1
0
mirror of https://github.com/volatiletech/authboss.git synced 2024-11-30 09:06:45 +02:00
Commit Graph

449 Commits

Author SHA1 Message Date
Aaron L
13e6714c87 Change redirector to do more API-like things
- Add an option to coerce HTTP 307/308 -> 200 for API redirects
- Change the status message to always show up during a redirect.
2018-09-12 17:11:23 -07:00
Aaron L
98147bc020 Fix several lint errors 2018-09-03 16:34:10 -07:00
Aaron L
462a784cd2 Merge branch 'v2' 2018-09-03 16:05:02 -07:00
Aaron L
97a8f0fe04 Update changelog 2018-09-03 14:11:11 -07:00
Aaron L
6fe647f404 Touch up documentation for v2 2018-09-03 13:03:41 -07:00
Aaron L
167d5a0903 Add context to the sms sender interface 2018-09-03 11:58:24 -07:00
Aaron L
4420666f2b Split 2fa pages apart
- Add a config option to control the authboss.Middleware redirecting
2018-09-03 11:57:25 -07:00
Aaron L
5af4d392ab Fix redirects for otp 2018-08-31 15:19:03 -07:00
Aaron L
8249d714d0 Fix redirects using Middleware 2018-08-31 14:57:22 -07:00
Aaron L
ff72602e76 Merge branch 'otp-twofactor' into v2 2018-08-31 11:44:00 -07:00
Aaron L
0c5db70af2 Update changelog 2018-08-31 11:41:32 -07:00
Aaron L
b44e38177f Add tests for sms2fa 2018-08-31 11:38:53 -07:00
Aaron L
e9cd8acc06 Refactor the duplication out of tests 2018-08-31 09:38:48 -07:00
Aaron L
dc6c655e10 Add tests for totp2fa 2018-08-31 01:15:05 -07:00
Aaron L
52d9b33730 Add tests for twofactor package 2018-08-26 16:49:16 -07:00
Aaron L
3daf5c988e Add totp recovery code login 2018-08-26 15:48:53 -07:00
Aaron L
e4badae1ee Add recovery code logins to sms 2018-08-26 15:43:35 -07:00
Aaron L
e79638a05e Add regeneration of recovery codes
- Refactor some constants that pertain to recovery codes
2018-08-26 14:46:17 -07:00
Aaron L
bdb449c0f6 Add sms 2fa
- Add sms 2fa module
- Refactor recovery code bit out
- Fix some bugs in totp 2fa
2018-08-26 12:54:14 -07:00
Aaron L
735cbb1ec5 Add totp2fa module 2018-08-22 21:34:38 -07:00
Aaron L
0085c8354b Fix error handling in client state middleware
- Fix #181
2018-08-16 09:35:33 -07:00
Aaron L
0eed117407 Fix broken link in README 2018-08-16 08:26:00 -07:00
Aaron L
d14fcc14d9 Change error message to be more clear 2018-08-16 08:25:30 -07:00
Aaron L
9aed0c512d Add maximum amount of OTPs 2018-07-17 15:32:10 -07:00
Aaron L
6164dd8da4 Finish otp module 2018-07-17 15:25:25 -07:00
Aaron L
b7cec028b9 Use io.ReadFull to read from crypto/rand
There have been bugs filed in other libraries where rand.Read()
simply returns all 0s, instead use io.ReadFull to ensure that we get
the amount of bytes we want.

- Use io.ReadFull(rand.Reader, ...) instead of rand.Read() for getting
  randomness from crypto/rand.
2018-07-17 10:10:07 -07:00
Aaron L
48e83e1a2a WIP 2018-07-17 07:09:38 -07:00
Aaron L
807a692e26 Improve documentation for RegisterPreserveFields 2018-07-06 08:13:30 -07:00
Aaron L
89dc3b4d38 Update changelog 2018-07-04 07:29:39 -07:00
Aaron L
6fe0f04c65 Delete random whitespace from PR 2018-07-04 07:28:29 -07:00
Aaron L
8c07f314e2 Merge branch 'nkonev/v2' into v2 2018-07-04 07:28:12 -07:00
Никита Конев (home Fedora)
a04eecead5 removed dep 2018-07-03 01:44:01 +03:00
Никита Конев (home Fedora)
2cc559f865 add dep vendorer & dummy fix test 2018-07-03 00:13:52 +03:00
Aaron L
db3a3a10e3 Add context.Context to RememberingServerStorer 2018-06-27 10:58:53 -07:00
Aaron L
ea27d16052 Update changelog 2018-05-25 11:50:11 -07:00
Aaron L
ae5a471cf2 Don't use magic numbers 2018-05-18 06:49:21 -07:00
Aaron L
f46d0f3475 Update readme with deprecation notice 2018-05-16 12:19:09 -07:00
Aaron L
852508259c Add split tokens for confirm and recover 2018-05-16 11:51:55 -07:00
Aaron L
27190e3fbe Update changelog.
- Add tov2.md upgrade guide
2018-05-14 15:03:06 -07:00
Aaron L
c38f79490b Increase testing coverage.
- Missed some actual tests, added them.
- Added a bunch of useless tests to increase coverage. Guilty as
  charged.
2018-05-14 14:27:33 -07:00
Aaron L
bf1eb39403 Port FromName fix from master
Originally contributed by Max Howald <maxhowald@gmail.com>
2018-05-14 11:47:34 -07:00
Aaron L
4d8f1e9638 Clean up linting errors 2018-05-14 10:55:56 -07:00
Aaron L
e9c5d3e13c Add real smtp tests
- Allow users to test the smtp mailer by sending themselves e-mails
- Add a protection to ensure that either the HTML or the Text body
  exists so we never send blank e-mails.
- Fix a bug where if the html body was blank, the mime section for it
  was still set and therefore gmail and (probably) other clients would
  show a blank e-mail instead of the content in the text e-mails.
2018-05-12 23:57:43 -07:00
Aaron L
83d912fd82 Another pass on documentation 2018-05-12 09:23:52 -07:00
Aaron L
63888bdfc1 Add JSON Renderer and JSON body reading. 2018-05-09 07:59:19 -07:00
Aaron L
48b33b0217 Add a few convenience pieces
- Add helper to directly merge data into a request (common use case)
- Allow parsing of OAuth2PID without panic
- Add oauth2.* strings to the modules list in case people want to be
  able to switch on which oauth2 providers are available in their
  views.
2018-05-08 20:40:55 -07:00
Aaron L
2399b4c089 Fix bug where remember didn't log you in
- The current request needed a pid set, the session sets that existed in
  the current code would only log you in the next request.
2018-05-08 18:11:13 -07:00
Aaron L
06630eda7b Make sure recover allows form validation
This allows validation of password complexity or confirm_password form
fields.
2018-05-07 12:34:22 -07:00
Aaron L
5973fa9bd0 Make lock do what it's supposed to
Inverted the test data, which inverted the logic
2018-05-07 12:33:58 -07:00
Aaron L
1afc6fcb01 Change loaded modules middleware
It was simply too ugly to have a giant data structure for debugging.
This middleware should also basically never be used outside authboss
views so the allocation means nothing.
2018-05-07 12:33:02 -07:00