janost
043aa27aa3
Implement admin ability to enable/disable users
4 years ago
Daniel García
29c6b145ca
Remove redundant user fetching from login
4 years ago
Daniel García
ad48e9ed0f
Fix unlock on desktop clients
4 years ago
Daniel García
668d5c23dc
Removed try_trait and some formatting, particularly around imports
4 years ago
Jeremy Lin
a28ebcb401
Use local time in email notifications for new device logins
...
In this implementation, the `TZ` environment variable must be set
in order for the formatted output to use a more user-friendly
time zone abbreviation (e.g., `UTC`). Otherwise, the output uses
the time zone's UTC offset (e.g., `+00:00`).
4 years ago
Daniel García
0807783388
Add ip on totp miss
5 years ago
Daniel García
9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints
5 years ago
Jeremy Lin
c06162b22f
Handle `devicePushToken`
...
Mobile push isn't currently supported, but this should get rid of spurious
`Detected unexpected parameter during login: devicepushtoken` warnings.
5 years ago
Daniel García
5cabf4d040
Fix IP not shown when failed login ( Fixes #761 )
5 years ago
Daniel García
912e1f93b7
Fix some lints
5 years ago
tomuta
bd1e8be328
Implement change-email, email-verification, account-recovery, and welcome notifications
5 years ago
vpl
2edecf34ff
Use user_uuid instead of mut twofactor
5 years ago
vpl
18bc8331f9
Send email when preparing 2FA JsonError
5 years ago
BlackDex
ebf40099f2
Updated authenticator TOTP
...
- Added security check for previouse used codes
- Allow TOTP codes with 1 step back and forward when there is a time
drift. This means in total 3 codes could be valid. But only newer codes
then the previouse used codes are excepted after that.
5 years ago
vpl
5d50b1ee3c
Merge remote-tracking branch 'upstream/master' into email-codes
5 years ago
vpl
ee7837d022
Add option to require new device emails
5 years ago
Daniel García
07743e490b
Ignore error sending device email
5 years ago
vpl
6d460b44b0
Use saved token for email 2fa codes
5 years ago
vpl
efd8d9f528
Remove some unused imports, unneeded mut variables
5 years ago
vpl
29aedd388e
Add email code logic and move two_factor into separate modules
5 years ago
vpl
27e0e41835
Add email authenticator logic
5 years ago
vpl
df71f57d86
Move send device email to end of password login
...
Send new device email after two factor authentication.
5 years ago
vpl
60e39a9dd1
Move retrieve/new device from connData to separate function
5 years ago
vpl
bc6a53b847
Add new device email when user logs in
5 years ago
Emil Madsen
e22e290f67
Fix key and type variable names for mysql
6 years ago
Daniel García
253faaf023
Use users duo host when required, instead of always using the global one
6 years ago
Daniel García
8d9827c55f
Implement selection between global config and user settings for duo keys.
6 years ago
Daniel García
754087b990
Add global duo config and document options in .env template
6 years ago
Daniel García
cfbeb56371
Implement user duo, initial version
...
TODO:
- At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting.
- Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.
6 years ago
Daniel García
7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code.
...
Added newlines to config options to keep them a reasonable length.
6 years ago
Daniel García
5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints
6 years ago
Daniel García
9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens
6 years ago
Daniel García
700e084101
Add 2FA icon to admin panel
6 years ago
Daniel García
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
...
Improved some two factor methods.
6 years ago
Daniel García
30e768613b
Start using rustfmt and some style changes to make some lines shorter
6 years ago
Daniel García
6a99849a1e
Implemented proper error handling, now we can do `user.save($conn)?;` and it works.
...
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
6 years ago
Daniel García
5a9aab1a32
Implement fromform, and ignore case and underscores, fixes #298
6 years ago
algebro
e26e2319da
Close #264 . Usernames and IP addresses are logged on successful authentication
6 years ago
Daniel García
7adc045b80
Updated IP logging to use client_ip, to match old remote behavior.
...
Improved error logging, now it won't show a generic error message in some situations.
Removed delete device, which is not needed as it will be overwritten later.
Logged more info when an error occurs saving a device.
Added orgmanager to JWT claims.
6 years ago
Daniel García
738ad2127b
Fixed some clippy linting issues
6 years ago
Daniel García
cb930a0858
Remove some required values during login, now uses default values
6 years ago
Daniel García
94810c106a
Migrate to rust 2018 edition
6 years ago
Daniel García
5edbd0e952
Merge branch 'master' into rocket-0.4
...
# Conflicts:
# Cargo.lock
# Cargo.toml
# src/api/core/mod.rs
6 years ago
Stepan Fedorko-Bartos
f344dbaad4
Fixes NFC Response for Mobile Login
6 years ago
Stepan Fedorko-Bartos
9e0e4b13c5
Adds Yubikey OTP Support
6 years ago
Daniel García
bc532f54d5
Improve login query parsing
6 years ago
Daniel García
c673370103
Updated bw_rs to Rocket version 0.4-rc1
6 years ago
janost
58a78ffa54
Device::save() should return QueryResult instead of bool
6 years ago
Miroslav Prasil
a28caa33ef
Implement poor man's admin panel
6 years ago
Daniel García
8651df8c2a
Fixed some lint issues
6 years ago