Commit Graph

3087 Commits

Author SHA1 Message Date
Aram Akhavan
5b3fa1fffb
docs: consistent naming for configuration file (#2626)
* change all instances (file names and docs) of "config.template.yml" to "configuration.template.yml" so its consistent with the expectations of the Dockerfile

* Keep config.template.yml named as is

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>

* Update index.html

* revert filename changes and add a note about docker

* refactor: apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-12-02 15:50:05 +11:00
James Elliott
a79e4dc592
fix(storage): duo/u2f upsert failure on postgresql (#2658)
This replaces the standard duo_devices upsert with a PostgreSQL specific one and ensures the u2f_devices upsert uses the new unique key for the ON CONFLICT check.
2021-12-02 15:16:45 +11:00
James Elliott
bf9ab360bd
refactor(handlers): utilize referer for auth logging rm/rd (#2655)
This utilizes the referrer query parameters instead of current request query parameters for logging the requested URI and method. Minor performance improvements to header peek/sets.
2021-12-02 13:21:46 +11:00
James Elliott
f3f3b31b12
refactor(storage): totp_configurations table (#2657)
Rename column totp_period to period.
2021-12-02 12:24:10 +11:00
James Elliott
2075e76015
fix(storage): new auth log schema request method length (#2656)
This is a fix to the authentication_logs schema that prevents the VARCHAR from being insufficient for HTTP request methods such as PATCH, DELETE, OPTIONS, CONNECT.
2021-12-02 11:36:04 +11:00
renovate[bot]
6aed9f9561
build(deps): update dependency jest to v27.4.3 (#2651)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-02 10:14:48 +11:00
renovate[bot]
26eac00647
build(deps): update module github.com/mitchellh/mapstructure to v1.4.3 (#2653)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-02 08:56:17 +11:00
James Elliott
7df242f1e3
refactor: remove ioutil (#2635)
Was deprecated in 1.16 and has more performant options available.
2021-12-02 00:14:15 +11:00
James Elliott
8a12af97ab
refactor: remove previously deprecated options (#2629)
This removes the deprecated logging, host, port, and tls options per our deprecation policy.
2021-12-02 00:01:32 +11:00
James Elliott
ad8e844af6
feat(totp): algorithm and digits config (#2634)
Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm).

Fixes #1226.
2021-12-01 23:11:29 +11:00
Philipp Staiger
01b77384f9
feat(duo): multi device selection (#2137)
Allow users to select and save the preferred duo device and method, depending on availability in the duo account. A default enrollment URL is provided and adjusted if returned by the duo API. This allows auto-enrollment if enabled by the administrator.

Closes #594. Closes #1039.
2021-12-01 14:32:58 +11:00
renovate[bot]
08b6ecb7b1
build(deps): update dependency jest to v27.4.2 (#2648)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-01 09:01:04 +11:00
James Elliott
ee14fcf3cb
docs: fix tables (#2647) 2021-11-30 22:36:16 +11:00
James Elliott
ab8f9b0697
fix(notifier): force use of sender email in smtp from cmd (#2616)
This change addresses an issue with the usage of the full sender configuration option in the MAIL FROM SMTP command. If a user includes a name in the sender this shouldn't be sent in the MAIL FROM command, instead we should extract it and use just the email portion.

Fixes #2571
2021-11-30 22:15:21 +11:00
renovate[bot]
568f210b2b
build(deps): update dependency jest to v27.4.1 (#2646)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-30 21:31:00 +11:00
James Elliott
9ceee6c660
feat(storage): only store identity token metadata (#2627)
This change makes it so only metadata about tokens is stored. Tokens can still be resigned due to conversion methods that convert from the JWT type to the database type. This should be more efficient and should mean we don't have to encrypt tokens or token info in the database at least for now.
2021-11-30 17:58:21 +11:00
renovate[bot]
b1d37d2069
build(deps): update dependency @types/node to v16.11.11 (#2644)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-30 14:13:26 +11:00
renovate[bot]
923df2cb46
build(deps): update typescript-eslint monorepo to v5.5.0 (#2643)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-30 10:41:28 +11:00
renovate[bot]
7ea352b730
build(deps): update dependency jest to v27.4.0 (#2642)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-30 10:26:13 +11:00
renovate[bot]
a85a1b68b9
build(deps): update module github.com/jackc/pgx/v4 to v4.14.1 (#2641)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-30 09:33:09 +11:00
James Elliott
bc3b0fda35
feat(regulator): enhance authentication logs (#2622)
This adds additional logging to the authentication logs such as type, remote IP, request method, redirect URL, and if the attempt was done during a ban. This also means we log attempts that occur when the attempt was blocked by the regulator for record keeping purposes, as well as record 2FA attempts which can be used to inform admins and later to regulate based on other factors.

Fixes #116, Fixes #1293.
2021-11-29 14:09:14 +11:00
renovate[bot]
d45dac39b9
build(deps): update dependency vite-plugin-istanbul to v2.3.0 (#2637)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-27 09:52:44 +11:00
renovate[bot]
6ea5711f91
build(deps): update dependency prettier to v2.5.0 (#2633)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-26 13:12:09 +11:00
James Elliott
87f3cf71c1
docs(oidc): provide beta intentions clarification and fix typo (#2632) 2021-11-25 16:11:31 +11:00
James Elliott
347bd1be77
feat(storage): encrypted secret values (#2588)
This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330.

Closes #682
2021-11-25 12:56:58 +11:00
renovate[bot]
eb94960348
build(deps): update dependency @types/react to v17.0.37 (#2630)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-25 09:42:51 +11:00
renovate[bot]
290e3f7aaa
build(deps): update alpine docker tag to v3.15.0 (#2631)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-25 08:46:44 +11:00
renovate[bot]
4d64b64a53
build(deps): update module github.com/knadh/koanf to v1.3.3 (#2628)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-25 03:05:35 +11:00
renovate[bot]
c128359c74
build(deps): update haproxy docker tag to v2.5.0 (#2624)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-24 11:36:46 +11:00
renovate[bot]
a05b03a3d8
build(deps): update dependency @types/node to v16.11.10 (#2623)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-24 10:53:16 +11:00
renovate[bot]
06d47d37fa
build(deps): update dependency @testing-library/jest-dom to v5.15.1 (#2620)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-24 09:56:18 +11:00
renovate[bot]
3c230bbcc4
build(deps): update module github.com/jmoiron/sqlx to v1.3.4 (#2619) 2021-11-23 21:00:13 +11:00
James Elliott
3695aa8140
feat(storage): primary key for all tables and general qol refactoring (#2431)
This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database.

Fixes #1337
2021-11-23 20:45:38 +11:00
renovate[bot]
884dc99083
build(deps): update module github.com/jackc/pgx/v4 to v4.14.0 (#2618)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-23 10:45:39 +11:00
renovate[bot]
ef8b93d502
build(deps): update dependency @vitejs/plugin-react to v1.1.0 (#2617)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-23 10:28:13 +11:00
renovate[bot]
5807a05a2c
build(deps): update dependency @types/react to v17.0.36 (#2614)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-22 10:43:05 +11:00
renovate[bot]
9b6ba84b30
build(deps): update dependency eslint-plugin-react to v7.27.1 (#2613)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-19 22:26:09 +11:00
renovate[bot]
3579c1075a
build(deps): update dependency @types/node to v16.11.9 (#2612)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-19 21:59:02 +11:00
renovate[bot]
f8f6e8dfc9
build(deps): update dependency @types/node to v16.11.8 (#2611)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-19 09:25:26 +11:00
Amir Zarrinkafsh
dbbb506fa5
ci(buildkite): fix missing commit in build-info for authelia aur package (#2609) 2021-11-18 11:57:11 +11:00
renovate[bot]
d04706eb2e
build(deps): update dependency typescript to v4.5.2 (#2607) 2021-11-18 07:59:28 +11:00
renovate[bot]
7fe948c180
build(deps): update commitlint monorepo to v15 (#2606) 2021-11-17 20:52:40 +11:00
renovate[bot]
52b1ce5ba5
build(deps): update dependency @types/react to v17.0.35 (#2605)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-16 13:56:58 +11:00
renovate[bot]
9c7122a770
build(deps): update typescript-eslint monorepo to v5.4.0 (#2604)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-16 08:33:14 +11:00
renovate[bot]
036bdd8fa5
build(deps): update github.com/duosecurity/duo_api_golang commit hash to 72da735 (#2603) 2021-11-16 07:36:48 +11:00
Amir Zarrinkafsh
0be883befb
feat: customizable static assets (#2597)
* feat: customizable static assets

This change provides the means to override specific assets from the embedded Go FS with files situated on disk.

We only allow overriding the following files currently:
* favicon.ico
* logo.png

* refactor(server): make logo string a const

* refactor(suites): override favicon and use ntp3 in traefik2 suite

* test(suites): test logo override in traefik2 suite

* test(suites): test asset override fallback in traefik suite

Closes #1630.
2021-11-15 19:37:58 +11:00
renovate[bot]
417d421b9a
build(deps): update dependency @vitejs/plugin-react to v1.0.9 (#2601) 2021-11-14 08:55:44 +11:00
renovate[bot]
a8d56da460
build(deps): update dependency vite-plugin-svgr to v0.6.0 (#2600) 2021-11-13 23:17:56 +11:00
renovate[bot]
50f9dc6a4c
build(deps): update alpine docker tag to v3.14.3 (#2599) 2021-11-13 11:04:11 +11:00
James Elliott
7efcac6017
fix(session): use crypto/rand for session id generator (#2594)
This adjusts the session ID generator making it use it's own random function rather than using one from the utils lib. This allows us to utilize crypto/rand or math/rand interchangeably. Additionally refactor the utils.RandomString func.
2021-11-11 20:13:32 +11:00