authelia/internal/handlers
James Elliott 365304a684
[FEATURE] Add Optional Check for Session Username on VerifyGet (#1427)
* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same.
* use strings.EqualFold to compare case insensitively
* add docs
* add unit tests
* invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie)
* add example PAM script
* go mod tidy
* go mod bump to 1.15
2020-12-02 10:03:44 +11:00
..
const.go [FEATURE] Add Optional Check for Session Username on VerifyGet (#1427) 2020-12-02 10:03:44 +11:00
errors.go [MISC] Fixed typo in X-Forwarded headers (#1280) 2020-08-21 11:15:20 +10:00
handler_configuration_test.go [MISC] Template global config and refactor some /api endpoints (#1135) 2020-06-21 15:40:37 +02:00
handler_configuration.go [MISC] Template global config and refactor some /api endpoints (#1135) 2020-06-21 15:40:37 +02:00
handler_firstfactor_test.go [FEATURE] Delay 1FA Authentication (#993) 2020-05-21 00:03:15 +02:00
handler_firstfactor.go [MISC] Address errors from linter updates (#1308) 2020-09-04 13:20:17 +10:00
handler_health.go [FEATURE] Create dedicated health endpoint (#1489) 2020-11-25 10:20:52 +11:00
handler_logout_test.go [CI] Add goconst linter (#961) 2020-05-02 18:20:40 +02:00
handler_logout.go Rename org from clems4ever to authelia 2019-12-24 13:14:52 +11:00
handler_register_totp.go [CI] Add godot linter (#958) 2020-05-02 15:06:39 +10:00
handler_register_u2f_step1_test.go [MISC] Fixed typo in X-Forwarded headers (#1280) 2020-08-21 11:15:20 +10:00
handler_register_u2f_step1.go [CI] Add wsl linter (#980) 2020-05-05 21:35:32 +02:00
handler_register_u2f_step2.go [MISC] Ignore errcheck recommendations for legacy code (#893) 2020-04-22 13:33:14 +10:00
handler_reset_password_step1.go [MISC] Ignore errcheck recommendations for legacy code (#893) 2020-04-22 13:33:14 +10:00
handler_reset_password_step2.go [FEATURE] Support MSAD password reset via unicodePwd attribute (#1460) 2020-11-27 20:59:22 +11:00
handler_sign_duo_test.go [SECURITY] Fix Authentication HTTP Status Codes (#959) 2020-05-06 07:27:38 +10:00
handler_sign_duo.go [SECURITY] Fix Authentication HTTP Status Codes (#959) 2020-05-06 07:27:38 +10:00
handler_sign_totp_test.go [CI] Add goconst linter (#961) 2020-05-02 18:20:40 +02:00
handler_sign_totp.go [SECURITY] Fix Authentication HTTP Status Codes (#959) 2020-05-06 07:27:38 +10:00
handler_sign_u2f_step1_test.go [MISC] Fixed typo in X-Forwarded headers (#1280) 2020-08-21 11:15:20 +10:00
handler_sign_u2f_step1.go [SECURITY] Fix Authentication HTTP Status Codes (#959) 2020-05-06 07:27:38 +10:00
handler_sign_u2f_step2_test.go [CI] Add goconst linter (#961) 2020-05-02 18:20:40 +02:00
handler_sign_u2f_step2.go [SECURITY] Fix Authentication HTTP Status Codes (#959) 2020-05-06 07:27:38 +10:00
handler_state_test.go [MISC] Fix goimports ordering for repo (#947) 2020-05-01 16:56:42 +10:00
handler_state.go [MISC] Ignore errcheck recommendations for legacy code (#893) 2020-04-22 13:33:14 +10:00
handler_user_info_test.go [MISC] Template global config and refactor some /api endpoints (#1135) 2020-06-21 15:40:37 +02:00
handler_user_info.go [MISC] Template global config and refactor some /api endpoints (#1135) 2020-06-21 15:40:37 +02:00
handler_verify_test.go [FEATURE] Add Optional Check for Session Username on VerifyGet (#1427) 2020-12-02 10:03:44 +11:00
handler_verify.go [FEATURE] Add Optional Check for Session Username on VerifyGet (#1427) 2020-12-02 10:03:44 +11:00
response.go [SECURITY] Fix Authentication HTTP Status Codes (#959) 2020-05-06 07:27:38 +10:00
totp_mock.go [MISC] Update durations to notation format and housekeeping (#824) 2020-04-05 22:37:21 +10:00
totp.go [CI] Add wsl linter (#980) 2020-05-05 21:35:32 +02:00
types.go [MISC] Template global config and refactor some /api endpoints (#1135) 2020-06-21 15:40:37 +02:00
u2f_mock.go [MISC] Update durations to notation format and housekeeping (#824) 2020-04-05 22:37:21 +10:00
u2f.go [CI] Add wsl linter (#980) 2020-05-05 21:35:32 +02:00