beenull/sftpgo-mirror

mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 15:40:23 +00:00

Author	SHA1	Message	Date
Nicola Murino	c304143eb3	MFA: allow recovery codes only if two-factor auth is enabled Fixes #965 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-08-31 10:07:45 +02:00
Nicola Murino	d34446e6e9	web client: add HTML5 player Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-07-23 16:30:27 +02:00
Nicola Murino	2da19ef233	backport OIDC related changes from main Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-07-23 15:31:57 +02:00
Nicola Murino	b34bc2b818	add license header to source files Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-07-18 13:43:25 +02:00
Nicola Murino	d0b6ca8d2f	backup: include folders set on groups Fixes #885 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-06-21 14:13:25 +02:00
Nicola Murino	b774289c6d	change default value for naming_rules to 1 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-06-03 16:09:02 +02:00
Nicola Murino	7329cd804b	Fixes #855 update OpenAPI definition, add test cases, fix lint Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-30 19:01:12 +02:00
Nicola Murino	32da923dfe	httpd: add a setting to customize tokens validation Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-28 13:28:50 +02:00
Nicola Murino	1a33b5bb53	allow different TLS certificates for each binding Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-21 16:34:47 +02:00
Nicola Murino	796ea1dde9	allow to store temporary sessions within the data provider so we can persist password reset codes, OIDC auth sessions and tokens. These features will also work in multi-node setups without sicky sessions now Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-19 19:49:51 +02:00
Tim Birkett	a5d0cbbe44	chore: fix a linting error (#834 ) Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>	2022-05-13 11:14:38 +02:00
Tim Birkett	7b1a0d3cd3	chore: disallow all crawlers with robots.txt (#833 ) Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>	2022-05-13 09:23:43 +02:00
Nicola Murino	1e0b3a2a8c	web client: add share mode read/write Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-09 19:09:43 +02:00
Nicola Murino	ecd488a840	data provider: remove prefer_database_credentials Google Cloud Storage credentials are now always stored within the data provider. Added a migration to read credentials from disk and store them inside the data provider. After v2.3 we can also remove credentials_path Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-28 12:55:01 +02:00
Nicola Murino	504cd3efda	add groups support Using groups simplifies the administration of multiple accounts by letting you assign settings once to a group, instead of multiple times to each individual user. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-25 15:49:11 +02:00
Nicola Murino	002a06629e	refactoring of user session counters Fixes #792 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-14 19:07:41 +02:00
Nicola Murino	cacfffc5bf	OIDC: add support for custom fields These fields can be used in the pre-login hook to implement custom logics Fixes #787 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-12 19:31:25 +02:00
Nicola Murino	77f3400161	allow to mount virtual folders on root (/) path Fixes #783 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-02 18:32:46 +02:00
Nicola Murino	3521bacc4a	web user templates: ensure we can save valid users users with no public key and password are now valid after the recent changes Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-01 09:47:54 +02:00
Nicola Murino	5c114b28e3	sshd: we don't need the user certificate Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-31 18:16:50 +02:00
Nicola Murino	ca32cd5e0e	allow placeholders for add/update users and folders remove session token for S3, a temporary token is useless for our usage Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-27 16:32:21 +02:00
Nicola Murino	aaf940edab	enforce CSRF token usage by the same IP for which it was issued Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-26 08:41:50 +01:00
Nicola Murino	d955ddcef9	check that the jwt token is used by the same IP for which it Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-24 22:03:17 +01:00
Nicola Murino	4c710d731f	update to Go 1.18 temporarily disabled docker image for ppcle64 as alpine image is not yet available Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-18 21:52:00 +01:00
Nicola Murino	d9f30e7ac5	add a global whitelist if defined only the listed IPs/networks can access the configured services, all other client connections will be dropped before they even try to authenticate Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-17 22:10:52 +01:00
Nicola Murino	0bec1c6012	change the default value for prefer_database_credentials to true ... ... and deprecate this setting. In the future we'll remove prefer_database_credentials and credentials_path and we will not allow the credentials to be saved on the filesystem Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-13 14:29:11 +01:00
Nicola Murino	5582f5c811	data provider: add automatic backups Automatic backup are enabled by default, a new backup will be saved each day at midnight. The backups_path setting was moved from the httpd section to the data_provider one, please adjust your configuration file and or your env vars Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-13 13:45:07 +01:00
Nicola Murino	d8de0faef5	allow to require two-factor auth for users Fixes #721 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-06 16:57:13 +01:00
Nicola Murino	5c2fd8d52a	add support for a start directory Fixes #705 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-03 12:44:56 +01:00
Nicola Murino	4519bffa39	S3: add support for assume role Fixes #736 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-28 20:19:13 +01:00
Nicola Murino	e18ad55067	S3: add support for session tokens Fixes #736 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-25 15:30:04 +01:00
Nicola Murino	4e9dae6fa4	allow to cache external authentications Fixes #733 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-25 11:51:10 +01:00
Nicola Murino	8bbf54d2b6	azure blobs: add support for multipart downloads Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-21 19:01:31 +01:00
Nicola Murino	c19b03a3f7	shares: add permission to deny sharing without password Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-19 13:31:58 +01:00
Nicola Murino	f1a255aa6c	httpd: allow to restrict allowed hosts ... ... and to add security headers to the responses Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-17 18:22:27 +01:00
Nicola Murino	f1832d4478	shares: add an upload form for shares with write scope Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-15 19:19:25 +01:00
Nicola Murino	66945c0a02	Web UIs: add OpenID Connect support Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 14:30:20 +01:00
Nicola Murino	9382db751c	make HTTP shares browsable if you share a single folder with read scope, you can now browse the share and download single files Fixes #674 See #677 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-06 16:46:43 +01:00
Nicola Murino	cd35636939	S3: add a timeout for single part uploads Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-01 12:15:56 +01:00
Nicola Murino	02db00d008	dataprovider: add naming rules naming rules allow to support case insensitive usernames, trim trailing and leading white spaces, and accept any valid UTF-8 characters in usernames. If you were enabling `skip_natural_keys_validation` now you need to set `naming_rules` to `1` Fixes #687 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-31 18:01:37 +01:00
Nicola Murino	1df1225eed	add support for data transfer bandwidth limits with total limit or separate settings for uploads and downloads and overrides based on the client's IP address. Limits can be reset using the REST API Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 11:42:36 +01:00
Jeremy Clerc	9709aed5e6	httpd: webpath redirect using status found (302) 301 MovedPermanently is cached by the browser which can be annoying when it is is on base path like / while one may reuse the domain (e.g. localhost) for other apps/tests. Fixes #695 Signed-off-by: Jeremy Clerc <jeremy@clerc.io>	2022-01-26 21:50:37 +01:00
Nicola Murino	c3831de94e	add hide policy to pattern filters Disallowed files/dirs can be completly hidden. This may cause performance issues for large directories Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-15 17:16:49 +01:00
Nicola Murino	1c51239da8	Admin UI: allow to create multiple users/folders from templates the clone button is not needed anymore, you can select a user and click on template to generate one or more similar users or you can create users/folders from an empty template Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-12 19:01:19 +01:00
Nicola Murino	1f619d5ea6	make the sdk a separate module The SFTPGo SDK now is at the following URL https://github.com/sftpgo/sdk Fixes #657 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 11:54:43 +01:00
Nicola Murino	6d3d94a01f	move kms implementation outside the sdk package Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 10:11:47 +01:00
Nicola Murino	7c68b03d07	move plugin handling outside the sdk package Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-05 11:37:45 +01:00
Nicola Murino	2912b2e92e	sdk: add a logger interface we are now ready to make the sdk a separate module Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 16:07:41 +01:00
Nicola Murino	a6fe802370	move kms definitions to the sdk package This is the first step to make the sdk a separate module Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 12:49:30 +01:00
Nicola Murino	df86955f28	eventsearcher plugin: add support to search for provider, bucket, endpoint Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-03 17:02:52 +01:00

1 2 3 4 5

232 commits