beenull/sftpgo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1221 commits 8 branches 48 tags 35 MiB
Commit graph

70 commits

Author SHA1 Message Date
Nicola Murino
b34bc2b818
add license header to source files 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-07-18 13:43:25 +02:00
Nicola Murino
b3ca20b5e6
dataprovider: fix sql tables prefix handling 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-06-24 12:26:43 +02:00
Nicola Murino
796ea1dde9
allow to store temporary sessions within the data provider 
so we can persist password reset codes, OIDC auth sessions and tokens.
These features will also work in multi-node setups without sicky
sessions now

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-05-19 19:49:51 +02:00
Nicola Murino
14fb6c4038
always check recently updated users 
also fix the query to get users for quota check for sql based providers

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-30 11:59:36 +02:00
Nicola Murino
ecd488a840
data provider: remove prefer_database_credentials 
Google Cloud Storage credentials are now always stored within the data
provider.

Added a migration to read credentials from disk and store them inside the
data provider.

After v2.3 we can also remove credentials_path

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-28 12:55:01 +02:00
Nicola Murino
504cd3efda
add groups support 
Using groups simplifies the administration of multiple accounts by
letting you assign settings once to a group, instead of multiple
times to each individual user.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-25 15:49:11 +02:00
Nicola Murino
5a40f998ae
check and update the password hashing algorithm on user login 
also add ldap md5 variant as per-user request

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-02 22:20:21 +02:00
Nicola Murino
5c114b28e3
sshd: we don't need the user certificate 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-31 18:16:50 +02:00
Nicola Murino
1df1225eed
add support for data transfer bandwidth limits 
with total limit or separate settings for uploads and downloads and
overrides based on the client's IP address.

Limits can be reset using the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-30 11:42:36 +01:00
Nicola Murino
d2a4178846
check quota usage between ongoing transfers 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-20 18:19:20 +01:00
Nicola Murino
d73be7aee5
remove the use of some unnecessary pointers 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-16 12:09:17 +01:00
Nicola Murino
ffe7f7ff16
doc improvements and minor changes 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-16 09:50:23 +01:00
Nicola Murino
b8efb1b8ec
squash database migrations. 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-09 12:25:53 +01:00
Nicola Murino
7d8823307f
defender: add provider driver 
Fixes #616
 2021-12-25 12:08:07 +01:00
Nicola Murino
cc73bb811b
change log level from warn to error where appropriate 
Fixes #649
 2021-12-16 19:53:00 +01:00
Nicola Murino
e29a3efd39
add resetprovider sub-command 
Fixes #608
 2021-11-15 18:40:31 +01:00
Nicola Murino
3bc58f5988
WebClient/REST API: add sharing support 2021-11-06 14:13:20 +01:00
Maharanjan
0661876e99
Added email field for user account 2021-09-25 19:06:13 +02:00
Nicola Murino
bcf088f586
data provider: update internal caches if the data provider is shared 2021-08-20 09:35:06 +02:00
Nicola Murino
be3857d572
dataprovider: add timestamp fields for users and admins 2021-08-19 15:51:43 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication 2021-08-17 18:08:32 +02:00
Nicola Murino
bd5191dfc5
add experimental plugin system 2021-07-11 15:26:51 +02:00
Nicola Murino
076b2f0ee0
modules: add v2 support 2021-06-26 07:31:41 +02:00
Nicola Murino
d5b42f72e2
squash database migrations, remove compat data provider code 2021-06-19 09:03:20 +02:00
Nicola Murino
9d3d7db29c
azblob: store SAS URL as kms.Secret 2021-06-11 22:27:36 +02:00
Nicola Murino
2ffefbeb33
add sql_tables_prefix also to indexes and constraints 
This allows you to reuse the same database for multiple SFTPGo instances

Fixes #372
 2021-04-12 20:00:49 +02:00
Nicola Murino
70e035315e
data provider: add CockroachDB support 2021-03-23 19:14:15 +01:00
Nicola Murino
d6dc3a507e
extend virtual folders support to all storage backends 
Fixes #241
 2021-03-21 19:15:47 +01:00
Nicola Murino
a6e36e7cad
FTP: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
 2021-02-28 12:10:40 +01:00
Nicola Murino
2146b83343
data providers: add filesystem to folder ... 
... and some descriptive fields.
The filesystem support for virtual folders will be implemented in
future commits
 2021-02-24 19:40:29 +01:00
Nicola Murino
49830516be
squash database migrations and remove compat code 2021-02-22 08:37:50 +01:00
Nicola Murino
be9230e85b
micro optimizations spotted using the go-critic linter 2021-02-16 19:11:36 +01:00
Nicola Murino
78bf808322
virtual folders: change dataprovider structure 
This way we no longer depend on the local file system path and so we can
add support for cloud backends in future updates
 2021-02-01 19:04:15 +01:00
Nicola Murino
778ec9b88f
REST API v2 
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
 2021-01-17 22:29:08 +01:00
Nicola Murino
daac90c4e1
fix a potential race condition for pre-login and ext auth 
hooks

doing something like this:

err = provider.updateUser(u)
...
return provider.userExists(username)

could be racy if another update happen before

provider.userExists(username)

also pass a pointer to updateUser so if the user is modified inside
"validateUser" we can just return the modified user without do a new
query
 2021-01-05 09:50:22 +01:00
Nicola Murino
224ce5fe81
add revertprovider subcommand 
Fixes #233
 2020-11-26 22:08:33 +01:00
Nicola Murino
4bb9d07dde
user: add a free text field 
Fixes #230
 2020-11-25 22:26:34 +01:00
Nicola Murino
dccc583b5d
add a dedicated struct to store encrypted credentials 
also gcs credentials are now encrypted, both on disk and inside the
provider.

Data provider is automatically migrated and load data will accept
old format too but you should upgrade to the new format to avoid future
issues
 2020-11-22 21:53:04 +01:00
Nicola Murino
c992072286
data provider: add a setting to prevent auto-update 2020-10-05 19:42:33 +02:00
Nicola Murino
600a107699 initprovider: check if the provider is already initialized 
exit with code 0 if no initialization is required
 2020-08-30 13:50:43 +02:00
Nicola Murino
8b0a1817b3 add check password hook 
its main use case is to allow to easily support things like password+OTP for
protocols without keyboard interactive support such as FTP and WebDAV
 2020-08-19 19:36:12 +02:00
Nicola Murino
42877dd915 sql providers: add a query timeout 2020-07-08 18:54:44 +02:00
Nicola Murino
23a80b01b6 add build tag to disable metrics 2020-06-19 17:08:51 +02:00
Nicola Murino
8306b6bde6 refactor virtual folders 
The same virtual folder can now be shared among users and different
folder quota limits for each user are supported.

Fixes #120
 2020-06-07 23:30:18 +02:00
Nicola Murino
ad53429cf1 add support for build tag to allow to disable some features 
The following build tags are available:

- "nogcs", disable Google Cloud Storage backend
- "nos3", disable S3 Compabible Object Storage backends
- "nobolt", disable Bolt data provider
- "nomysql", disable MySQL data provider
- "nopgsql", disable PostgreSQL data provider
- "nosqlite", disable SQLite data provider
- "noportable", disable portable mode
 2020-05-23 11:58:05 +02:00
Nicola Murino
9b06e0a3b7 sql providers: change password field from varchar 255 to text 
some passwords can be longer than 255 characters
 2020-04-11 11:17:40 +02:00
Nicola Murino
b1c7317cf6 add support for partial authentication 
Multi-step authentication is activated disabling all single-step
auth methods for a given user
 2020-04-09 23:32:42 +02:00
Nicola Murino
9046acbe68 add HTTP hooks 
external auth, pre-login user modification and keyboard interactive
authentication is now supported via HTTP requests too
 2020-04-01 23:25:23 +02:00
Nicola Murino
7f1946de34 improve validations for user provided file and directory paths 2020-03-03 09:09:58 +01:00
Nicola Murino
d0a81cabab log file: if the path is not absolute make it relative to config dir 
Also refuse to join invalid file name such as "."

Fixes #85
 2020-03-03 00:34:06 +01:00