mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
365304a684
* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same. * use strings.EqualFold to compare case insensitively * add docs * add unit tests * invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie) * add example PAM script * go mod tidy * go mod bump to 1.15 |
||
---|---|---|
.. | ||
2fa | ||
access-control.md | ||
first-factor.md | ||
index.md | ||
password-reset.md | ||
regulation.md | ||
single-factor.md |