beenull/sftpgo-mirror

mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 07:30:25 +00:00

Author	SHA1	Message	Date
Nicola Murino	cc2f23bd89	trim values for string lists which can be set as env vars See #857 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-31 18:22:18 +02:00
Nicola Murino	f6b11c2d01	httpd/webdav: allow to configure trusted proxy header and depth Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-28 19:47:23 +02:00
Nicola Murino	1a33b5bb53	allow different TLS certificates for each binding Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-21 16:34:47 +02:00
Nicola Murino	796ea1dde9	allow to store temporary sessions within the data provider so we can persist password reset codes, OIDC auth sessions and tokens. These features will also work in multi-node setups without sicky sessions now Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-19 19:49:51 +02:00
Nicola Murino	c9bd08cf9c	UI branding: use the short name on the login pages Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-15 07:30:36 +02:00
Nicola Murino	5d7f6960f3	web UIs: add branding support Fixes #829 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-13 19:40:52 +02:00
Tim Birkett	7b1a0d3cd3	chore: disallow all crawlers with robots.txt (#833 ) Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>	2022-05-13 09:23:43 +02:00
Nicola Murino	504cd3efda	add groups support Using groups simplifies the administration of multiple accounts by letting you assign settings once to a group, instead of multiple times to each individual user. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-25 15:49:11 +02:00
Nicola Murino	002a06629e	refactoring of user session counters Fixes #792 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-14 19:07:41 +02:00
Nicola Murino	254b2ae87f	add support for AWS container Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-03 08:52:36 +02:00
Nicola Murino	5cccb872bb	add support to redirect HTTP to HTTPS Fixes #777 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-26 10:00:02 +01:00
Nicola Murino	aaf940edab	enforce CSRF token usage by the same IP for which it was issued Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-26 08:41:50 +01:00
Nicola Murino	d955ddcef9	check that the jwt token is used by the same IP for which it Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-24 22:03:17 +01:00
Nicola Murino	93b9c1617e	web UI: allow to load custom css Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-19 21:44:27 +01:00
Nicola Murino	d9f30e7ac5	add a global whitelist if defined only the listed IPs/networks can access the configured services, all other client connections will be dropped before they even try to authenticate Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-17 22:10:52 +01:00
Nicola Murino	d8de0faef5	allow to require two-factor auth for users Fixes #721 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-06 16:57:13 +01:00
Nicola Murino	79857a8733	config: restore defaults for smtp templates path It was mistakenly deleted in the previous commit Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-27 14:16:38 +01:00
Nicola Murino	dcc3292dbc	web setup: add an optional installation code The purpose of this code is to prevent anyone who can access to the initial setup screen from creating an admin user Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-27 13:08:47 +01:00
Nicola Murino	c6b8644828	OIDC: execute pre-login hook after IDP authentication so the SFTPGo users can be auto-created using the hook Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-19 10:53:35 +01:00
Nicola Murino	f1a255aa6c	httpd: allow to restrict allowed hosts ... ... and to add security headers to the responses Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-17 18:22:27 +01:00
Nicola Murino	f1832d4478	shares: add an upload form for shares with write scope Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-15 19:19:25 +01:00
Nicola Murino	1fccd05e9e	allow to configure the minimum version of TLS to be enabled Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 15:56:07 +01:00
Nicola Murino	66945c0a02	Web UIs: add OpenID Connect support Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 14:30:20 +01:00
Nicola Murino	fa0ca8fe89	quota summary and docs improvements Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-08 12:43:08 +01:00
Nicola Murino	9382db751c	make HTTP shares browsable if you share a single folder with read scope, you can now browse the share and download single files Fixes #674 See #677 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-06 16:46:43 +01:00
Nicola Murino	1df1225eed	add support for data transfer bandwidth limits with total limit or separate settings for uploads and downloads and overrides based on the client's IP address. Limits can be reset using the REST API Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 11:42:36 +01:00
Jeremy Clerc	9709aed5e6	httpd: webpath redirect using status found (302) 301 MovedPermanently is cached by the browser which can be annoying when it is is on base path like / while one may reuse the domain (e.g. localhost) for other apps/tests. Fixes #695 Signed-off-by: Jeremy Clerc <jeremy@clerc.io>	2022-01-26 21:50:37 +01:00
Nicola Murino	1f619d5ea6	make the sdk a separate module The SFTPGo SDK now is at the following URL https://github.com/sftpgo/sdk Fixes #657 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 11:54:43 +01:00
Nicola Murino	7c68b03d07	move plugin handling outside the sdk package Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-05 11:37:45 +01:00
Nicola Murino	2912b2e92e	sdk: add a logger interface we are now ready to make the sdk a separate module Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 16:07:41 +01:00
Nicola Murino	ad483b7581	httpd: switch back to chi Recoverer now that the required patch is merged Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 09:48:16 +01:00
Nicola Murino	a587228cf0	add support for metadata plugins	2021-12-16 18:18:36 +01:00
Nicola Murino	c153330ab8	web client: use fetch to upload files also add REST API to upload a single file as POST body	2021-12-08 19:25:22 +01:00
Nicola Murino	bedc8e288b	web client: add support for integrating external viewers/editors	2021-12-03 18:33:08 +01:00
Nicola Murino	3f3591bae0	web client: allow to preview images and pdf pdf depends on browser support. It does not work on mobile devices.	2021-11-25 19:24:32 +01:00
Nicola Murino	3d6b09e949	REST API: expose OpenAPI schema and render it using Swagger UI Fixes #609	2021-11-21 09:32:51 +01:00
Nicola Murino	fb8f013ea7	web: update permissions on cookie refresh	2021-11-20 10:48:39 +01:00
Nicola Murino	0833b4698e	httpd service: add CORS support	2021-11-13 23:14:50 +01:00
Nicola Murino	78233ff9a3	web UI/REST API: add password reset In order to reset the password from the admin/client user interface, an SMTP configuration must be added and the user/admin must have an email address. You can prohibit the reset functionality on a per-user basis by using a specific restriction. Fixes #597	2021-11-13 13:25:43 +01:00
Nicola Murino	3bc58f5988	WebClient/REST API: add sharing support	2021-11-06 14:13:20 +01:00
Nicola Murino	74fc3aaf37	REST API: add events search	2021-10-23 15:47:21 +02:00
Nicola Murino	4aa9686e3b	refactor custom actions SFTPGo is now fully auditable, all fs and provider events that change something are notified and can be collected using hooks/plugins. There are some backward incompatible changes for command hooks	2021-10-10 13:08:05 +02:00
Nicola Murino	64e87d64bd	web client UI: allow to edit plain text files Fixes #567	2021-10-09 14:17:28 +02:00
Nicola Murino	ba1febba73	rework user and admin profiles users and admins can now also update their email and description	2021-09-29 18:46:15 +02:00
Nicola Murino	da5a061b65	add basic REST APIs for data retention Fixes #495	2021-09-25 12:20:31 +02:00
Nicola Murino	bf4b3e6840	httpd: move the check connection middleware before the logger middleware Fixes #543	2021-09-19 08:14:59 +02:00
Nicola Murino	7bad65a43e	user: add a permission to disable changing api key authentication also implement the missing APIs to enable/disable api key authentication	2021-09-06 18:46:35 +02:00
Nicola Murino	101c2962ab	web client UI: add a permission to disable password change Fixes #528	2021-09-05 18:49:13 +02:00
Nicola Murino	8a4c21b64a	add builtin two-factor auth support The builtin two-factor authentication is based on time-based one time passwords (RFC 6238) which works with Authy, Google Authenticator and other compatible apps.	2021-09-04 12:11:04 +02:00
Nicola Murino	be3857d572	dataprovider: add timestamp fields for users and admins	2021-08-19 15:51:43 +02:00

1 2

88 commits