go/authboss
1
0
Fork 0
mirror of https://github.com/volatiletech/authboss.git synced 2025-01-10 04:17:59 +02:00
Code Issues Releases Activity
332 Commits 6 Branches 36 Tags 1.6 MiB
52d9b33730
Commit Graph

332 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aaron L
52d9b33730 Add tests for twofactor package 2018-08-26 16:49:16 -07:00
Aaron L
3daf5c988e Add totp recovery code login 2018-08-26 15:48:53 -07:00
Aaron L
e4badae1ee Add recovery code logins to sms 2018-08-26 15:43:35 -07:00
Aaron L
e79638a05e Add regeneration of recovery codes 
- Refactor some constants that pertain to recovery codes
 2018-08-26 14:46:17 -07:00
Aaron L
bdb449c0f6 Add sms 2fa 
- Add sms 2fa module
- Refactor recovery code bit out
- Fix some bugs in totp 2fa
 2018-08-26 12:54:14 -07:00
Aaron L
735cbb1ec5 Add totp2fa module 2018-08-22 21:34:38 -07:00
Aaron L
9aed0c512d Add maximum amount of OTPs 2018-07-17 15:32:10 -07:00
Aaron L
6164dd8da4 Finish otp module 2018-07-17 15:25:25 -07:00
Aaron L
b7cec028b9 Use io.ReadFull to read from crypto/rand 
There have been bugs filed in other libraries where rand.Read()
simply returns all 0s, instead use io.ReadFull to ensure that we get
the amount of bytes we want.

- Use io.ReadFull(rand.Reader, ...) instead of rand.Read() for getting
  randomness from crypto/rand.
 2018-07-17 10:10:07 -07:00
Aaron L
48e83e1a2a WIP 2018-07-17 07:09:38 -07:00
Aaron L
807a692e26 Improve documentation for RegisterPreserveFields 2018-07-06 08:13:30 -07:00
Aaron L
89dc3b4d38 Update changelog 2018-07-04 07:29:39 -07:00
Aaron L
6fe0f04c65 Delete random whitespace from PR 2018-07-04 07:28:29 -07:00
Aaron L
8c07f314e2 Merge branch 'nkonev/v2' into v2 2018-07-04 07:28:12 -07:00
Никита Конев (home Fedora)
a04eecead5 removed dep 2018-07-03 01:44:01 +03:00
Никита Конев (home Fedora)
2cc559f865 add dep vendorer & dummy fix test 2018-07-03 00:13:52 +03:00
Aaron L
db3a3a10e3 Add context.Context to RememberingServerStorer 2018-06-27 10:58:53 -07:00
Aaron L
ea27d16052 Update changelog 2018-05-25 11:50:11 -07:00
Aaron L
ae5a471cf2 Don't use magic numbers 2018-05-18 06:49:21 -07:00
Aaron L
852508259c Add split tokens for confirm and recover 2018-05-16 11:51:55 -07:00
Aaron L
27190e3fbe Update changelog. 
- Add tov2.md upgrade guide
 2018-05-14 15:03:06 -07:00
Aaron L
c38f79490b Increase testing coverage. 
- Missed some actual tests, added them.
- Added a bunch of useless tests to increase coverage. Guilty as
  charged.
 2018-05-14 14:27:33 -07:00
Aaron L
bf1eb39403 Port FromName fix from master 
Originally contributed by Max Howald <maxhowald@gmail.com>
 2018-05-14 11:47:34 -07:00
Aaron L
4d8f1e9638 Clean up linting errors 2018-05-14 10:55:56 -07:00
Aaron L
e9c5d3e13c Add real smtp tests 
- Allow users to test the smtp mailer by sending themselves e-mails
- Add a protection to ensure that either the HTML or the Text body
  exists so we never send blank e-mails.
- Fix a bug where if the html body was blank, the mime section for it
  was still set and therefore gmail and (probably) other clients would
  show a blank e-mail instead of the content in the text e-mails.
 2018-05-12 23:57:43 -07:00
Aaron L
83d912fd82 Another pass on documentation 2018-05-12 09:23:52 -07:00
Aaron L
63888bdfc1 Add JSON Renderer and JSON body reading. 2018-05-09 07:59:19 -07:00
Aaron L
48b33b0217 Add a few convenience pieces 
- Add helper to directly merge data into a request (common use case)
- Allow parsing of OAuth2PID without panic
- Add oauth2.* strings to the modules list in case people want to be
  able to switch on which oauth2 providers are available in their
  views.
 2018-05-08 20:40:55 -07:00
Aaron L
2399b4c089 Fix bug where remember didn't log you in 
- The current request needed a pid set, the session sets that existed in
  the current code would only log you in the next request.
 2018-05-08 18:11:13 -07:00
Aaron L
06630eda7b Make sure recover allows form validation 
This allows validation of password complexity or confirm_password form
fields.
 2018-05-07 12:34:22 -07:00
Aaron L
5973fa9bd0 Make lock do what it's supposed to 
Inverted the test data, which inverted the logic
 2018-05-07 12:33:58 -07:00
Aaron L
1afc6fcb01 Change loaded modules middleware 
It was simply too ugly to have a giant data structure for debugging.
This middleware should also basically never be used outside authboss
views so the allocation means nothing.
 2018-05-07 12:33:02 -07:00
Aaron L
3ab0effe9c Fix unused variable in test 2018-05-03 10:10:17 -07:00
Aaron L
5d2a5bd564 Update documentation 2018-04-30 18:25:34 -07:00
Aaron L
d9b0dfd51c Change register and recover to use error maps 2018-04-30 18:25:30 -07:00
Aaron L
a9c161e940 Add module list middleware 2018-04-30 18:21:56 -07:00
Aaron L
563fd622be Add mock logger 2018-04-30 18:21:28 -07:00
Aaron L
f594d1d556 Add some validation helpers 2018-04-30 18:21:12 -07:00
Aaron L
08645c0811 Flush out default valuer implementations 2018-04-30 18:18:30 -07:00
Aaron L
ec8be783fd Add some basic pluralization to rules 2018-04-30 18:18:03 -07:00
Aaron L
3c6c19e2e8 Fix nil bug in responder 2018-04-30 18:17:40 -07:00
Aaron L
4aa961f758 Load and verify user logged in middleware 2018-04-30 18:17:07 -07:00
Aaron L
6dee0259e1 Add logouts module registration 2018-03-20 17:03:44 -07:00
Aaron L
f7f6244070 Small changes to docs 2018-03-09 16:18:16 -08:00
Aaron L
889ef76f9c Fix some links 2018-03-09 16:06:12 -08:00
Aaron L
b500555dda First draft docs 2018-03-09 16:02:35 -08:00
Aaron L
d752b6bb98 Doc fixes and ensure proper default config 2018-03-09 14:46:33 -08:00
Aaron L
ee4b2658d5 Finish TODOs 2018-03-09 13:11:08 -08:00
Aaron L
e9631e54b7 Remove commented tests 2018-03-08 18:41:44 -08:00
Aaron L
1112987bce Rewrite oauth module 
- Tried to be clear about OAuth2 vs OAuth in all places.
- Allow users to be locked from OAuth logins (if done manually for some
  reason other than failed logins)
- Cleaned up some docs and wording around the previously very confusing
  (now hopefully only somewhat confusing) oauth2 module.
 2018-03-08 18:39:51 -08:00