ever/update-contributors
Add contributors to source and documentation to CONTRIBUTORS.md
2017-11-01 22:44:50 +01:00
Clement Michaud
cfaf5d3562 Add contributors to source and documentation to CONTRIBUTORS.md 2017-11-01 22:13:17 +01:00
Clément Michaud
c734effb84
Merge pull request #195 from clems4ever/feature/reduce-title
Reduce font size and height of header
2017-11-01 22:04:55 +01:00
Clement Michaud
28f9c52355 Reduce font size and height of the header 2017-11-01 21:42:12 +01:00
Clément Michaud
a5da5d790b
Merge pull request #194 from clems4ever/feature/fix-redirection
Fix bad redirection when no default_redirection_url is provided
2017-11-01 21:41:08 +01:00
Clement Michaud
d1f0543ac6 Fix bad redirection when no default_redirection_url is provided 2017-11-01 21:17:43 +01:00
Clément Michaud
b37c0293b8
Merge pull request #193 from clems4ever/feature/support-basic-auth
Add support of basic auth for single-factor protected endpoints
2017-11-01 20:33:09 +01:00
Clement Michaud
009e7c2b78 Add basic authorization support for single-factor protected endpoints
One can now access a service using the basic authorization mechanism. Note the
service must not be protected by 2 factors.

The Remote-User and Remote-Groups are forwarded from Authelia like any browser
authentication.
2017-11-01 19:38:05 +01:00
Clement Michaud
e3e1235755 Fix unhandled error exception thrown by Bluebirds in tests 2017-11-01 16:30:51 +01:00
Clement Michaud
e93b98c1ec Remove unused AuthenticationValidator 2017-11-01 15:35:55 +01:00
Clément Michaud
17a5e2ad6e
Merge pull request #187 from clems4ever/feature/fix-endpoints-restrictions
Fix endpoints redirection on errors
2017-11-01 15:01:23 +01:00