Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | move password and email settings to another page | Pavlos Ratis | 2013-09-04 | 3 | -14/+86 |
| | |||||
* | add support for user settings | Pavlos Ratis | 2013-09-01 | 3 | -8/+246 |
| | | | | | | | | | | | | | | | | | | | Basic setting pages that allow users to edit easily their LDAP attributes via web forms. Settings: * Profile settings (first name , last name, email , timezone, birthday, * passwords) * Contact settings (website, IM , GPG fingerprint, location, longitude, latitude) * Gentoo settings (mentors, developer bug, join date, retire date, ssh key) Notes: * Currently settings work only with single values and not * listfields. * Timezone needed for OpenID (cc: @mgorny) * Gentoo Account Settings page is available for everyone.(testing purposes) | ||||
* | Add tests for ldapuser and get_bound_ldapuser | Theo Chatzimichos | 2013-08-28 | 1 | -3/+0 |
| | |||||
* | Fix flake8 errors | Theo Chatzimichos | 2013-08-26 | 4 | -27/+30 |
| | |||||
* | switch back to non-relative imports, they proved to be confusing | Theo Chatzimichos | 2013-08-25 | 6 | -24/+25 |
| | |||||
* | Move OkupyError to okupy/__init__ | Theo Chatzimichos | 2013-08-25 | 1 | -1/+1 |
| | |||||
* | Store SSH handler list in settings. | Michał Górny | 2013-08-25 | 1 | -5/+1 |
| | |||||
* | Support authentication using SSH. | Michał Górny | 2013-08-25 | 2 | -0/+38 |
| | |||||
* | Introduce the concept of auth handlers. | Michał Górny | 2013-08-25 | 1 | -0/+8 |
| | | | | | Somehow similar to views. We pass command and its arguments as username, the thing splits it and looks for handler for the command. | ||||
* | Switch ciphers to output urlsafe base64. | Michał Górny | 2013-08-21 | 1 | -1/+1 |
| | |||||
* | Move crypto-related stuff to okupy.crypto. | Michał Górny | 2013-08-21 | 3 | -4/+4 |
| | |||||
* | Move RevokedToken to common and make it more universal. | Michał Górny | 2013-08-21 | 1 | -3/+3 |
| | |||||
* | Move session ID encryption, decryption & validation to SessionRefCipher. | Michał Górny | 2013-08-21 | 2 | -29/+8 |
| | |||||
* | ssl_auth: check decrypted session ID validity. | Michał Górny | 2013-08-20 | 2 | -10/+12 |
| | | | | | | Before putting encrypted session ID in the form, we place it in session. Therefore, we can easily check if given session ID was valid by confirming that it's in the session, and it is the same. | ||||
* | SSL auth: decrypt session ID in forms cleanup. | Michał Górny | 2013-08-20 | 2 | -4/+14 |
| | | | | Also, raise ValidationError for broken ciphertext. | ||||
* | Add @anonymous_required decorator | Theo Chatzimichos | 2013-08-19 | 1 | -1/+3 |
| | |||||
* | Improvements in signup/activate views: | Theo Chatzimichos | 2013-08-19 | 1 | -15/+24 |
| | | | | | | Use .latest() for getting the max uidNumber Add all needed LDAP attributes Other minor improvements | ||||
* | Remove try/except block, ldap connection check is performed already | Theo Chatzimichos | 2013-08-19 | 1 | -6/+1 |
| | |||||
* | check if the passwords match in form.is_valid() | Theo Chatzimichos | 2013-08-19 | 2 | -3/+8 |
| | |||||
* | Revoke OTP tokens in views rather than backends. | Michał Górny | 2013-08-19 | 1 | -0/+8 |
| | | | | | | Since we use a single revoked token database, we should also revoke each input once. When revocation was done in models, the second backend would always hit the token already revoked. Instead, revoke them in views. | ||||
* | login: ask only for password when upgrading auth. | Michał Górny | 2013-08-19 | 2 | -5/+21 |
| | |||||
* | login: give a proper info() message when asking for strong auth. | Michał Górny | 2013-08-19 | 1 | -7/+10 |
| | |||||
* | Merge pull request #69 from mgorny/otp-ldap | Theo Chatzimichos | 2013-08-19 | 1 | -5/+7 |
|\ | | | | | Proper bind for OTP setup | ||||
| * | Bind properly for *OTP setup. | Michał Górny | 2013-08-18 | 1 | -5/+7 |
| | | |||||
* | | update models with the new attributes | Pavlos Ratis | 2013-08-18 | 1 | -5/+8 |
|/ | | | | | | | New attributes: 1) gentooPlanetFeed - Link to developer's rss feed to planet(future use) 2) gentooUniverseFeed - Link to developer's rss feed to universe(future use) 3) website - User's website, weblog, etc. | ||||
* | rename accounts_lists view to lists | Pavlos Ratis | 2013-08-18 | 2 | -4/+4 |
| | |||||
* | add url tag to templates | Pavlos Ratis | 2013-08-18 | 1 | -5/+5 |
| | | | | | Using url tag the templates become more portable and respect the DRY principle. | ||||
* | Merge pull request #66 from mgorny/otp-ldap | Theo Chatzimichos | 2013-08-17 | 2 | -2/+3 |
|\ | | | | | Use LDAP as secret backend for OTP. | ||||
| * | Use LDAP as secret backend for OTP. | Michał Górny | 2013-08-18 | 2 | -2/+3 |
| | | |||||
* | | Merge pull request #63 from dastergon/improve_lists_view | Theo Chatzimichos | 2013-08-17 | 2 | -16/+14 |
|\ \ | |/ |/| | Improved and added per-view caching on lists | ||||
| * | add per-view caching on lists | Pavlos Ratis | 2013-08-17 | 1 | -0/+2 |
| | | | | | | | | | | Added a per-view caching to lists which reliefs server from HTTP requests and improves performance. | ||||
| * | improved dev lists view | Pavlos Ratis | 2013-08-17 | 2 | -16/+12 |
| | | | | | | | | | | Improved lists view by replacing class-based view to a more flexible view suggested by tampakrap and mgorny. | ||||
* | | Add @strong_auth_required decorator. | Michał Górny | 2013-08-17 | 1 | -2/+7 |
| | | | | | | | | And support re-login with @strong_auth_required. | ||||
* | | Reuse @require_POST decorator from django. | Michał Górny | 2013-08-17 | 1 | -4/+2 |
| | | |||||
* | | OpenID: make nonce creation atomic. | Michał Górny | 2013-08-17 | 1 | -6/+8 |
| | | | | | | | | | | get_or_create() is pointless, non-atomic thing. Instead, just try to create the nonce and catch IntegrityError. | ||||
* | | Fix handling timedeltas in use_nonce(). | Michał Górny | 2013-08-17 | 1 | -1/+1 |
| | | |||||
* | | Merge pull request #61 from mgorny/openid-auto-logout | Theo Chatzimichos | 2013-08-17 | 2 | -5/+26 |
|\ \ | | | | | | | OpenID auto logout | ||||
| * | | OpenID: always enable auto-logout for SSL cert auth. | Michał Górny | 2013-08-14 | 1 | -0/+6 |
| | | | |||||
| * | | OpenID: add 'auto logout' option. | Michał Górny | 2013-08-14 | 2 | -5/+20 |
| |/ | | | | | | | | | That is, make it possible to automatically logout after sending OpenID response. | ||||
* | | Replace get_ldap_connection with LDAPUser | Theo Chatzimichos | 2013-08-17 | 1 | -47/+27 |
| | | |||||
* | | Add support for secondary password | Pavlos Ratis | 2013-08-17 | 1 | -2/+15 |
|/ | | | | | | Using OkupyCipher I generate a new random secondary password and I add it to the session. This feature improves user experience and prevents user from submitting password all time. | ||||
* | Move SSL verification into a dedicated backend. | Michał Górny | 2013-08-12 | 1 | -28/+7 |
| | |||||
* | SSL auth: authenticate directly into session. | Michał Górny | 2013-08-12 | 3 | -40/+66 |
| | | | | | | Do not use dedicated tokens. Instead pass the encrypted session identifier and write the authentication results directly into the current session. | ||||
* | Merge pull request #47 from dastergon/prof_page_ldapdb | Theo Chatzimichos | 2013-08-12 | 1 | -35/+2 |
|\ | | | | | Use LDAPUser and ldapdb in profile page | ||||
| * | use LDAPUser and ldapdb in profile page | Pavlos Ratis | 2013-08-08 | 1 | -35/+2 |
| | | | | | | | | | | | | Currently I am using anon LDAP queries to parse data. In the future when we will implement a secondary password I'll add user LDAP queries. | ||||
* | | Support SOTP recovery keys. | Michał Górny | 2013-08-09 | 1 | -0/+18 |
| | | |||||
* | | Support displaying QRCode for TOTP URI. | Michał Górny | 2013-08-09 | 2 | -1/+17 |
| | | |||||
* | | Introduce 'otp-setup', to set TOTP up. | Michał Górny | 2013-08-09 | 2 | -0/+44 |
| | | |||||
* | | Introduce a dummy token input. | Michał Górny | 2013-08-09 | 2 | -12/+40 |
| | | |||||
* | | Introduce initial code for two-phase auth support. | Michał Górny | 2013-08-09 | 1 | -4/+9 |
| | | | | | | | | | | | | | | This commit adds a simple NoOTPDevice model that currently serves the purpose of responding successfully to any request. The login view has been extended with proper OTP device setup and initial verification support. |