Pēteris Caune
8fe8e0f605
Update alert email template: more information, less styling
Fixes : #348
4 years ago
Pēteris Caune
c3b6d40012
Fix selectize initialization in the Details page
Fixes : #462
4 years ago
Pēteris Caune
823b3dbc7b
Fix tests
4 years ago
Pēteris Caune
77a5f11cf9
Update OpsGenie instructions
Fixes : #450
4 years ago
Pēteris Caune
0f1abd3498
Add tighter parameter checks in hc.front.views.serve_doc
4 years ago
Pēteris Caune
b8f1bdaf96
Update changelog for release
4 years ago
Pēteris Caune
dfd159ab18
Add a "Lost password?" link with instructions in the Sign In page
4 years ago
Shea Polansky
54a95a0ee2
Add http header auth ( #457 )
* Add HTTP header authentiation backend/middleware
* Add docs for remote header auth
* Improve docs on external auth
* Add warning for unknown REMOTE_USER_HEADER_TYPE
* Move active check for header auth to middleware
Add extra header type sanity check to the backend
* Add test cases for remote header login
* Improve header-based authentication
- remove the 'ID' mode
- add CustomHeaderBackend to AUTHENTICATION_BACKENDS conditionally
- rewrite CustomHeaderBackend and CustomHeaderMiddleware to
use less inherited code
- add more test cases
Co-authored-by: Pēteris Caune <[email protected] >
4 years ago
Pēteris Caune
5e3e371661
Set up CodeQL analysis
4 years ago
Pēteris Caune
70ef9c1904
Remove unused CSS
4 years ago
Pēteris Caune
ea6d04d061
Bump Django version to 3.1.4
4 years ago
Pēteris Caune
5d650f07fb
Fix db field overflow when copying a check with a long name
4 years ago
Pēteris Caune
9623e3eacb
Update 3rd party resources
Move terraform-provider-healthchecksio to the "API Wrappers"
category, which is more appropriate than "Tools for Self-Hosting".
4 years ago
Pēteris Caune
ec40082550
Update 3rd party resources
Move terraform-provider-healthchecksio to the "API Wrappers"
category, which is more appropriate than "Tools for Self-Hosting".
4 years ago
Pēteris Caune
617bd92434
Add Ping.exitstatus field, store received exit status values in db
Fixes #455
4 years ago
Pēteris Caune
524d1a7375
Implement badge mode (up/down vs up/late/down) selector
Fixes #282
4 years ago
Pēteris Caune
dd45c888a7
Rearrange resources, add msfjarvis/healthchecks-rs
4 years ago
Pēteris Caune
b9abcbcdee
Update build badge, remove Travis configuration
4 years ago
Pēteris Caune
62fcd30ce8
Add configuration for running tests with Github Actions ( #453 )
4 years ago
Pēteris Caune
eed7ef36d1
Improve text instructions
4 years ago
Pēteris Caune
0b4251bdee
Add logic to handle exceptions thrown by the fido2 library
4 years ago
Pēteris Caune
c8d387aee4
Improve text instructions
4 years ago
Pēteris Caune
3cfc31610a
Add extra security checks in the login_webauthn view
4 years ago
Pēteris Caune
8448f882cf
Add notes about adding a second key, and removing the last key
4 years ago
Pēteris Caune
568a287850
Fix WebAuthn registration to use random bytes for user handle
User handle is used in a username-less authentication, to map a
credential received from browser with an user account in the
database. Since we only use security keys as a second factor,
the user handle is not of much use to us.
The user handle:
- must not be blank,
- must not be a constant value,
- must not contain personally identifiable information.
So we use random bytes, and don't store them on our end.
4 years ago
Pēteris Caune
8dbf9e02af
Fix capitalization, Webauthn -> WebAuthn
4 years ago
Pēteris Caune
7124383a53
Add checks for RP_ID, add a 2FA section in README
4 years ago
Pēteris Caune
9401bc3987
Update the "Close Account" function to use confirmation codes
4 years ago
Pēteris Caune
48750ee668
Update "Change Password" to show messages in panel's footer
4 years ago
Pēteris Caune
fb79948759
Update the "Change Email" function to use confirmation codes
4 years ago
Pēteris Caune
ed6b15bfa9
Update the "Set Password" function to use confirmation codes
4 years ago
Pēteris Caune
1ca4caa3a8
Update the set_password view to use update_session_auth_hash
Changing user's password logs themselves out. To avoid that,
we were logging the user back in right after changing the password.
I recently discovered update_session_auth_hash, which seems to
be the proper way to do this.
Docs: https://docs.djangoproject.com/en/3.1/topics/auth/default/#session-invalidation-on-password-change
4 years ago
Pēteris Caune
adb7702f39
Rename login_tfa to login_webauthn
4 years ago
Pēteris Caune
7639f0dd69
Add test cases for the login_tfa view
4 years ago
Pēteris Caune
d0f327b213
Add Base64Field field (base64-encoded binary data)
4 years ago
Pēteris Caune
839c309cf7
Refactor for testability, add more test cases
4 years ago
Pēteris Caune
155a1f132b
Simplify super() calls in tests
4 years ago
Pēteris Caune
155226d82a
Add tests for sudo mode
4 years ago
Pēteris Caune
ecf964ea3b
Remove a verify_origin workaround
4 years ago
Pēteris Caune
9f58ebfd3e
Hook up a 2FA check after a password or email link authentication
4 years ago
Pēteris Caune
64be87137b
Add a two-factor authentication form (WIP)
4 years ago
Pēteris Caune
2ac0f87560
Implement a "Remove Security Key" feature
4 years ago
Pēteris Caune
42497fe91a
Add rate limiting to the sudo code form
4 years ago
Pēteris Caune
2c3286c280
Improve the "add security key" UX, require sudo mode
4 years ago
Pēteris Caune
e3aedd3b03
Add require_sudo_mode decorator
Planning to use it for sensitive operations (add/remove security keys),
change email, change password, close account.
The decorator sends a six-digit confirmation code to user's email
and renders a form for entering it back. If the user enters the
correct code, the decorators sets a sudo=active marker in
user's session, valid for 30 minutes.
4 years ago
Pēteris Caune
03ea725612
Add Credential.created field
4 years ago
Pēteris Caune
53688f1d87
Add error handling on the client side, use Django form API
4 years ago
Pēteris Caune
1eaa216d3a
Add experimental code for registering Webauthn credentials
4 years ago
Pēteris Caune
cdd2e98bd0
Remove USE_I18N and USE_L10N from settings
They have the default values and so are redundant.
4 years ago
Pēteris Caune
816c158744
Fix code formatting in the Notification model
4 years ago