Commits · 813221d23b1d4aa4370e564044f713a2d3605b0b · ai3 / accountserver

01 Nov, 2018 2 commits

Use a shorter import name for the top-level accountserver package · 813221d2
ale authored Nov 01, 2018

813221d2

Use a custom u2f.Registration wrapper type that serializes to JSON · 50f6eaa4

ale authored Nov 01, 2018

Establish a standardized serialization format for u2f registration
keys: base64-encoded raw registration data, encoded as a JSON
string. This format decodes transparently to a Go []byte slice, but it
needs explicit base64 decoding in Python.

50f6eaa4

31 Oct, 2018 1 commit
- Log user-level actions to the usermetadb · 2dc1ea31
  ale authored Oct 31, 2018
  
  2dc1ea31
29 Oct, 2018 3 commits
- Test /api/user/get with varying group memberships · 3cbaad14
  ale authored Oct 29, 2018
  
  3cbaad14
- Properly serve error 403 instead of 401 · 2f146082
  ale authored Oct 29, 2018
  
  2f146082
- Update go-common and other dependencies · 02a427d8
  ale authored Oct 29, 2018
  
  02a427d8
28 Oct, 2018 1 commit
- Fix action for /api/resource/email/add_alias · 53ad2d31
  ale authored Oct 28, 2018
```
Previously it was deleting aliases instead of adding them.
```
  53ad2d31
27 Oct, 2018 2 commits
- Log SSO validation errors · 0bb1804b
  ale authored Oct 27, 2018
  
  0bb1804b
- Log unauthorized access to a different user · 0cfa506b
  ale authored Oct 27, 2018
  
  0cfa506b
28 Aug, 2018 1 commit
- Update deps · 4e9a202b
  ale authored Aug 28, 2018
  
  4e9a202b
17 Aug, 2018 3 commits
- Add the "has_otp" attribute to the user type · 9b8e1392
  ale authored Aug 17, 2018
  
  9b8e1392
- Update example user data · d5aabe73
  ale authored Aug 17, 2018
  
  d5aabe73
- Update vendored deps · 81eb87b7
  ale authored Aug 17, 2018
  
  81eb87b7
26 Jul, 2018 2 commits
- Ensure that new resources have their Type set · 00fb053f
  ale authored Jul 26, 2018
  
  00fb053f
- Add an explicit Type field to Resources · da871e97
  ale authored Jul 26, 2018
```
The type is already encoded in the resource ID, but this is handy for
API clients so that they do not need to parse resource IDs.
```
  da871e97
19 Jul, 2018 2 commits
- Get UIDs from LDAP (where present) · 3ae8fb58
  ale authored Jul 19, 2018
  
  3ae8fb58
- Add example of JSON user representation · 9dc319af
  ale authored Jul 19, 2018
  
  9dc319af
02 Jul, 2018 1 commit
- Extend functionality of the password recovery endpoint · 49c57d00
  ale authored Jul 02, 2018
```
Make it possible for the sso-server to fetch the recovery hint using
the same API.
```
  49c57d00
01 Jul, 2018 5 commits
- Ensure we always log a user in audit logs · 47b9f57e
  ale authored Jul 01, 2018
  
  47b9f57e
- Move resource grouping out of the backend · 11821eaf
  ale authored Jul 01, 2018
```
It makes more sense to have this directly on the User object.
```
  11821eaf
- Add unix user IDs to object types · e15acb1e
  ale authored Jul 01, 2018
```
Adds UIDs to users, websites, DAV accounts.

Assign a random UID to newly created users, and ensure that all
associated resources have the same UID as well.
```
  e15acb1e
- Properly set the Has2FA bit when U2F is enabled · 050a535b
  ale authored Jul 01, 2018
  
  050a535b
- Wipe U2F keys too when disabling 2FA · 4770ce8c
  ale authored Jul 01, 2018
  
  4770ce8c
30 Jun, 2018 13 commits
- Set port in defaults file to match default for --addr · 458fbb99
  ale authored Jun 30, 2018
  
  458fbb99
- Fix yaml inline decoding · 233928c0
  ale authored Jun 30, 2018
  
  233928c0
- Use /bin/sh to start ldap server · 1ef2b30d
  ale authored Jun 30, 2018
  
  1ef2b30d
- Fix Debian package metadata to run tests properly · 1e65a623
  ale authored Jun 30, 2018
  
  1e65a623
- Exclude integrationtest from Debian package build · 88c3d615
  ale authored Jun 30, 2018
  
  88c3d615
- Add missing dependencies · 509f0ec0
  ale authored Jun 30, 2018
  
  509f0ec0
- Enable authentication of privileged requests · 621da480
  ale authored Jun 30, 2018
```
Check passwords and recovery responses directly against backend data.
```
  621da480
- Add CI configuration · 59753502
  ale authored Jun 30, 2018
  
  59753502
- More audit logging, improve some tests · 6fd782fa
  ale authored Jun 30, 2018
  
  6fd782fa
- Add an overview of the organization of the code · df8a5243
  ale authored Jun 30, 2018
  
  df8a5243
- Update dependencies · 96cf6388
  ale authored Jun 30, 2018
  
  96cf6388
- Add U2F-related dependencies · 9f34b8e2
  ale authored Jun 28, 2018
  
  9f34b8e2
- Add U2F registrations to the user type and an API method to update them · 09f924a6
  ale authored Jun 26, 2018
```
Still doesn't entirely solve the problem of encoding the U2F
registration requests on the client side (we should probably just
accept a bytestring), but all the important functionality is there.
```
  09f924a6
28 Jun, 2018 2 commits
- Remove lint warning · 377d120b
  ale authored Jun 28, 2018
  
  377d120b
- Use the new go-common/userenckey package · 77eae37d
  ale authored Jun 28, 2018
  
  77eae37d
26 Jun, 2018 2 commits
- Add more endpoints to the HTTP server and document everything · 0cdedceb
  ale authored Jun 26, 2018
  
  0cdedceb
- Add an API endpoint to reset a resource password · af4fe0c6
  ale authored Jun 26, 2018
```
Also set an initial user password, and random passwords for all its
resources, on a CreateUser request.
```
  af4fe0c6