34b01d9785
website/docs: add more content about flows ( #10527 )
...
* first pass
* reordered config options to match UI, added more
* tweaks
* add content for creating flows, add links to policies, update Style Guide
* tweaks
* procedurals, info about bindings
* stages stub file
* messy
* reorg procedurals
* tweak titles
* tweaks
* images
* images, remove old images
* tweak
* tweaks and fixes
* smaller image
* tweak
* had to rollback
* starting over after VS Code branch war
* fix links
* more tweaks
* Optimised images with calibre/image-actions
* fighting build break
* remove dupe image
* replace image with diagram code
* add image of UI, and reformat to look more like field names, not headings in the document
* Optimised images with calibre/image-actions
* new image
* rest of Jens' edits
* Optimised images with calibre/image-actions
* fix order of stages in example
* fixed arrows in image
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-08-06 12:56:23 +00:00
f7b16ed723
policies: add GeoIP policy ( #10454 )
...
* add GeoIP policy
* handle empty lists of ASNs and countries
* handle missing GeoIP database or missing IP from the database
The exceptions raised here are `PolicyException`s to let admins bypass
an execution failure.
* fix translations
whoops
* remove `GeoIPPolicyMode`
Use the policy binding's `negate` option instead
* fix `DataProvision` typing
`ak-dual-select-provider` can handle unpaginated data
* use `django-countries` instead of a static list of countries for ISO-3166
* simplify `GeoIPPolicyForm`
* pass `GeoIPPolicy` on empty policy
* add backend tests to `GeoIPPolicy`
* revise translations
* move `iso-3166/` to `policies/geoip_iso3166/`
* add client-side caching to ISO3166 API call
* fix `GeoIPPolicy` creation
The automatically generated APIs can't seem to handle `CountryField`,
so I'll have to do this by hand too.
* add docs for GeoIP Policy
* docs: stylize
add review suggestions from @tanberry
* refactor `GeoIPPolicy` API
It is now as declarative as I could make it.
* clean up `api.py` and `views.py`
2024-08-06 10:37:29 +00:00
059f81735e
website/docs: update geoip and asn documentation following field changes ( #10265 )
...
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-06-27 15:09:23 +02:00
7cadcbfa06
website/docs: update geoip and asn example to use the proper syntax ( #10249 )
2024-06-26 08:40:41 -04:00
a3bfb3d25c
website/docs: 2024.2 release notes ( #8468 )
...
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens L. <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-02-14 20:52:56 +01:00
256187ebc6
website/docs: add expression example for geoip ( #7739 )
...
* Update expression.mdx
Added example for GeoIP
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
* Update website/docs/policies/expression.mdx
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
---------
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-12-20 15:33:58 +01:00
84fdd3c750
website/docs: RBAC docs ( #7191 )
...
* draft rbac docs
* tweaks
* add a permissions topic
* tweaks
* more changes
* draft permissions topic
* more content on roles
* links
* typo
* more conceptual info
* Optimised images with calibre/image-actions
* more content on roles
* add more x-ref links
* fix links
* more content
* links
* typos
* polishing
* Update website/docs/user-group-role/access-control/permissions.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* separwate conceptual vs procedural in permissions
* finished groups procedurals
* new page
* added link
* Update website/docs/user-group-role/access-control/permissions.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* polish
* edits from PR review
* restructured view section to remove repetition
* rest of edits from PR review
* polished flows and stages
* polish
* typo
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens L. <jens@goauthentik.io >
2023-10-26 12:31:32 +02:00
78af350610
website/docs: Balok pr for User docs ( #7139 )
...
* procedrual docs
* restructure
* new image, edit tweaks
* more tweaks
* edits
* edits for new button labels
* more content in invitations
* tweaks
* Optimised images with calibre/image-actions
* fixed link
* links
* ken's edits
* changed label name
* spelling checks
* fix links
* links again
* fighting with imports
* ugh
* add extensions back
* fix link
* tweak
* rename file again
* more links
* added punctuation
* use generated index
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-10-12 21:45:21 +02:00
977757f561
policies: provider raw result for better policy reusability ( #5189 )
...
* policies: include raw_result in PolicyResult
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move ak_call_policy to base evaluator
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-06 09:42:29 +02:00
972dce1462
security: fix CVE-2023-26481 ( #4832 )
...
fix CVE-2023-26481
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-03-02 20:15:33 +01:00
cd12e177ea
providers/proxy: add initial header token auth ( #4421 )
...
* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check for openid/profile claims
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include jwks sources in proxy provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add web ui for jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only show sources with JWKS data configured
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix introspection tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start basic
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs, update admonitions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add client_id to api, add tab for auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-13 16:22:03 +01:00
ed3f36e72a
website/docs: update redirect docs
...
closes #4248
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2023-01-05 12:38:38 +01:00
f9b46145de
website/docs: Clarify request.user and add link to Django docs ( #4287 )
...
* Clarify request.user and add link to doc
Signed-off-by: sev <git@sev.monster >
* rephrase a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: sev <git@sev.monster >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-27 14:10:30 +01:00
f4990bb5da
core: bundle geoip ( #4250 )
...
* bundle geoip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* correctly pass secrets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add geoip docs and release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-20 22:09:30 +01:00
1dfc0b2e93
website/docs: update flow context variables
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-13 14:37:37 +00:00
9f5c019daa
core: add helper function to create events from expressions, move ak_user_has_authenticator to base evaluator
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-09-14 21:52:41 +02:00
7a50d5a4f8
website: add note for using request.user in policies when bound to flows
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-09-10 14:08:37 +02:00
5e3f44dd87
flows: add shortcut to redirect current flow ( #3192 )
2022-07-01 23:19:41 +02:00
f9469e3f99
website: format docs with prettier ( #2833 )
...
* run prettier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add scim to comparison
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-05-09 21:22:41 +02:00
6209714f87
policies/expression: add ak_call_policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-09 09:39:28 +01:00
61fab497cf
core: add user flag to prevent users from changing their usernames
...
closes #1590
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-10-20 16:17:19 +02:00
3b7e8e3931
website/docs: fix typos
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-10-19 15:45:15 +02:00
95a2fddfa8
policies/expression: add ak_user_has_authenticator
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-20 19:13:41 +02:00
b1ed2154ac
policies/password: fix PasswordStage not being usable with prompt stages, rework validation logic
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-29 00:40:36 +02:00
eb02c96281
website/docs: make it clearer to use context[]
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-28 12:53:57 +02:00
07a4f474f4
website/docs: add docs for auth_method and auth_method_args fields
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-23 17:23:55 +02:00
d52cc30341
website/docs: fix website build
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-29 22:00:47 +02:00
a4c28a28b4
website/docs: improve docs for expressions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-29 21:47:35 +02:00
