external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity
mailinabox/management
History
Joshua Tauberer e884c4774f Replace HMAC-based session API keys with tokens stored in memory in the daemon process 
Since the session cache clears keys after a period of time, this fixes #1821.

Based on https://github.com/mail-in-a-box/mailinabox/pull/2012, and so:

Co-Authored-By: NewbieOrange <NewbieOrange@users.noreply.github.com>

Also fixes #2029 by not revealing through the login failure error message whether a user exists or not.
 		2021-09-06 09:23:58 -04:00
..
templates Replace HMAC-based session API keys with tokens stored in memory in the daemon process 2021-09-06 09:23:58 -04:00
auth.py Replace HMAC-based session API keys with tokens stored in memory in the daemon process 2021-09-06 09:23:58 -04:00
backup.py Implement Backblaze for Backup (#1812) 2020-11-26 07:13:31 -05:00
cli.py Add MFA list/disable to the management CLI so admins can restore access if MFA device is lost 2020-10-31 10:23:43 -04:00
csr_country_codes.tsv drop the CSR_COUNTRY setting and ask within the control panel 2015-12-26 11:48:23 -05:00
daemon.py Replace HMAC-based session API keys with tokens stored in memory in the daemon process 2021-09-06 09:23:58 -04:00
daily_tasks.sh daily_tasks.sh: redirect stderr to stdout (#1768) 2020-06-07 09:56:45 -04:00
dns_update.py Add null SPF, DMARC, and MX records for automatically generated autoconfig, autodiscover, and mta-sts subdomains; add null MX records for custom A-record subdomains 2021-05-15 16:42:14 -04:00
email_administrator.py send the mail_log.py report to the box admin every Monday 2018-02-25 11:55:06 -05:00
mail_log.py Ignore bad encoding in email addresses when parsing maillog files (#2017) 2021-08-16 11:46:32 -04:00
mailconfig.py Reorganize the MFA backend methods 2020-09-26 09:58:25 -04:00
mfa.py Add MFA list/disable to the management CLI so admins can restore access if MFA device is lost 2020-10-31 10:23:43 -04:00
munin_start.sh update bind9 configuration 2018-10-03 14:28:43 -04:00
ssl_certificates.py Display certificate expiry dates in ISO format (#1841) 2020-10-16 16:22:36 -04:00
status_checks.py Recommend that DS records be updated to not use SHA1 and exclude MUST NOT methods (SHA1) and the unlikely option RSASHA1-NSEC3-SHA1 (7) + SHA-384 (4) from the DS record suggestions 2021-08-22 14:43:46 -04:00
utils.py move the custom exclusive process code from utils.py into a new python package named exclusiveprocess 2017-01-15 11:02:23 -05:00
web_update.py Add null SPF, DMARC, and MX records for automatically generated autoconfig, autodiscover, and mta-sts subdomains; add null MX records for custom A-record subdomains 2021-05-15 16:42:14 -04:00