1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-10-24 17:50:54 +00:00
Commit Graph

1940 Commits

Author SHA1 Message Date
Felix Spöttel
ce70f44c58 Extract TOTPStrategy class to totp.py
* this decouples `TOTP` validation and storage logic from `auth` and moves it to `totp`
* reduce `pyotp.validate#valid_window` from `2` to `1`
2020-09-03 11:19:19 +02:00
Felix Spöttel
6594e19a1f Autofocus otp input when logging in, update layout 2020-09-02 20:30:08 +02:00
Felix Spöttel
8597646a12 Update API route naming, update setup page
* Rename /two-factor-auth/ => /2fa/
* Nest totp routes under /2fa/totp/
* Update ids and methods in panel to allow for different setup types
2020-09-02 19:41:06 +02:00
Felix Spöttel
f205c48564 Use pyotp for validating TOTP codes
* also implements resynchronisation support via `pyotp`'s `valid_window option
2020-09-02 19:12:15 +02:00
Felix Spöttel
3c3683429b implement two factor check during login 2020-09-02 17:23:32 +02:00
Felix Spöttel
a7a66929aa add user interface for managing 2fa
* update user schema with 2fa columns
2020-09-02 16:48:23 +02:00
downtownallday
caf90702cc Wording changes 2020-08-29 06:57:33 -04:00
downtownallday
da7468a6b3 Fix unbound variable 2020-08-28 18:14:14 -04:00
downtownallday
f49590d52a Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	README.md
2020-08-26 16:17:28 -04:00
Joshua Tauberer
0d72566c99 Merge v0.48 point release branch 2020-08-26 14:11:56 -04:00
Joshua Tauberer
62db58eaaf v0.48 2020-08-26 14:11:01 -04:00
Joshua Tauberer
891de8d6c3 Upgrade Roundcube to 1.4.8
Merges #1809
2020-08-26 14:10:04 -04:00
Downtown Allday
52aa77f624
Merge pull request #2 from downtownallday/user-displayname
Add a display name field to user accounts
2020-08-25 17:11:06 -04:00
downtownallday
07d83d1e5c Make installed state comparisons ignore new user and alias attributes when comparing MiaB to MiaB-LDAP 2020-08-25 16:36:01 -04:00
downtownallday
5eb008cae9 Skip system updates if SKIP_SYSTEM_UPDATE environment variable is set to "1" 2020-08-25 16:34:56 -04:00
downtownallday
2b2856b517 Fix wording 2020-08-25 16:33:20 -04:00
downtownallday
191b575ab2 Add a display name for users, saved as 'cn' in LDAP 2020-08-25 16:33:06 -04:00
downtownallday
05f4164793 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-08-25 12:37:37 -04:00
Downtown Allday
17048a624d
Merge pull request #1 from downtownallday/alias-comments
Add comment/description for aliases
2020-08-25 12:36:42 -04:00
downtownallday
1fb9316904 spaces -> tabs 2020-08-25 12:21:11 -04:00
downtownallday
22bfef6f59 Display and allow chaninging a comment/description for aliases. Change the default comment for required aliases to "Required alias". 2020-08-25 12:00:55 -04:00
Richard Willis
62b9b1f15f
Add OpenAPI HTTP spec (#1804) 2020-08-22 15:44:19 -04:00
downtownallday
2b981db1d9 Remove nextcloud cron job when miab nextcloud is disabled 2020-08-21 11:52:24 -04:00
downtownallday
d0d12fbc1c Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-08-09 12:13:31 -04:00
David Duque
94da7bb088
status_checks.py: Properly terminate the process pools (#1795)
* Only spawn a thread pool when strictly needed

For --check-primary-hostname, the pool is not used.
When exiting, the other processes are left alive and will hang.

* Acquire pools with the 'with' statement
2020-08-09 11:42:39 -04:00
downtownallday
ac35bdc544 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-07-29 10:34:47 -04:00
Joshua Tauberer
65983b8ac7 Merge v0.47 point release branch 2020-07-29 10:27:06 -04:00
hija
56d0289ed9 v0.47 2020-07-29 10:24:56 -04:00
Marcus Bointon
f253c40012 [backport] Add rate limiting of SSH in the firewall (#1770)
See #1767. Backport of cfc8fb484c.
2020-07-29 10:24:23 -04:00
Joshua Tauberer
4bbe4af377 Update CHANGELOG 2020-07-29 10:23:02 -04:00
Hilko
2c34a6df2b Update roundcube to 1.4.7 2020-07-29 10:15:12 -04:00
Hilko
1098e2b48e
Add noindex to www_default meta tags (#1791) 2020-07-29 10:03:33 -04:00
Richard Willis
c50170b816
Update "Remove Alias" modal title (#1800) 2020-07-29 10:01:20 -04:00
downtownallday
a24cf104e4 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-07-27 07:04:06 -04:00
Marcus Bointon
cd518e6820
Raise Dovecot per user connection limit (#1799) 2020-07-27 06:37:52 -04:00
downtownallday
ccb0421729 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-07-16 07:57:09 -04:00
David Duque
967409b157
Drop requirement for passwords to have no spaces (#1789) 2020-07-16 07:23:11 -04:00
David Duque
1b2711fc42
Add 'always' modifier to the HSTS add_header directive (#1790)
This will make it so that the HSTS header is sent regardless of the request status code (until this point it would only be sent if "the response code equals 200, 201, 206, 301, 302, 303, 307, or 308." - according to thttp://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header)
2020-07-16 07:21:14 -04:00
downtownallday
c866b4d0fa Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-07-08 19:36:15 -04:00
David Duque
e6102eacfb
AXFR Transfers (for secondary DNS servers): Allow IPv6 addresses (#1787) 2020-07-08 18:26:47 -04:00
downtownallday
ebf9088c42 Treat spamhous warning as a warning 2020-07-05 18:41:47 -04:00
downtownallday
3a80acceee Remove unwanted script 2020-07-05 17:40:19 -04:00
downtownallday
861bcb5097 Add Cloud-in-a-Box link 2020-07-05 17:38:52 -04:00
downtownallday
62157fb554 Add a "vanilla" test setup along with a QA certificate authority cert 2020-06-27 17:59:51 -04:00
downtownallday
39956afdc0 Rearrange some code and add a command line parameter to test the ldap connection 2020-06-27 17:58:22 -04:00
downtownallday
014d8a8770 Avoid a non-fatal error. This should be understood better. 2020-06-27 17:56:46 -04:00
downtownallday
310fd259ff Change license to AGPL 2020-06-27 17:55:58 -04:00
downtownallday
af4242fb0c Add an encryption-at-rest restart/remount test 2020-06-23 07:49:47 -04:00
downtownallday
a17d1b190c Remove unused function 2020-06-23 07:48:46 -04:00
downtownallday
257b2ee6f6 Integrate encryption-at-rest support 2020-06-22 12:03:13 -04:00