Commit Graph

147 Commits

Author SHA1 Message Date
snyk-bot
dd6823f227 fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HELMETCSP-469436
2019-10-19 17:57:40 +02:00
Clement Michaud
828baab6b1 3.16.0 2019-09-25 23:56:20 +02:00
Clement Michaud
dd36902467 3.15.0 2019-04-24 23:55:21 +02:00
Clement Michaud
4f63de4020 Remove useless packages from server package.json. 2019-04-24 23:53:23 +02:00
Clement Michaud
b36f2c78f9 3.14.0 2019-04-16 22:53:48 +02:00
Clement Michaud
8a76b5118d Add network criteria in ACLs to specify policy based on network subnet. 2019-03-31 20:11:07 +02:00
Clement Michaud
3c6e2ae448 3.13.0 2019-03-29 14:12:58 +01:00
Clement Michaud
8ef402511c Add Duo Push Notification option as 2FA. 2019-03-24 15:15:49 +01:00
Clement Michaud
40574bc8ec Fix the bypass strategy.
Before this fix an anonymous user was not able to access a resource
that were configured with a bypass policy. This was due to a useless
check of the userid in the auth session. Moreover, in the case of an
anonymous user, we should not check the inactivity period since there
is no session.

Also refactor /verify endpoint for better testability and add tests
in a new suite.
2019-03-22 23:51:36 +01:00
Clement Michaud
76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
Clement Michaud
06aa9803bf Update the documentation to include info about suites and authelia-scripts. 2019-03-03 11:40:32 +01:00
Clement Michaud
82848b448b Fix some npm commands. 2019-03-03 11:39:40 +01:00
Clement Michaud
716ae9d378 Bump mocha to use forbidOnly and forbidPending options. 2019-03-03 11:39:40 +01:00
Clement Michaud
a1c9bb6302 Improve authelia-scripts to add suites with Docker-based Authelia server. 2019-03-03 11:39:40 +01:00
Clement Michaud
4c138c1f27 Use authelia-scripts in travis. 2019-03-03 11:39:40 +01:00
Clement Michaud
5614bea827 Fix unit tests. 2019-03-03 11:39:40 +01:00
Clement Michaud
c487ed0a37 Migrate more tests to mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud
efceb66ffa Migrate some tests to mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud
c5af4498ab Introduce the concept of suite in authelia-scripts. 2019-03-03 11:39:40 +01:00
Clement Michaud
d2a547eca6 Fix e2e tests for complete configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud
c5eb86e0fd Fix e2e test with minimal configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud
eccf08b6b0 Authelia can be run locally while communicating with docker environment. 2019-03-03 11:39:40 +01:00
Clement Michaud
1bc0029651 Introduce authelia-cli to ease development cycle. 2019-03-03 11:39:40 +01:00
Clement Michaud
9d7155a969 Almost full authentication workflow with U2F and TOTP. 2019-03-03 11:39:40 +01:00
Clement Michaud
fe14bde29b Backend and frontend are reloaded on code change. 2019-03-03 11:39:40 +01:00
Clement Michaud
bc8897c35b 3.12.0 2019-03-03 11:35:53 +01:00
Clement Michaud
b118ac5516 3.11.0 2019-02-09 23:42:59 +01:00
BankaiNoJutsu
3d1448d3cc fix permissions 2018-12-18 16:34:56 +01:00
BankaiNoJutsu
48c204fc68 added all themes, clean and backup of dist, --theme value check 2018-12-18 16:30:23 +01:00
BankaiNoJutsu
6bd9d04eb9 Added cleaning of dist folder before build, by adding grunt-clean, fixed css concat 2018-12-17 23:27:58 +01:00
Clement Michaud
8871ccd65e 3.10.0 2018-11-17 15:06:08 +01:00
Clement Michaud
43102d9fae Bump nyc dependency. 2018-11-15 22:24:57 +01:00
Clement Michaud
7c80515b34 Fix U2F authentication by upgrading libraries. 2018-11-06 15:45:01 +01:00
Clement Michaud
798b001986 Bump grunt and grunt-contrib-watch. 2018-11-03 16:19:05 +01:00
Clement Michaud
e8c3205e0a Make Authelia compatible with Firefox.
Use the polyfill version of u2f API provided by Google.

https://github.com/mastahyeti/u2f-api

This polyfill is at least compatible with Chrome and
Firefox after enabling the U2F support.

[HOWTO] Enable U2F in Firefox >= 57:
Navigate to 'about:config' and search for 'u2f' option.
Double-click on the line to toggle the option.
2018-10-27 18:22:01 +02:00
Clement Michaud
a21c15d451 Bump request package. 2018-10-13 19:21:32 +02:00
Clement Michaud
96ecea203f Update bootstrap and randomatic dependencies. 2018-10-13 10:16:18 +02:00
Clement Michaud
e7ad831d4d 3.9.5 2018-08-30 11:35:24 +02:00
Clement Michaud
e568459c53 3.9.4 2018-08-30 11:29:04 +02:00
Clement Michaud
5fd8150875 3.9.3 2018-08-29 00:01:29 +02:00
Clement Michaud
64f28379ac 3.9.2 2018-08-28 21:05:57 +02:00
Clement Michaud
cedcb07ed0 3.9.1 2018-08-27 22:54:25 +02:00
Clement Michaud
920b2c4f6a 3.9.0 2018-08-26 14:27:17 +02:00
Clement Michaud
1f5a18d12a 3.8.3 2018-08-25 19:37:35 +02:00
Clément Michaud
6438a5e48f
Fix ECONNRESET when LDAP queries fail. (#261)
This commit should fix #225.

In order to avoid stalling LDAP connections, Authelia creates new
sessions for each set of queries bound to one authentication, i.e.,
one session for authentication, emails retrieval and groups
retrieval.
Before this commit, a failing query was preventing the session to
be closed (unbind was not called). Now, unbind is always called
whatever the outcome of the query.

I took the opportunity of this commit to refactor LDAP client in
order to prepare the work on users database stored in a file.
(#233)
2018-08-25 19:22:48 +02:00
Clement Michaud
e50b798edc 3.8.2 2018-08-24 23:05:30 +02:00
Clément Michaud
0fd285f975
Replace npm api key to solve publication. (#260)
* Replace npm api key.

* 3.8.1
2018-08-24 23:03:54 +02:00
Clement Michaud
596f97fc1d 3.8.0 2018-08-19 16:52:23 +02:00
Clement Michaud
39555179e4 Bump all dependencies 2018-05-07 23:23:29 +02:00
Clement Michaud
4da5402cdf Add helmet dependency and add it as express middleware 2018-04-26 09:07:06 +02:00