Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Support authentication using SSH. | Michał Górny | 2013-08-25 | 1 | -0/+1 |
| | |||||
* | Initial SSH server support. | Michał Górny | 2013-08-25 | 1 | -0/+4 |
| | |||||
* | Move crypto-related stuff to okupy.crypto. | Michał Górny | 2013-08-21 | 1 | -1/+1 |
| | |||||
* | Move RevokedToken to common and make it more universal. | Michał Górny | 2013-08-21 | 1 | -1/+1 |
| | |||||
* | Move SSL verification into a dedicated backend. | Michał Górny | 2013-08-12 | 1 | -1/+1 |
| | |||||
* | Use session storage for messages. | Michał Górny | 2013-08-11 | 1 | -0/+2 |
| | |||||
* | Use cache backend for sessions. | Michał Górny | 2013-08-11 | 1 | -0/+2 |
| | |||||
* | Move settings around, so they can actually be overwritten | Theo Chatzimichos | 2013-08-11 | 1 | -47/+47 |
| | |||||
* | Remove Modelbackend, it is useless | Theo Chatzimichos | 2013-08-10 | 1 | -1/+0 |
| | |||||
* | Re-use TOTPDevice for handling 'OTP disabled'. | Michał Górny | 2013-08-09 | 1 | -1/+0 |
| | | | | | There's no point in having a special device that checks if TOTP secret is set. Let's just do that in TOTPDevice. | ||||
* | Revoke used tokens atomically. | Michał Górny | 2013-08-09 | 1 | -0/+1 |
| | | | | This should prevent replay attacks on TOTP and SOTP. | ||||
* | Support SOTP recovery keys. | Michał Górny | 2013-08-09 | 1 | -0/+1 |
| | |||||
* | Support TOTP with database storage (temporarily). | Michał Górny | 2013-08-09 | 1 | -0/+1 |
| | | | | | A dedicated database model is used to store the secrets. If user does not have a secret, it is assumed that he disabled OTP. | ||||
* | Introduce initial code for two-phase auth support. | Michał Górny | 2013-08-09 | 1 | -0/+2 |
| | | | | | | | This commit adds a simple NoOTPDevice model that currently serves the purpose of responding successfully to any request. The login view has been extended with proper OTP device setup and initial verification support. | ||||
* | Move middleware & installed app settings to common. | Michał Górny | 2013-08-09 | 1 | -0/+25 |
| | | | | | | Keeping them split into all those samples is not really beneficial, and makes bisecting painful. Instead, keep the common middleware & apps common, and override as necessary in devel/prod. | ||||
* | Set session expiration in settings. | Michał Górny | 2013-08-08 | 1 | -1/+1 |
| | |||||
* | Introduce ExternalBackend for handling external auth. | Michał Górny | 2013-08-05 | 1 | -0/+1 |
| | | | | | | | Whenever external authentication doesn't really fit the simple auth model django has, ExternalBackend can be used to inject successful authentication. This is done through the additional 'ext_authed' argument which determines the result of the authentication. | ||||
* | as pointed out by dastergon, instance_name key is not used in non-verbose ↵ | Theo Chatzimichos | 2013-07-29 | 1 | -1/+1 |
| | | | | formatter | ||||
* | trivial fix | Theo Chatzimichos | 2013-07-16 | 1 | -1/+1 |
| | |||||
* | Add TLS and CONNECTION_OPTIONS for ldapdb | Theo Chatzimichos | 2013-07-10 | 1 | -0/+2 |
| | |||||
* | whitespace | Theo Chatzimichos | 2013-07-10 | 1 | -1/+0 |
| | |||||
* | Add django-ldapdb in settings and dependency list | Theo Chatzimichos | 2013-07-10 | 1 | -0/+10 |
| | | | | | django-ldapdb is a library that uses LDAP server as Database backend. This way we will be able to use ORM by mapping LDAP users to python objects | ||||
* | Merge branch 'openid-week2' | Theo Chatzimichos | 2013-06-30 | 1 | -0/+4 |
|\ | | | | | | | | | | | Conflicts: okupy/accounts/urls.py okupy/accounts/views.py | ||||
| * | Disable OpenID application. | Michał Górny | 2013-06-26 | 1 | -3/+3 |
| | | | | | | | | The code from it will be moved into accounts app. | ||||
| * | Merge remote-tracking branch 'origin/master' into openid-week2 | Michał Górny | 2013-06-26 | 1 | -4/+4 |
| |\ | |||||
| * | | [OpenID] Explicitly note that login is requested by OpenID request. | Michał Górny | 2013-06-19 | 1 | -0/+4 |
| | | | |||||
| * | | [OpenID] Support minimal site auth. | Michał Górny | 2013-06-19 | 1 | -3/+3 |
| | | | |||||
* | | | minor improvements/renames to the LOGGING contents | Theo Chatzimichos | 2013-06-29 | 1 | -12/+16 |
| | | | |||||
* | | | Move AUTH_LDAP_USER_DN_TEMPLATE to settings/__init__ | Theo Chatzimichos | 2013-06-27 | 1 | -0/+2 |
| | | | | | | | | | | | | | | | | | | The variable is meant to be constructed always from AUTH_LDAP_USER_ATTR and AUTH_LDAP_USER_BASE_DN, and never be touched | ||||
* | | | Merge remote-tracking branch 'tampakrap/local_settings_rename' | Theo Chatzimichos | 2013-06-27 | 1 | -4/+4 |
|\ \ \ | |_|/ |/| | | | | | | | | Conflicts: okupy/settings/__init__.py | ||||
| * | | Rename local_settings to just local | Theo Chatzimichos | 2013-06-25 | 1 | -4/+4 |
| | | | | | | | | | | | | | | | | | | | | | The name local_settings was used when there was settings/ directory, so I needed a way to separate settings.py from local_settings.py The _settings suffix is useless though, we can refer this file as settings/local | ||||
* | | | Use relative imports. | Michał Górny | 2013-06-26 | 1 | -3/+3 |
| | | | |||||
* | | | Fix typo in vim modeline. | Michał Górny | 2013-06-26 | 1 | -1/+1 |
|/ / | | | | | | | It obviously was supposed to be 'sw=4', not 'tw=4'. | ||||
* / | Include vim modelines in all code files. | Michał Górny | 2013-06-25 | 1 | -1/+1 |
|/ | | | | | Modelines enforce project-specific indent, help vim recognize django templates and provide encoding information for Python. | ||||
* | Add ModelBackend for future use of mapping django and ldap groups | Theo Chatzimichos | 2013-06-06 | 1 | -0/+1 |
| | | | | | | | | Enabling it does not affect the authentication, users that are in DB but not in LDAP (or if connection to LDAP is impossible) can still not authenticate. Also, remove useless debug symbols | ||||
* | Additions / fixes in settings: | Theo Chatzimichos | 2013-06-06 | 1 | -1/+1 |
| | | | | | | | | | | | - Introduce AUTH_LDAP_ADMIN_BIND_{DN_PASSWORD} for the admin account It will be used for new user creation - Introduce AUTH_LDAP_USER_OBJECTCLASS with the objectClasses that the new user should belong to - Construct AUTH_LDAP_USER_DN_TEMPLATE from AUTH_LDAP_USER_{ATTR,BASE_DN} so that the two other vars can be reused later for the signup - Add SERVER_EMAIL in tests/settings - Typos | ||||
* | Add django_auth_ldap logging settings | Theo Chatzimichos | 2013-05-11 | 1 | -1/+20 |
| | |||||
* | Move stuff from identity to okupy | Theo Chatzimichos | 2013-05-11 | 1 | -0/+95 |