Aaron L
13e6714c87
Change redirector to do more API-like things
...
- Add an option to coerce HTTP 307/308 -> 200 for API redirects
- Change the status message to always show up during a redirect.
2018-09-12 17:11:23 -07:00
Aaron L
98147bc020
Fix several lint errors
2018-09-03 16:34:10 -07:00
Aaron L
462a784cd2
Merge branch 'v2'
2018-09-03 16:05:02 -07:00
Aaron L
97a8f0fe04
Update changelog
2018-09-03 14:11:11 -07:00
Aaron L
6fe647f404
Touch up documentation for v2
2018-09-03 13:03:41 -07:00
Aaron L
167d5a0903
Add context to the sms sender interface
2018-09-03 11:58:24 -07:00
Aaron L
4420666f2b
Split 2fa pages apart
...
- Add a config option to control the authboss.Middleware redirecting
2018-09-03 11:57:25 -07:00
Aaron L
5af4d392ab
Fix redirects for otp
2018-08-31 15:19:03 -07:00
Aaron L
8249d714d0
Fix redirects using Middleware
2018-08-31 14:57:22 -07:00
Aaron L
ff72602e76
Merge branch 'otp-twofactor' into v2
2018-08-31 11:44:00 -07:00
Aaron L
0c5db70af2
Update changelog
2018-08-31 11:41:32 -07:00
Aaron L
b44e38177f
Add tests for sms2fa
2018-08-31 11:38:53 -07:00
Aaron L
e9cd8acc06
Refactor the duplication out of tests
2018-08-31 09:38:48 -07:00
Aaron L
dc6c655e10
Add tests for totp2fa
2018-08-31 01:15:05 -07:00
Aaron L
52d9b33730
Add tests for twofactor package
2018-08-26 16:49:16 -07:00
Aaron L
3daf5c988e
Add totp recovery code login
2018-08-26 15:48:53 -07:00
Aaron L
e4badae1ee
Add recovery code logins to sms
2018-08-26 15:43:35 -07:00
Aaron L
e79638a05e
Add regeneration of recovery codes
...
- Refactor some constants that pertain to recovery codes
2018-08-26 14:46:17 -07:00
Aaron L
bdb449c0f6
Add sms 2fa
...
- Add sms 2fa module
- Refactor recovery code bit out
- Fix some bugs in totp 2fa
2018-08-26 12:54:14 -07:00
Aaron L
735cbb1ec5
Add totp2fa module
2018-08-22 21:34:38 -07:00
Aaron L
0085c8354b
Fix error handling in client state middleware
...
- Fix #181
2018-08-16 09:35:33 -07:00
Aaron L
0eed117407
Fix broken link in README
2018-08-16 08:26:00 -07:00
Aaron L
d14fcc14d9
Change error message to be more clear
2018-08-16 08:25:30 -07:00
Aaron L
9aed0c512d
Add maximum amount of OTPs
2018-07-17 15:32:10 -07:00
Aaron L
6164dd8da4
Finish otp module
2018-07-17 15:25:25 -07:00
Aaron L
b7cec028b9
Use io.ReadFull to read from crypto/rand
...
There have been bugs filed in other libraries where rand.Read()
simply returns all 0s, instead use io.ReadFull to ensure that we get
the amount of bytes we want.
- Use io.ReadFull(rand.Reader, ...) instead of rand.Read() for getting
randomness from crypto/rand.
2018-07-17 10:10:07 -07:00
Aaron L
48e83e1a2a
WIP
2018-07-17 07:09:38 -07:00
Aaron L
807a692e26
Improve documentation for RegisterPreserveFields
2018-07-06 08:13:30 -07:00
Aaron L
89dc3b4d38
Update changelog
2018-07-04 07:29:39 -07:00
Aaron L
6fe0f04c65
Delete random whitespace from PR
2018-07-04 07:28:29 -07:00
Aaron L
8c07f314e2
Merge branch 'nkonev/v2' into v2
2018-07-04 07:28:12 -07:00
Никита Конев (home Fedora)
a04eecead5
removed dep
2018-07-03 01:44:01 +03:00
Никита Конев (home Fedora)
2cc559f865
add dep vendorer & dummy fix test
2018-07-03 00:13:52 +03:00
Aaron L
db3a3a10e3
Add context.Context to RememberingServerStorer
2018-06-27 10:58:53 -07:00
Aaron L
ea27d16052
Update changelog
2018-05-25 11:50:11 -07:00
Aaron L
ae5a471cf2
Don't use magic numbers
2018-05-18 06:49:21 -07:00
Aaron L
f46d0f3475
Update readme with deprecation notice
2018-05-16 12:19:09 -07:00
Aaron L
852508259c
Add split tokens for confirm and recover
2018-05-16 11:51:55 -07:00
Aaron L
27190e3fbe
Update changelog.
...
- Add tov2.md upgrade guide
2018-05-14 15:03:06 -07:00
Aaron L
c38f79490b
Increase testing coverage.
...
- Missed some actual tests, added them.
- Added a bunch of useless tests to increase coverage. Guilty as
charged.
2018-05-14 14:27:33 -07:00
Aaron L
bf1eb39403
Port FromName fix from master
...
Originally contributed by Max Howald <maxhowald@gmail.com>
2018-05-14 11:47:34 -07:00
Aaron L
4d8f1e9638
Clean up linting errors
2018-05-14 10:55:56 -07:00
Aaron L
e9c5d3e13c
Add real smtp tests
...
- Allow users to test the smtp mailer by sending themselves e-mails
- Add a protection to ensure that either the HTML or the Text body
exists so we never send blank e-mails.
- Fix a bug where if the html body was blank, the mime section for it
was still set and therefore gmail and (probably) other clients would
show a blank e-mail instead of the content in the text e-mails.
2018-05-12 23:57:43 -07:00
Aaron L
83d912fd82
Another pass on documentation
2018-05-12 09:23:52 -07:00
Aaron L
63888bdfc1
Add JSON Renderer and JSON body reading.
2018-05-09 07:59:19 -07:00
Aaron L
48b33b0217
Add a few convenience pieces
...
- Add helper to directly merge data into a request (common use case)
- Allow parsing of OAuth2PID without panic
- Add oauth2.* strings to the modules list in case people want to be
able to switch on which oauth2 providers are available in their
views.
2018-05-08 20:40:55 -07:00
Aaron L
2399b4c089
Fix bug where remember didn't log you in
...
- The current request needed a pid set, the session sets that existed in
the current code would only log you in the next request.
2018-05-08 18:11:13 -07:00
Aaron L
06630eda7b
Make sure recover allows form validation
...
This allows validation of password complexity or confirm_password form
fields.
2018-05-07 12:34:22 -07:00
Aaron L
5973fa9bd0
Make lock do what it's supposed to
...
Inverted the test data, which inverted the logic
2018-05-07 12:33:58 -07:00
Aaron L
1afc6fcb01
Change loaded modules middleware
...
It was simply too ugly to have a giant data structure for debugging.
This middleware should also basically never be used outside authboss
views so the allocation means nothing.
2018-05-07 12:33:02 -07:00