authelia/internal/middlewares
James Elliott 9a8c6602dd
fix(middlewares): smart delay on reset password (#2767)
This adds a smart delay on reset password attempts to prevent username enumeration. Additionally utilizes crypto rand instead of math rand. It also moves the timing delay functionality into its own handler func.
2022-01-21 10:46:13 +11:00
..
asset_override.go feat: customizable static assets (#2597) 2021-11-15 19:37:58 +11:00
authelia_context_test.go fix: include major in go.mod module directive (#2278) 2021-08-11 11:16:46 +10:00
authelia_context.go fix(middlewares): smart delay on reset password (#2767) 2022-01-21 10:46:13 +11:00
const.go refactor(handlers): utilize referer for auth logging rm/rd (#2655) 2021-12-02 13:21:46 +11:00
errors.go fix: oidc issuer path and strip path middleware (#2272) 2021-08-10 10:31:08 +10:00
http_to_authelia_handler_adaptor.go refactor(handlers): lower case error messages (#2289) 2021-09-17 15:53:40 +10:00
identity_verification_test.go fix(middlewares): smart delay on reset password (#2767) 2022-01-21 10:46:13 +11:00
identity_verification.go fix(middlewares): smart delay on reset password (#2767) 2022-01-21 10:46:13 +11:00
log_request_test.go [CI] Add wsl linter (#980) 2020-05-05 21:35:32 +02:00
log_request.go Display correct RemoteIP in logs. 2019-12-11 19:01:16 +01:00
require_first_factor.go fix: include major in go.mod module directive (#2278) 2021-08-11 11:16:46 +10:00
strip_path.go fix: oidc issuer path and strip path middleware (#2272) 2021-08-10 10:31:08 +10:00
timing_attack_delay_test.go fix(middlewares): smart delay on reset password (#2767) 2022-01-21 10:46:13 +11:00
timing_attack_delay.go fix(middlewares): smart delay on reset password (#2767) 2022-01-21 10:46:13 +11:00
types.go feat(totp): algorithm and digits config (#2634) 2021-12-01 23:11:29 +11:00