beenull/sftpgo-mirror

mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 15:40:23 +00:00

Author	SHA1	Message	Date
Nicola Murino	002a06629e	refactoring of user session counters Fixes #792 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-14 19:07:41 +02:00
Nicola Murino	254b2ae87f	add support for AWS container Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-03 08:52:36 +02:00
Nicola Murino	5cccb872bb	add support to redirect HTTP to HTTPS Fixes #777 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-26 10:00:02 +01:00
Nicola Murino	aaf940edab	enforce CSRF token usage by the same IP for which it was issued Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-26 08:41:50 +01:00
Nicola Murino	d955ddcef9	check that the jwt token is used by the same IP for which it Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-24 22:03:17 +01:00
Nicola Murino	93b9c1617e	web UI: allow to load custom css Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-19 21:44:27 +01:00
Nicola Murino	d9f30e7ac5	add a global whitelist if defined only the listed IPs/networks can access the configured services, all other client connections will be dropped before they even try to authenticate Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-17 22:10:52 +01:00
Nicola Murino	d8de0faef5	allow to require two-factor auth for users Fixes #721 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-06 16:57:13 +01:00
Nicola Murino	79857a8733	config: restore defaults for smtp templates path It was mistakenly deleted in the previous commit Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-27 14:16:38 +01:00
Nicola Murino	dcc3292dbc	web setup: add an optional installation code The purpose of this code is to prevent anyone who can access to the initial setup screen from creating an admin user Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-27 13:08:47 +01:00
Nicola Murino	c6b8644828	OIDC: execute pre-login hook after IDP authentication so the SFTPGo users can be auto-created using the hook Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-19 10:53:35 +01:00
Nicola Murino	f1a255aa6c	httpd: allow to restrict allowed hosts ... ... and to add security headers to the responses Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-17 18:22:27 +01:00
Nicola Murino	f1832d4478	shares: add an upload form for shares with write scope Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-15 19:19:25 +01:00
Nicola Murino	1fccd05e9e	allow to configure the minimum version of TLS to be enabled Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 15:56:07 +01:00
Nicola Murino	66945c0a02	Web UIs: add OpenID Connect support Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 14:30:20 +01:00
Nicola Murino	fa0ca8fe89	quota summary and docs improvements Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-08 12:43:08 +01:00
Nicola Murino	9382db751c	make HTTP shares browsable if you share a single folder with read scope, you can now browse the share and download single files Fixes #674 See #677 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-06 16:46:43 +01:00
Nicola Murino	1df1225eed	add support for data transfer bandwidth limits with total limit or separate settings for uploads and downloads and overrides based on the client's IP address. Limits can be reset using the REST API Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 11:42:36 +01:00
Jeremy Clerc	9709aed5e6	httpd: webpath redirect using status found (302) 301 MovedPermanently is cached by the browser which can be annoying when it is is on base path like / while one may reuse the domain (e.g. localhost) for other apps/tests. Fixes #695 Signed-off-by: Jeremy Clerc <jeremy@clerc.io>	2022-01-26 21:50:37 +01:00
Nicola Murino	1f619d5ea6	make the sdk a separate module The SFTPGo SDK now is at the following URL https://github.com/sftpgo/sdk Fixes #657 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 11:54:43 +01:00
Nicola Murino	7c68b03d07	move plugin handling outside the sdk package Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-05 11:37:45 +01:00
Nicola Murino	2912b2e92e	sdk: add a logger interface we are now ready to make the sdk a separate module Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 16:07:41 +01:00
Nicola Murino	ad483b7581	httpd: switch back to chi Recoverer now that the required patch is merged Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 09:48:16 +01:00
Nicola Murino	a587228cf0	add support for metadata plugins	2021-12-16 18:18:36 +01:00
Nicola Murino	c153330ab8	web client: use fetch to upload files also add REST API to upload a single file as POST body	2021-12-08 19:25:22 +01:00
Nicola Murino	bedc8e288b	web client: add support for integrating external viewers/editors	2021-12-03 18:33:08 +01:00
Nicola Murino	3f3591bae0	web client: allow to preview images and pdf pdf depends on browser support. It does not work on mobile devices.	2021-11-25 19:24:32 +01:00
Nicola Murino	3d6b09e949	REST API: expose OpenAPI schema and render it using Swagger UI Fixes #609	2021-11-21 09:32:51 +01:00
Nicola Murino	fb8f013ea7	web: update permissions on cookie refresh	2021-11-20 10:48:39 +01:00
Nicola Murino	0833b4698e	httpd service: add CORS support	2021-11-13 23:14:50 +01:00
Nicola Murino	78233ff9a3	web UI/REST API: add password reset In order to reset the password from the admin/client user interface, an SMTP configuration must be added and the user/admin must have an email address. You can prohibit the reset functionality on a per-user basis by using a specific restriction. Fixes #597	2021-11-13 13:25:43 +01:00
Nicola Murino	3bc58f5988	WebClient/REST API: add sharing support	2021-11-06 14:13:20 +01:00
Nicola Murino	74fc3aaf37	REST API: add events search	2021-10-23 15:47:21 +02:00
Nicola Murino	4aa9686e3b	refactor custom actions SFTPGo is now fully auditable, all fs and provider events that change something are notified and can be collected using hooks/plugins. There are some backward incompatible changes for command hooks	2021-10-10 13:08:05 +02:00
Nicola Murino	64e87d64bd	web client UI: allow to edit plain text files Fixes #567	2021-10-09 14:17:28 +02:00
Nicola Murino	ba1febba73	rework user and admin profiles users and admins can now also update their email and description	2021-09-29 18:46:15 +02:00
Nicola Murino	da5a061b65	add basic REST APIs for data retention Fixes #495	2021-09-25 12:20:31 +02:00
Nicola Murino	bf4b3e6840	httpd: move the check connection middleware before the logger middleware Fixes #543	2021-09-19 08:14:59 +02:00
Nicola Murino	7bad65a43e	user: add a permission to disable changing api key authentication also implement the missing APIs to enable/disable api key authentication	2021-09-06 18:46:35 +02:00
Nicola Murino	101c2962ab	web client UI: add a permission to disable password change Fixes #528	2021-09-05 18:49:13 +02:00
Nicola Murino	8a4c21b64a	add builtin two-factor auth support The builtin two-factor authentication is based on time-based one time passwords (RFC 6238) which works with Authy, Google Authenticator and other compatible apps.	2021-09-04 12:11:04 +02:00
Nicola Murino	be3857d572	dataprovider: add timestamp fields for users and admins	2021-08-19 15:51:43 +02:00
Nicola Murino	fe953d6b38	REST API: add support for API key authentication	2021-08-17 18:08:32 +02:00
Nicola Murino	90b324d707	Add a link on the login pages to switch between admin and web client login The links are hidden if only the web admin or only thw web client is enabled and can also be controlled using the "hide_login_url" setting Fixes #485	2021-07-27 18:43:00 +02:00
Nicola Murino	3a22aae34f	web UI: add support for upload, create dirs, rename, delete	2021-07-26 20:55:49 +02:00
Nicola Murino	83c7453957	user API: allow to disable writes ... ... even if the user has permissions for these actions	2021-07-23 21:41:02 +02:00
Nicola Murino	ae8ccadad2	users API: add API to create, delete, rename files and directories	2021-07-23 10:19:27 +02:00
Nicola Murino	bd5191dfc5	add experimental plugin system	2021-07-11 15:26:51 +02:00
Nicola Murino	ff19879ffd	allow to use a persistent signing key for JWT and CSRF tokens Fixes #466	2021-07-01 20:17:40 +02:00
Nicola Murino	076b2f0ee0	modules: add v2 support	2021-06-26 07:31:41 +02:00

1 2

80 commits