eaa573c715
fully remove raven and switch WSGI and logging to sentry_sdk
2019-04-05 16:11:53 +02:00
660972e303
add ability to have non-expiring nonces, clean up expired nonces
2019-04-04 21:49:10 +02:00
a21012bf0c
switch from raven to sentry_sdk
2019-04-04 21:48:50 +02:00
10b7d99b37
Merge branch 'master' into 30-application-security-gateway
...
# Conflicts:
# passbook/core/policies.py
# passbook/core/settings.py
2019-03-21 14:58:10 +01:00
260c5555fa
add redis dependency back in for caching
2019-03-21 11:08:08 +01:00
ae3d3d0295
fix TypeError: can only concatenate list (not "str") to list
2019-03-20 22:50:09 +01:00
c23ceacd0b
initial implementation of reverse proxy, using django-revproxy from within a middleware
...
add new config entry "primary_domain" which is used to set the cookie domain
2019-03-20 22:42:47 +01:00
5f50fcfcf5
detect HTTPS from reverse proxy
2019-03-14 18:01:41 +01:00
4c22e5c2c8
don't use celery heartbeat, use TCP keepalive instead
2019-03-12 13:34:54 +01:00
edd856df7d
redis -> rabbitmq
2019-03-11 20:46:19 +01:00
501fed1922
rewrite PasswordFactor to use backends setting instead of trying all backends
2019-03-10 21:47:08 +01:00
2d7e8f1b50
add group administration
2019-03-08 15:49:45 +01:00
cd91d5ca15
Merge branch '1-suspicious-request' into 'master'
...
Resolve "Suspicious request detector (many invalid logins from one IP, many attempts on one username, etc)"
Closes #1
See merge request BeryJu.org/passbook!3
2019-03-03 20:04:56 +00:00
a4842c1f95
add sentry configuration
2019-03-03 20:48:31 +01:00
fb82d56307
create suspicious request detector and policy, add request to policy engine
2019-03-03 20:26:25 +01:00
c7fc444c95
add password policy
2019-03-03 17:12:05 +01:00
96f7e70f9e
enable always_eager when unittesting
2019-02-26 14:24:50 +01:00
39d9fe9bf0
add passbook.pretend to use passbook in applications which don't support generic OAuth
2019-02-26 09:10:37 +01:00
10d6a30f2c
add experimental HaveIBeenPwned Password Policy
2019-02-25 17:21:56 +01:00
bb81bb5a8d
totp => otp, integrate with factors, new setup form
2019-02-25 12:29:40 +01:00
b7ac4f1dd2
add psycopg2 as dependency
2019-02-21 16:30:56 +01:00
c941107d42
Rules -> Policies, more things
2019-02-21 16:06:57 +01:00
d32699b332
remove reversion
2019-02-16 09:53:32 +01:00
59a15c988f
Move Factor instances to database
2019-02-16 09:52:37 +01:00
d5ab20ee12
fix coverage failing
2019-02-11 17:36:36 +01:00
648f614a1a
redo migrations, cleanup
2019-02-08 14:57:59 +01:00
d4a6e28fe6
core: add custom group model with hierarchy , add tree admin
2018-12-27 00:38:42 +01:00
70afabec7e
Switch to explicit AppConfig declaration
2018-12-26 14:32:33 +01:00
5f9befb5ee
core: load db from yml
2018-12-18 13:26:47 +01:00
196be4b3b0
Add captcha_factor
2018-12-14 13:51:12 +01:00
fbf58801ec
totp: rename tfa to totp
2018-12-14 10:09:57 +01:00
52d1920914
core: fix mfa, split up into multiple files, move factors to settings
2018-12-14 09:49:34 +01:00
43fe9e062d
core: add static root
2018-12-09 22:12:41 +01:00
db3ae58a21
core: switch to different cookie names
2018-12-09 21:06:36 +01:00
731b745d0c
core: switch role evaluating to celery worker
2018-11-27 16:23:29 +01:00
cde35515c7
Fix prospector errors and move secret_key to yaml config
2018-11-27 10:56:40 +01:00
c507e310b5
switch to self-rendered forms
2018-11-26 22:07:40 +01:00
15ed14046e
Fixup verbose names
2018-11-26 17:17:32 +01:00
76a43a7818
Fix oauth2 authorisation form not working
2018-11-25 12:31:55 +01:00
28557806c5
Fix some settings not being overwritten
2018-11-24 22:27:02 +01:00
d0a7bf5ecc
Add api and audit structure
2018-11-23 17:05:41 +01:00
e9e6f632e3
Fix message icons and show messages on login view
2018-11-23 09:44:22 +01:00
095a5c0268
core: add basic model against which rules can be checked
2018-11-22 13:12:59 +01:00
c1276e9695
redo models again
2018-11-16 11:41:14 +01:00
a2904d3ade
more cleanup, remove supervisr imports
2018-11-16 10:08:15 +01:00
fbaab4efaf
Many broken things
2018-11-16 09:10:35 +01:00
5aa245cac0
add working oauth and ldap client
2018-11-11 13:41:48 +01:00