Commit Graph

104 Commits

Author SHA1 Message Date
renovate[bot]
d2c1e6afa5
build(deps): update module yaml to v2.4.0 (#1671)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 14:18:46 +11:00
renovate[bot]
895b69d871
build(deps): update module sirupsen/logrus to v1.7.0 (#1667)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 14:00:57 +11:00
renovate[bot]
cfb1ee020e
build(deps): update module pquerna/otp to v1.3.0 (#1665)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:44:15 +11:00
renovate[bot]
6a0ed57196
build(deps): update module otiai10/copy to v1.4.2 (#1664)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:30:22 +11:00
renovate[bot]
c53e590585
build(deps): update module jackc/pgx/v4 to v4.10.1 (#1663)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:12:26 +11:00
renovate[bot]
0baf8b808a
build(deps): update module fasthttp/router to v1.3.5 (#1662)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:57:08 +11:00
renovate[bot]
158c70a24c
build(deps): update module data-dog/go-sqlmock to v1.5.0 (#1661)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:43:08 +11:00
renovate[bot]
6b1d9d14e7
build(deps): update module golang.org/x/text to v0.3.5 (#1654)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 10:27:33 +11:00
renovate[bot]
ccb7e7e955
build(deps): update module go-ldap/ldap/v3 to v3.2.4 (#1653) 2021-01-31 09:50:01 +11:00
renovate[bot]
a089c03fa3
build(deps): update module valyala/fasthttp to v1.19.0 (#1670)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 21:02:31 +11:00
renovate[bot]
bce802621b
build(deps): update module stretchr/testify to v1.7.0 (#1669)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 20:44:07 +11:00
renovate[bot]
a35d9de242
build(deps): update github.com/duosecurity/duo_api_golang commit hash to 0e07e9f (#1646)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 19:49:12 +11:00
renovate[bot]
1448908e40
build(deps): update github.com/asaskevich/govalidator commit hash to 7a23bdc (#1645)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 18:06:58 +11:00
James Elliott
2763aefe81
[BUGFIX] Static Session Expiration Key (#1564)
* [BUGFIX] Static Session Expiration Key

* keys for session expiration are random for each instance of Authelia
* this is caused by upstream setting it to a random value
* using a temporary bugfix fork of github.com/fasthttp/session to resolve locally
* add some misc doc additions
2020-12-29 12:44:47 +11:00
James Elliott
365304a684
[FEATURE] Add Optional Check for Session Username on VerifyGet (#1427)
* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same.
* use strings.EqualFold to compare case insensitively
* add docs
* add unit tests
* invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie)
* add example PAM script
* go mod tidy
* go mod bump to 1.15
2020-12-02 10:03:44 +11:00
dependabot-preview[bot]
f1968343c3
[MISC] (deps): Bump github.com/spf13/viper from 1.7.0 to 1.7.1 (#1251)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.7.0...v1.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-04 09:07:38 +10:00
dependabot-preview[bot]
b9eb94f658
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.8.0 to 4.8.1 (#1244)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.8.0...v4.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-31 12:10:51 +10:00
dependabot-preview[bot]
07c4e96927
[MISC] (deps): Bump github.com/golang/mock from 1.4.3 to 1.4.4 (#1242)
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.3...v1.4.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-30 09:44:38 +02:00
dependabot-preview[bot]
e0774d1524
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.3 to 1.2.4 (#1223)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.3...v1.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 11:29:01 +02:00
dependabot-preview[bot]
fd0de434c4
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.2 to 4.8.0 (#1221)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.2...v4.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 00:26:03 +02:00
dependabot-preview[bot]
ebd391d67a
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.2.0 to 2.2.1 (#1219)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.2.0...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-24 23:43:11 +02:00
dependabot-preview[bot]
3ae95e6bf0
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.1 to 2.2.0 (#1217)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.1...v2.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 12:11:12 +10:00
dependabot-preview[bot]
9134b0aa8e
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.2 to 1.2.3 (#1216)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.2...v1.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 11:37:22 +10:00
dependabot-preview[bot]
0b18d08f01
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.2 to 3.2.3 (#1213)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.2...v3.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-20 12:05:19 +10:00
dependabot-preview[bot]
eb638ec579
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.1 to 4.7.2 (#1207)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.1 to 4.7.2.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.1...v4.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-17 09:29:24 +10:00
James Elliott
ea1fae6491
[MISC] Storage Schema Versioning Model (#1057)
* [MISC] Storage Schema Versioning Model 

* fixup go.sum
* remove pq
* fix int to text issue
* fix incorrect SQL text
* use key_name vs key
* use transactions for all queries during upgrades
* fix missing parenthesis
* move upgrades to their own file
* add provider name for future usage in upgrades
* fix missing create config table values
* fix using the const instead of the provider SQL
* import logging once and reuse
* update docs
* remove db at suite teardown
* apply suggestions from code review
* fix mysql
* make errors more uniform
* style changes
* remove commented code sections
* remove commented code sections
* add schema version type
* add sql mock unit tests
* go mod tidy
* test blank row situations
2020-07-16 15:56:08 +10:00
dependabot-preview[bot]
e5d02d4b06
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.14.0 to 1.15.1 (#1200)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.14.0 to 1.15.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.14.0...v1.15.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 23:32:54 +02:00
dependabot-preview[bot]
c5c41c6111
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.1 to 3.2.2 (#1199)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.1...v3.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 11:01:35 +10:00
dependabot-preview[bot]
24ea88156b
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.0 to 3.2.1 (#1152)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.0...v3.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-24 10:21:14 +10:00
dependabot-preview[bot]
0e206660ef
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.11 to 3.2.0 (#1128)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.11 to 3.2.0.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.11...v3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:57:16 +10:00
dependabot-preview[bot]
53ea5a067a
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.1 to 1.2.2 (#1116)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.1...v1.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-15 22:27:45 +02:00
dependabot-preview[bot]
9ae68999e8
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.10 to 3.1.11 (#1115)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.10 to 3.1.11.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.10...v3.1.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-15 10:56:29 +10:00
dependabot-preview[bot]
532ccb8fdf
[MISC] (deps): Bump github.com/lib/pq from 1.6.0 to 1.7.0 (#1106)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-11 10:24:18 +10:00
dependabot-preview[bot]
1a82d3192b
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.7 to 1.2.1 (#1102)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.7 to 1.2.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.7...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-09 23:14:15 +02:00
dependabot-preview[bot]
a08856a7dd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7 (#1099)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.6...v1.1.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Update go.sum

* Update go.sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 11:08:49 +10:00
dependabot-preview[bot]
cd38e9aa3f
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.0 to 2.1.1 (#1098)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.0...v2.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 09:27:17 +10:00
dependabot-preview[bot]
ef0c0fe8bf
[MISC] (deps): Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 (#1095)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 08:35:03 +10:00
Amir Zarrinkafsh
33e5677f87
[MISC] Update and clean go.mod/go.sum (#1076) 2020-06-04 13:34:25 +10:00
dependabot-preview[bot]
94a5386aff
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.5 to 1.1.6 (#1079)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.5...v1.1.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 21:12:15 +02:00
dependabot-preview[bot]
431d059c2e
[MISC] (deps): Bump github.com/lib/pq from 1.5.2 to 1.6.0 (#1067)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.2...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 09:52:45 +10:00
dependabot-preview[bot]
844a4c58d1
[MISC] (deps): Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 (#1066)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 08:52:59 +10:00
dependabot-preview[bot]
5d3f010a1f
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.4 to 1.1.5 (#1058)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 21:53:52 +02:00
dependabot-preview[bot]
54fe2a9abd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.3 to 1.1.4 (#1054)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.3...v1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-26 21:32:37 +02:00
dependabot-preview[bot]
9eda7fb612
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.0.2 to 2.1.0 (#1055)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.0.2...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:20 +02:00
dependabot-preview[bot]
2b8a8a24a1
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.12.0 to 1.13.1 (#1056)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.12.0 to 1.13.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.12.0...v1.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:10 +02:00
dependabot-preview[bot]
00fa11020e
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3 (#1048)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* fix sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-25 08:54:38 +10:00
dependabot-preview[bot]
70e0bba1d1
[MISC] (deps): Bump github.com/otiai10/copy from 1.1.1 to 1.2.0 (#1047)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-24 21:31:04 +02:00
dependabot-preview[bot]
b5f27b7451
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.1 to 1.1.2 (#1041)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-22 08:04:45 +10:00
Clément Michaud
fe5ebfb75a
[FEATURE] Bump to fasthttp/session/v2 to support redis unix socket. (#1001)
* [FEATURE] Bump to fasthttp/session/v2 to support redis unix socket.

* Fix lint issues.

* Remove v1 import and fix double import.

* [DOCS] Document use of redis unix socket.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-18 12:45:47 +10:00
James Elliott
73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999)
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
2020-05-14 15:55:03 +10:00