beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 23:50:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
1141 commits 8 branches 49 tags 49 MiB
Commit graph

28 commits

Author SHA1 Message Date
Nicola Murino
aaf940edab
enforce CSRF token usage by the same IP for which it was issued 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-26 08:41:50 +01:00
Nicola Murino
d955ddcef9
check that the jwt token is used by the same IP for which it 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-24 22:03:17 +01:00
Nicola Murino
93b9c1617e
web UI: allow to load custom css 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-19 21:44:27 +01:00
Nicola Murino
d8de0faef5
allow to require two-factor auth for users 
Fixes #721

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-06 16:57:13 +01:00
Nicola Murino
f5a0559be6
don't execute fs check if the user has recent activity 
The check could be expensive with some backends and is generally
only required the first time that a user logs in

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-24 16:11:35 +01:00
Nicola Murino
c6b8644828
OIDC: execute pre-login hook after IDP authentication 
so the SFTPGo users can be auto-created using the hook

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-19 10:53:35 +01:00
Nicola Murino
66945c0a02
Web UIs: add OpenID Connect support 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-13 14:30:20 +01:00
Nicola Murino
1f619d5ea6
make the sdk a separate module 
The SFTPGo SDK now is at the following URL

https://github.com/sftpgo/sdk

Fixes #657

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-06 11:54:43 +01:00
Nicola Murino
ad483b7581
httpd: switch back to chi Recoverer now that the required patch is merged 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-04 09:48:16 +01:00
Nicola Murino
8a4c21b64a
add builtin two-factor auth support 
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
 2021-09-04 12:11:04 +02:00
Nicola Murino
be3857d572
dataprovider: add timestamp fields for users and admins 2021-08-19 15:51:43 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication 2021-08-17 18:08:32 +02:00
Nicola Murino
83c7453957
user API: allow to disable writes ... 
... even if the user has permissions for these actions
 2021-07-23 21:41:02 +02:00
Nicola Murino
bd5191dfc5
add experimental plugin system 2021-07-11 15:26:51 +02:00
Nicola Murino
076b2f0ee0
modules: add v2 support 2021-06-26 07:31:41 +02:00
Nicola Murino
43182fc25e
OpenAPI: add users API 
These new APIs match the web client features.

I'm aware that some API do not follow REST best practises.

I want to avoid things likes "/user/folders/<path>"

where "path" must be encoded and making it optional create issues, so
I defined resources as query parameters instead of path parameters
 2021-06-05 16:07:09 +02:00
Nicola Murino
423d8306be
webclient: allow to download multiple files as zip 2021-05-30 23:07:46 +02:00
Nicola Murino
c8f7fc9bc9
httpd/webdav: add a list of hosts allowed to send proxy headers 
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.

This is a backward incompatible change, before the proxy headers were
always used
 2021-05-11 06:54:06 +02:00
Nicola Murino
23d9ebfc91
add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
Nicola Murino
47317bed9b
make sure that Retry-After header has a value greater than zero 2021-04-19 09:16:27 +02:00
Nicola Murino
f45c89fc46
add rate limiting support for REST API/web admin too 2021-04-19 08:14:04 +02:00
Nicola Murino
d6dc3a507e
extend virtual folders support to all storage backends 
Fixes #241
 2021-03-21 19:15:47 +01:00
Nicola Murino
88122ba2f8
update jwtauth to v5 2021-03-05 18:50:45 +01:00
Nicola Murino
e9dd4ecdf0
web admin: add CSRF 2021-02-03 08:55:28 +01:00
Nicola Murino
f863530653
JWT: only accepts tokens from the expected header or cookie 2021-02-02 13:11:47 +01:00
Nicola Murino
4f609cfa30
JWT: add token audience 
a token released for API audience cannot be used for web pages and
vice-versa
 2021-02-02 09:14:10 +01:00
Nicola Murino
c2bbd468c4
REST API: add logout and store invalidated token 2021-01-26 22:35:36 +01:00
Nicola Murino
778ec9b88f
REST API v2 
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
 2021-01-17 22:29:08 +01:00