52 Commits (c5b7447dac3aa7620f039d2849d0fa149105adf4)

Author	SHA1	Message	Date
vpl	2edecf34ff	Use user_uuid instead of mut twofactor	5 years ago
vpl	18bc8331f9	Send email when preparing 2FA JsonError	5 years ago
BlackDex	ebf40099f2	Updated authenticator TOTP ... - Added security check for previouse used codes - Allow TOTP codes with 1 step back and forward when there is a time drift. This means in total 3 codes could be valid. But only newer codes then the previouse used codes are excepted after that.	5 years ago
vpl	5d50b1ee3c	Merge remote-tracking branch 'upstream/master' into email-codes	5 years ago
vpl	ee7837d022	Add option to require new device emails	5 years ago
Daniel García	07743e490b	Ignore error sending device email	5 years ago
vpl	6d460b44b0	Use saved token for email 2fa codes	5 years ago
vpl	efd8d9f528	Remove some unused imports, unneeded mut variables	5 years ago
vpl	29aedd388e	Add email code logic and move two_factor into separate modules	5 years ago
vpl	27e0e41835	Add email authenticator logic	5 years ago
vpl	df71f57d86	Move send device email to end of password login ... Send new device email after two factor authentication.	5 years ago
vpl	60e39a9dd1	Move retrieve/new device from connData to separate function	5 years ago
vpl	bc6a53b847	Add new device email when user logs in	5 years ago
Emil Madsen	e22e290f67	Fix key and type variable names for mysql	6 years ago
Daniel García	253faaf023	Use users duo host when required, instead of always using the global one	6 years ago
Daniel García	8d9827c55f	Implement selection between global config and user settings for duo keys.	6 years ago
Daniel García	754087b990	Add global duo config and document options in .env template	6 years ago
Daniel García	cfbeb56371	Implement user duo, initial version ... TODO: - At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting. - Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.	6 years ago
Daniel García	7d2bc9e162	Added option to force 2fa at logins and made some changes to two factor code. ... Added newlines to config options to keep them a reasonable length.	6 years ago
Daniel García	5ee04e31e5	Updated dependencies, removed some unnecessary clones and fixed some lints	6 years ago
Daniel García	9636f33fdb	Implement constant time equal check for admin, 2fa recover and 2fa remember tokens	6 years ago
Daniel García	700e084101	Add 2FA icon to admin panel	6 years ago
Daniel García	a1dc47b826	Change config to thread-safe system, needed for a future config panel. ... Improved some two factor methods.	6 years ago
Daniel García	30e768613b	Start using rustfmt and some style changes to make some lines shorter	6 years ago
Daniel García	6a99849a1e	Implemented proper error handling, now we can do `user.save($conn)?;` and it works. ... In the future, maybe we can do the same with the `find_by_id` methods that return an Option.	6 years ago
Daniel García	5a9aab1a32	Implement fromform, and ignore case and underscores, fixes #298	6 years ago
algebro	e26e2319da	Close #264. Usernames and IP addresses are logged on successful authentication	6 years ago
Daniel García	7adc045b80	Updated IP logging to use client_ip, to match old remote behavior. ... Improved error logging, now it won't show a generic error message in some situations. Removed delete device, which is not needed as it will be overwritten later. Logged more info when an error occurs saving a device. Added orgmanager to JWT claims.	6 years ago
Daniel García	738ad2127b	Fixed some clippy linting issues	6 years ago
Daniel García	cb930a0858	Remove some required values during login, now uses default values	6 years ago
Daniel García	94810c106a	Migrate to rust 2018 edition	6 years ago
Daniel García	5edbd0e952	Merge branch 'master' into rocket-0.4 ... # Conflicts: # Cargo.lock # Cargo.toml # src/api/core/mod.rs	6 years ago
Stepan Fedorko-Bartos	f344dbaad4	Fixes NFC Response for Mobile Login	6 years ago
Stepan Fedorko-Bartos	9e0e4b13c5	Adds Yubikey OTP Support	6 years ago
Daniel García	bc532f54d5	Improve login query parsing	6 years ago
Daniel García	c673370103	Updated bw_rs to Rocket version 0.4-rc1	6 years ago
janost	58a78ffa54	Device::save() should return QueryResult instead of bool	6 years ago
Miroslav Prasil	a28caa33ef	Implement poor man's admin panel	6 years ago
Daniel García	8651df8c2a	Fixed some lint issues	6 years ago
Daniel García	948554a20f	Added config option for websocket port, and reworked the config parsing a bit. ... Added SMTP_FROM config to examples and made it mandatory, it doesn't make much sense to not specify the from address.	6 years ago
Baelyk	c386b3bcf7	Add IP and Username to failed login attempts ... Resolves #119	6 years ago
Daniel García	819622e310	Documented U2F, removed debug prints, and documented missing features	6 years ago
Daniel García	dae92b9018	Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device.	6 years ago
Miroslav Prasil	9f8183deb0	Remove some extra debug prints	6 years ago
Daniel García	483066b9a0	Some style changes, removed useless matches and formats	7 years ago
Daniel García	b0ee5f6570	Improved two factor auth	7 years ago
Daniel García	4093bf92fe	Initial organizations functionality: Creating orgs and inviting users	7 years ago
Daniel García	dfefbf1f31	Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings	7 years ago
Daniel García	d6a1a9b274	Detect device type correctly and shorten return types of functions	7 years ago
Daniel García	84a75c871b	Improved error messagees, implemented delete ciphers, attachments and account, implemented two factor recovery. ... Known missing: - import ciphers, create ciphers types other than login and card, update ciphers - clear and put device_tokens - Equivalent domains - Organizations	7 years ago