Commit Graph

181 Commits

Author SHA1 Message Date
allcontributors[bot]
ac329c53e3
docs: add mardom1 as a contributor (#1804)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-03-11 12:15:31 +11:00
allcontributors[bot]
8191ca2330
docs: add dchidell as a contributor (#1803)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-03-11 12:13:22 +11:00
allcontributors[bot]
28922c762b
docs: add except as a contributor (#1802)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-11 12:11:09 +11:00
James Elliott
c310049faa
refactor(authentication): use crypto constant time compare (#1800)
* refactor(authentication): use crypto constant time compare

Improve security with usage of the crypto/subtle ConstantTimeCompare() method for hash comparison.

Fixes #1799

* docs: add explicit labels for chat types
2021-03-11 12:08:49 +11:00
allcontributors[bot]
2f4724e7f9
docs: add ThinkChaos as a contributor (#1761)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-02-24 10:39:37 +11:00
Amir Zarrinkafsh
8c79e6beca
ci(buildkite): utilise conventional-changelog for release notes (#1714)
Instead of generating our changelog based on crude modifications utilising git log we now utilise conventional-changelog.

conventional-changelog utilises the angular commit structure to categorise and display the changelog for 3 types (fix,feat,perf) and each of the change scopes are identified in the changelog too.

An example of the output for v4.26.0 can be found below:

# [4.26.0](https://github.com/authelia/authelia/compare/v4.25.2...v4.26.0) (2021-02-02)

### Bug Fixes

* **handlers:** refresh user details on all domains ([#1642](https://github.com/authelia/authelia/issues/1642)) ([60ff16b](60ff16b518))

### Docker Container
* `docker pull authelia/authelia:4.26.0`
2021-02-12 14:00:36 +11:00
allcontributors[bot]
1733762f68
docs: add knnnrd as a contributor (#1703)
* docs: update README.md [skip ci]
* docs: update .all-contributorsrc [skip ci]

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-05 14:41:39 +11:00
allcontributors[bot]
b963e3c9a0
docs: add laurivosandi as a contributor (#1702)
* docs: update README.md [skip ci]
* docs: update .all-contributorsrc [skip ci]

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-05 14:37:34 +11:00
allcontributors[bot]
eec6a626af
docs: add TheCatLady as a contributor (#1701)
* docs: update README.md [skip ci]
* docs: update .all-contributorsrc [skip ci]
* fix skipCi option

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-05 14:30:44 +11:00
Amir Zarrinkafsh
e091032279
docs: update contribution guidelines (#1666)
* docs: update contribution guidelines

* add release commit message type

* update none/empty scope definition

* add go mod tidy post update option
2021-01-30 19:29:07 +11:00
Amir Zarrinkafsh
87af0d3112
[DOCS] Update contributors (#1623)
This change also modifies the contributors to introduce [All Contributors](https://allcontributors.org/).
2021-01-22 14:24:25 +11:00
Andrew Kliskey
6b719ea226
[DOCS] Specify docker tag for readme badges (#1593)
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-01-13 12:48:57 +11:00
Amir Zarrinkafsh
e5504fa918
[MISC] Add Buildkite logo to badge (#1554) 2020-12-22 12:29:50 +11:00
Amir Zarrinkafsh
52e6435896
[DOCS] Add Discord badge to README.md (#1542)
* [DOCS] Add Discord badge to README.md

* add to contact section

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-16 12:08:51 +11:00
Clément Michaud
ea879dc83d
[DOCS] Add a section explaining why Authelia is open source (#1134)
* [DOCS] Add a section explaining why Authelia is open source.

* Apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>

* Move the Why Open Source? section.
2020-06-21 00:37:47 +10:00
Clément Michaud
6f96e4b119
[DOCS] Add FreeBSD Port as deployment option in README (#1133)
* [DOCS] Add FreeBSD Port as deployment option in README.

* Apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-21 00:22:15 +10:00
fossabot
fdb7edb054
[MISC] Add license scan report and status (#1064)
* Add license scan report and status

Signed off by: fossabot <badges@fossa.com>

* Update README.md

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-02 10:09:31 +10:00
Clément Michaud
d6bea97a93
[DOCS] Add a roadmap section to the documentation. (#1062)
* [DOCS] Add a roadmap section to the documentation.

Adding the roadmap will likely help people figure out what are the next big
topics that might be missing for them to take the leap and use Authelia.
Maybe some users are also waiting for a feature to unlock some use cases.

* Apply suggestions from code review

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-06-01 16:55:58 +10:00
James Elliott
3f374534ab
[FEATURE] Automatic Profile Refresh - LDAP (#912)
* [FIX] LDAP Not Checking for Updated Groups

* refactor handlers verifyFromSessionCookie
* refactor authorizer selectMatchingObjectRules
* refactor authorizer isDomainMatching
* add authorizer URLHasGroupSubjects method
* add user provider ProviderType method
* update tests
* check for new LDAP groups and update session when:
  * user provider type is LDAP
  * authorization is forbidden
  * URL has rule with group subjects

* Implement Refresh Interval

* add default values for LDAP user provider
* add default for refresh interval
* add schema validator for refresh interval
* add various tests
* rename hasUserBeenInactiveLongEnough to hasUserBeenInactiveTooLong
* use Authelia ctx clock
* add check to determine if user is deleted, if so destroy the
* make ldap user not found error a const
* implement GetRefreshSettings in mock

* Use user not found const with FileProvider
* comment exports

* use ctx.Clock instead of time pkg

* add debug logging

* use ptr to reference userSession so we don't have to retrieve it again

* add documenation
* add check for 0 refresh interval to reduce CPU cost
* remove badly copied debug msg

* add group change delta message

* add SliceStringDelta
* refactor ldap refresh to use the new func

* improve delta add/remove log message

* fix incorrect logic in SliceStringDelta
* add tests to SliceStringDelta

* add always config option
* add tests for always config option
* update docs

* apply suggestions from code review

Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>

* complete mocks and fix an old one
* show warning when LDAP details failed to update for an unknown reason

* golint fix

* actually fix existing mocks

* use mocks for LDAP refresh testing

* use mocks for LDAP refresh testing for both added and removed groups

* use test mock to verify disabled refresh behaviour
* add information to threat model
* add time const for default Unix() value

* misc adjustments to mocks

* Suggestions from code review

* requested changes
* update emails
* docs updates
* test updates
* misc

* golint fix

* set debug for dev testing

* misc docs and logging updates

* misc grammar/spelling

* use built function for VerifyGet

* fix reviewdog suggestions

* requested changes

* Apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-04 21:39:25 +02:00
James Elliott
e95c6a294d
[HOTFIX] Prevent Username Enumeration (#950)
* [HOTFIX] Prevent Username Enumeration

* thanks to TheHllm for identifying the bug: https://github.com/TheHllm
* temporarily prevents username enumeration with file auth
* proper calculated and very slightly random fix to come

* closely replicate behaviour

* allow error to bubble up

* Synchronize security documentation.

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-05-02 00:32:09 +02:00
Clément Michaud
f92480b44b
[DOCS] Add SECURITY.md and update README.md. (#906)
* Add SECURITY.md and update README.md.

* Align README.md and SECURITY.md with the security documentation.
2020-04-24 10:29:30 +10:00
Amir Zarrinkafsh
9eb9d107f1
[DEPRECATE] Remove migration tools from latest version of Authelia (#894)
* [DEPRECATE] Remove migration tools from latest version of Authelia
Also update references to point to container version 4.14.2 for any of the migration examples.

* [DOCS] Remove v4 release statement in README.md
2020-04-22 13:55:30 +10:00
jess
aae665eff2
[MISC] Activating Open Collective (#601)
* Added financial contributors to the README

* Update README.md

* Update README.md

* Add logos to README.md

* Update README.md

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-09 00:10:33 +02:00
Amir Zarrinkafsh
a71ca1903d
[RELEASE] v4.11.0 (#810) 2020-04-01 10:53:48 +11:00
Amir Zarrinkafsh
5fc3b26cf5
[RELEASE] v4.10.0 (#799) 2020-03-31 12:04:22 +11:00
Amir Zarrinkafsh
6f116202f4
[RELEASE] v4.9.1 (#790) 2020-03-28 19:53:03 +11:00
Amir Zarrinkafsh
85cd75ffdf
[DOCS] Minor tweaks for compose bundles (#786) 2020-03-27 11:51:16 +11:00
Amir Zarrinkafsh
e843a52a04
[Docker] Include docker-compose.yml examples to run Authelia (#642)
* [Docker] Create Lite docker-compose.yml example

* [Docker] Update README.md with 3 compose bundles {Local,Lite,Full}

* [DOCS] Update Traefik2 proxy example

* [Docker] Create Local docker-compose.yml example

* [MISC] Update examples to utilise Traefik 2.2
This change enables global http -> https redirection.

* [Docker] Update Local compose to utilise loopback address

* [Docker] Drop compose version to 3.3 to cater for more distros

* [DOCS] Adjust Getting Started

* [Docker] Tweak Local bundle setup for OSX

* [Docker] Optimise setup.sh for Local bundle

* [Docker] Fix read-only mounting of user database

* [DOCS] Implement feedback for compose bundles

* [DOCS] Provide feedback on self-signed certificates

* [DOCS] Implement additional feedback for compose bundles

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-03-27 10:43:10 +11:00
James Elliott
c366233152
[RELEASE] v4.9.0 (#780) 2020-03-25 13:24:12 +11:00
Clément Michaud
8dc1f898d8
[RELEASE] v4.8.0 (#765) 2020-03-21 15:22:49 +01:00
Amir Zarrinkafsh
4f95865d56
[RELEASE] v4.7.2 (#714) 2020-03-16 20:32:06 +11:00
Amir Zarrinkafsh
7145ccc228
[RELEASE] v4.7.1 (#712) 2020-03-15 23:41:56 +11:00
Amir Zarrinkafsh
c575fda619
[RELEASE] v4.7.0 (#708) 2020-03-15 19:07:02 +11:00
Clément Michaud
aea1728afc
[RELEASE] v4.6.0 (#688) 2020-03-06 22:26:25 +01:00
James Elliott
c358ccca51
[RELEASE] v4.5.1 (#672) 2020-03-01 12:51:26 +11:00
Clément Michaud
b5a9e0f047
[DOCS] Update links in README to reference docs.authelia.com. (#667)
* [DOCS] Update links in README to reference docs.authelia.com.

* Move report section of security to the top level page.

* Fix ordering of sub-pages of 2FA feature.
2020-03-01 00:27:23 +01:00
Amir Zarrinkafsh
ac313ac89b
[DOCS] Update from Microbadger to shields.io docker badges (#666) 2020-03-01 00:12:23 +11:00
Clément Michaud
70866825c4
[DOCS] Add pointer to the documentation in README. (#663) 2020-02-29 23:22:43 +11:00
Clément Michaud
7102b258a1
[RELEASE] v4.5.0 (#657) 2020-02-28 01:23:53 +01:00
Amir Zarrinkafsh
fc526bc927
[RELEASE] 4.4.0 2020-02-19 10:01:34 +11:00
Amir Zarrinkafsh
f1a89de2e7
[MISC] Restructure repo folder layout (#628) 2020-02-09 18:04:27 +01:00
Clément Michaud
c2c4d9da79
Add a goreport card badge (#627) 2020-02-07 17:59:12 +01:00
Clement Michaud
9b99420ca0 4.3.0 2020-02-05 09:51:36 +01:00
Clément Michaud
426b29c382
[MISC] Add a CONTRIBUTING.md to the project. (#604) 2020-02-01 22:05:43 +11:00
Amir Zarrinkafsh
e646323555 [MISC] Fix AUR badge links in README.md 2020-01-28 10:06:03 +11:00
Amir Zarrinkafsh
107126929b Update README.md with AUR references and remove CHANGELOG.md (#576)
* Update README.md
Provide badges and references to the AUR for Arch Linux Authelia packages.
Closes #571 #572.

* Add systemd unit file
Include the unit in future release artifacts.

* Remove CHANGELOG.md
As of future releases Changelog details will dynamically be generated.

* Update README.md
Add badge for authelia-git package.

* Update Changelog to only publish explicit Docker tag
Do not include Major and Minor versions, as these will change over time.
2020-01-24 10:21:17 +01:00
Amir Zarrinkafsh
1059551133
Optimise deploy artifacts step (#564)
* Optimise deploy artifacts step
authelia-scripts is not required to publish GitHub artifacts as we utilise [Hub](https://hub.github.com/), this should save ~10 seconds in this step.

* Specify release number in pipeline

* Change buildkite and github published artifacts back to gzip

* Update README.md
2020-01-20 10:53:55 +11:00
Clement Michaud
aafd8fdbd8 Add a sponsorship badge and section to README. 2020-01-19 22:55:37 +01:00
Clement Michaud
99830d95f6 Add a section on vulnerability reporting under security in README. 2020-01-19 22:55:37 +01:00
Clément Michaud
6054addfcc
Update README.md 2020-01-19 00:31:08 +01:00
Amir Zarrinkafsh
68919a3b4e Update README.md
Remove Gitter badge and add Matrix badge, a Matrix <-> Gitter bridge exists to allow communication across the two channels.
2020-01-19 10:28:29 +11:00
Amir Zarrinkafsh
1f684dbc75 Update README.md 2020-01-18 11:17:25 +11:00
Clément Michaud
bb24cf16f7
Update README.md 2020-01-18 00:41:29 +01:00
Amir Zarrinkafsh
9b8be0fef0 Remove Travis and promote Buildkite (#545)
* Remove Travis and promote Buildkite

* Add Docker Size badge to README.md

* Call MicroBadger webhook to update metadata for shields

Add updateMicroBadger function and refactor publishDockerReadme to be called explicitly instead of on every deployManifest call.
2020-01-16 21:57:44 +01:00
Amir Zarrinkafsh
6cd79d0c4b Update README.md for HAProxy references 2020-01-10 11:41:01 +01:00
Amir Zarrinkafsh
fabb76754e
Rename org from clems4ever to authelia
Also fix references from config.yml to configuration.yml
2019-12-24 13:14:52 +11:00
Clement Michaud
f6d2029e2c Introduce architecture schema in the README. 2019-12-10 12:27:42 +01:00
Clement Michaud
d4e236bc66 Update README to announce v4 has been released. 2019-12-09 13:03:12 +01:00
Clément Michaud
778f069013
Update README.md 2019-12-07 14:39:21 +01:00
Clement Michaud
61c1365ba2 Update README and documentation to close refactoring. 2019-12-05 23:20:12 +01:00
Clément Michaud
cdb87522f4
Fix typo in Readme 2019-12-05 11:10:02 +01:00
Clément Michaud
31cf6980cb
Remove reference to package.json 2019-12-05 11:07:28 +01:00
Clément Michaud
02971ff52c
Update README.md 2019-11-20 18:49:37 +01:00
Clement Michaud
eafd9330dc Update documentation to introduce migration scripts. 2019-11-19 00:11:53 +01:00
Amir Zarrinkafsh
51465f8b77 Sync README.md from GitHub to DockerHub after push-manifest 2019-11-10 11:51:24 +01:00
Clément Michaud
0f248a01e9
Update README.md 2019-11-09 12:43:45 +01:00
Clement Michaud
b1d59dcec4 Add documentation on Authelia v4 in README and add a migration document. 2019-10-29 00:40:45 +01:00
Clément Michaud
eee8c59562
Remove reference to CONTRIBUTORS.md in readme. 2019-10-19 18:34:14 +02:00
Clément Michaud
8478216e5d
Update README.md 2019-04-25 13:36:14 +02:00
Clement Michaud
5a195f7ebd Update README to mention nginx and Traefik and update images. 2019-04-17 23:06:56 +02:00
Clément Michaud
e0dab01442
Update README.md 2019-04-17 00:28:31 +02:00
Clement Michaud
743b84aeaa Change license from MIT to Apache 2.0. 2019-04-16 23:40:15 +02:00
Clement Michaud
ab8402314b Add a link to the breaking changes markdown in README. 2019-04-16 22:58:45 +02:00
Clement Michaud
8a76b5118d Add network criteria in ACLs to specify policy based on network subnet. 2019-03-31 20:11:07 +02:00
Clément Michaud
c2810101a4
Update README.md 2019-03-25 09:04:58 +01:00
Clement Michaud
4eaafb7115 Update the documentation to include information on Duo. 2019-03-24 18:45:32 +01:00
Clement Michaud
76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
Clement Michaud
de15dc52dd Add details on how to deploy Authelia in a dev environment.
Also improve some part of the documentation.
2018-11-16 15:30:26 +01:00
Clement Michaud
82e51e1a71 Improve CONTRIBUTE section of the README. 2018-11-15 22:47:27 +01:00
Clement Michaud
fac17671ee Fix broken link to getting-started in README.md 2018-11-03 13:29:06 +01:00
Clement Michaud
6efa6241d3 Fix image in README.md 2018-08-30 11:33:55 +02:00
Clement Michaud
03c6a4072b Add snyk badge. 2018-08-30 11:26:13 +02:00
Clément Michaud
878add767f Update and rename CONTRIBUTORS.md to CONTRIBUTING.md.
Update README.md to reference this new file.
2018-08-29 00:28:20 +02:00
Clement Michaud
91032a1d3c Add back gitter link instead of Slack. 2018-08-28 21:04:57 +02:00
Clement Michaud
5e4c401efe Add Paypal donation buttons in README. 2018-08-27 22:51:41 +02:00
Clément Michaud
a515ce83c7
Refactor README into several documents unders docs directory. (#265) 2018-08-26 23:46:15 +02:00
Clement Michaud
d55a7101f1 Update README to mention kubernetes in the description
Also add a link to the wiki.
2018-05-02 22:12:33 +02:00
Clement Michaud
185419e09e Update README to reference kubernetes deployment documentation 2018-04-25 08:51:43 +02:00
Clement Michaud
6586402114 Support 'redirect' in /api/verify endpoint to support Traefik
Traefik handles auth forwarding but does not manage redirections like Nginx.
Therefore, Authelia must redirect the user and Traefik will forward this
request.

To support both Nginx and Traefik, /api/verify is now configurable with the
'redirect' get parameter. If the verification fails and 'redirect' is not
provided the response will be a 401 error as before.
If the parameter is provided and set to any URL, the response will be a
redirection (302) to this URL.
2017-12-04 22:52:33 +01:00
Clement Michaud
a8974a9d8e Change domain from test.local to example.com
Warning: you will need to update your /etc/hosts to take this change into
account for the example environment to work.
2017-11-03 00:20:10 +01:00
Clement Michaud
009e7c2b78 Add basic authorization support for single-factor protected endpoints
One can now access a service using the basic authorization mechanism. Note the
service must not be protected by 2 factors.

The Remote-User and Remote-Groups are forwarded from Authelia like any browser
authentication.
2017-11-01 19:38:05 +01:00
Clement Michaud
6d11801d56 Change the how-to to build Authelia in the README 2017-10-31 22:11:01 +01:00
Clement Michaud
22d56b1faa Change basicauth.test.local into single_factor.test.local 2017-10-31 07:27:36 +01:00
Clement Michaud
a3560ef8d3 Add possible security measures in README 2017-10-31 07:27:36 +01:00
Clement Michaud
cd0a93f027 Rename authentication method from 'basic_auth' to 'single_factor' 2017-10-31 07:27:36 +01:00
Clement Michaud
0b33982701 Add notes on security measures deployed in Authelia in README 2017-10-16 20:56:26 +02:00
Clément Michaud
d5035b8704 Merge pull request #131 from clems4ever/disable-second-factor
Allow basic authentication in configuration
2017-10-09 23:27:36 +02:00
Clement Michaud
a0aab77449 Add a section dealing with basic auth in README 2017-10-09 01:14:19 +02:00
Clement Michaud
e4274fbe1b Add a note about filesystem notifier option
This note tells the users testing with npm that they can enable the
filesystem notifier feature to test identity validation without access
to mailcatcher webmail.
2017-10-08 22:58:56 +02:00
Clément Michaud
1636fc27e5 Fix bad merge on README.md 2017-09-25 13:32:25 +02:00