Daniel García
|
43f9038325
|
Add option to force resync clients in admin panel
|
6 years ago |
Daniel García
|
0718a090e1
|
Trim spaces from admin token during authentication and validate that the admin panel token is not empty
|
6 years ago |
Daniel García
|
04922f6aa0
|
Some formatting and dependency updates
|
6 years ago |
Дамјан Георгиевски
|
473f8b8e31
|
remove some unneeded mutability
|
6 years ago |
Shane Faulkner
|
8b5b06c3d1
|
Allow the Admin token to be disabled in the advanced menu
|
6 years ago |
Daniel García
|
6027b969f5
|
Delete old devices when deauthorizing user sessions
|
6 years ago |
Daniel García
|
9636f33fdb
|
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens
|
6 years ago |
Daniel García
|
28d1588e73
|
Show version in admin panel
|
6 years ago |
Daniel García
|
f3b1a5ff3e
|
Error when admin panel is disabled
|
6 years ago |
Daniel García
|
ef63342e20
|
Add reset user config button
|
6 years ago |
Daniel García
|
3db815b969
|
Implemented config form and fixed config priority
|
6 years ago |
Daniel García
|
ade293cf52
|
Save config
|
6 years ago |
Daniel García
|
877408b808
|
Implement basic config loading and updating. No save to file yet.
|
6 years ago |
Daniel García
|
86ed75bf7c
|
Config can now be serialized / deserialized
|
6 years ago |
Daniel García
|
c0e350b734
|
Disable icon downloads, accept optional query after icon href, format and clippy fixes
|
6 years ago |
Daniel García
|
69036cc6a4
|
Add disabled user badge (no password) and deauthorize button to admin page.
|
6 years ago |
Daniel García
|
a1dc47b826
|
Change config to thread-safe system, needed for a future config panel.
Improved some two factor methods.
|
6 years ago |
Daniel García
|
bfd93e5b13
|
Show organizations in admin panel, implement reload templates option
|
6 years ago |
Daniel García
|
a797459560
|
Implement HIBP check [WIP].
Add extra security attributes to admin cookie.
Error handling.
|
6 years ago |
Daniel García
|
6cbb683f99
|
Rename admin templates to match email
|
6 years ago |
Daniel García
|
92bbb98d48
|
Created base template
|
6 years ago |
Daniel García
|
834c847746
|
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template
|
6 years ago |
Daniel García
|
a0a08c4c5a
|
Include IP in invalid admin token error
|
6 years ago |
Daniel García
|
4309df8334
|
Only create invitations when SMTP is disabled, and ignore invitations if we have a token.
Disallow users from accepting invitation twice
|
6 years ago |
Nick Fox
|
0a74e79cea
|
Refactor generate_invite_claims, make org_name and org_id optional
|
6 years ago |
Nick Fox
|
cec28a85ac
|
Update admin page to work with new invitation flow
|
6 years ago |
Daniel García
|
b2fc0499f6
|
Finish invite functionality, and remove virtual organization
|
6 years ago |
Daniel García
|
6a99849a1e
|
Implemented proper error handling, now we can do `user.save($conn)?;` and it works.
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
|
6 years ago |
Daniel García
|
1b5134dfe2
|
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
|
6 years ago |
Daniel García
|
5fecf09631
|
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
|
6 years ago |