1
0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
authelia/internal
James Elliott e95c6a294d
[HOTFIX] Prevent Username Enumeration ()
* [HOTFIX] Prevent Username Enumeration

* thanks to TheHllm for identifying the bug: https://github.com/TheHllm
* temporarily prevents username enumeration with file auth
* proper calculated and very slightly random fix to come

* closely replicate behaviour

* allow error to bubble up

* Synchronize security documentation.

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-05-02 00:32:09 +02:00
..
authentication [HOTFIX] Prevent Username Enumeration () 2020-05-02 00:32:09 +02:00
authorization [MISC] Fix goimports ordering for repo () 2020-05-01 16:56:42 +10:00
commands [FEATURE] Config Validation () 2020-04-23 11:47:27 +10:00
configuration [FEATURE] Buffer size configuration and additional http error handling () 2020-04-30 12:03:05 +10:00
duo [MISC] Update durations to notation format and housekeeping () 2020-04-05 22:37:21 +10:00
handlers [MISC] Fix goimports ordering for repo () 2020-05-01 16:56:42 +10:00
logging [FEATURE] [BREAKING] Support writing logs in a file. () 2020-03-09 20:57:53 +01:00
middlewares [MISC] Fix goimports ordering for repo () 2020-05-01 16:56:42 +10:00
mocks [MISC] Fix goimports ordering for repo () 2020-05-01 16:56:42 +10:00
models [MISC] Implement golint recommendations () 2020-04-20 23:03:38 +02:00
notification [FIX] File Notifier Default Permissions () 2020-04-23 12:01:24 +10:00
regulation [Buildkite] Introduce CI linting with golangci-lint and reviewdog () 2020-04-09 11:05:17 +10:00
server [SECURITY] Disable HTTP server header () 2020-04-30 13:16:41 +10:00
session [Buildkite] Introduce CI linting with golangci-lint and reviewdog () 2020-04-09 11:05:17 +10:00
storage [Buildkite] Introduce CI linting with golangci-lint and reviewdog () 2020-04-09 11:05:17 +10:00
suites [FEATURE] Embed static assets in Go binary () 2020-04-29 00:07:20 +10:00
templates Force TLS and valid x509 certs in SMTP Notifier by default 2020-01-10 17:37:16 +01:00
utils [MISC] Implement golint recommendations () 2020-04-20 23:03:38 +02:00