Skip to content
Snippets Groups Projects
Select Git revision
  • claims-in-idtoke
  • master default protected
  • jwt_encode_inconsistencies
  • recovery-code-pwhash
  • incremental-sync
  • redis-rate-limits
  • typehints
  • v1.2.x
  • v1.x.x
  • v1.1.x
  • feature_invite_validuntil_minmax
  • Dockerfile
  • v1.0.x
  • roles-recursive-cte
  • v2.3.1
  • v2.3.0
  • v2.2.0
  • v2.1.0
  • v2.0.1
  • v2.0.0
  • v1.2.0
  • v1.1.2
  • v1.1.1
  • v1.0.2
  • v1.1.0
  • v1.0.1
  • v1.0.0
  • v0.3.0
  • v0.2.0
  • v0.1.5
  • v0.1.4
  • v0.1.2
32 results
Search by author
  • Any Author
  • Luca (strifel) Luca (strifel) strifel
1 author
  1. Oct 05, 2021
  3. Oct 02, 2021
    • Julian's avatar
      Move User, Group and Mail models from LDAP to DB · 4a9c455f
      Julian authored 
      * Removal of ldapalchemy and LDAP mocking support
* Removal of dependency on ldap3 (except for the migration)
* Remaining "LDAP_<name>" config keys are renamed to "<name>"
* Web interface to create, edit and delete groups
* Consistent foreign key, cascading and nullable configuration on all models
* User/Group.dn is replaced with numeric User/Group.id
* User.uid is renamed to User.unix_uid (to differentiate with new User.id)
* Group.gid is renamed to Group.unix_gid (to differentiate with new Group.id)
* All User/Group/Mail related routes now use the database ids instead of uid/gid/dn
* PasswordToken/MailToken now reference users directly instead of storing loginnames

The database migration (optionally) uses the v1 config keys to connect to
an LDAP server and to import all users, groups and mail forwardings.
      4a9c455f
  5. Sep 13, 2021
  7. Sep 02, 2021
    • Julian's avatar
      Replace flask_oauthlib with plain oauthlib · 45d4598e
      Julian authored 
      flask_oauthlib is no longer available in Debian Bullseye. It is only a
wrapper around oauthlib, which is still available. While this change does
increase the OAuth2 code size, it achieves compatability with both Debian
Buster and Bullseye.

Aside from error handling, this change has no noticable effects on OAuth2.0
clients. In terms of error handling, a few cases that were not properly
handled before now return appropriate error pages.

Fixes #101
      45d4598e
  9. Aug 12, 2021
  11. Aug 01, 2021
  13. Jul 31, 2021
  15. Jul 30, 2021
  17. Jul 25, 2021
  19. Jun 15, 2021
  21. Jun 12, 2021
  23. May 01, 2021
  25. Apr 05, 2021
  27. Apr 04, 2021
  29. Nov 26, 2020
  31. Oct 30, 2020
  33. Oct 24, 2020
  35. Oct 05, 2020
  37. Oct 02, 2020
    • Julian's avatar
      added webauthn support · 642f3e2e
      Julian authored 
      Code is mostly based on python-fido2's example code. Note that webauthn
requires the website to be delivered via HTTPS. Flask's development server
automatically sets up a self-signed ssl cert with the `ssl_context="adhoc"`
option.
      642f3e2e
  39. Oct 01, 2020
    • Julian's avatar
      implemented qrcode_svg template filter · 21cebaa3
      Julian authored
      21cebaa3
    • Julian's avatar
      basic ldap mocking · 17892c4b
      Julian authored and nd's avatar nd committed 
      LDAP_SERVICE_MOCK must be set to True to enable ldap mocking. As a
security measure, mocking is only allowed in debug mode. Also changed
ACL_ADMIN_GROUP and ACL_SELFSERVICE_GROUP in default_config.cfg to more
distinguishable values and removed the unused ACL_LDAP_GROUP_USEREDIT
entry.

The sample entries in ldap_server_entries.json are the bare minimum
required for mocking and most likely won't suffice on a real LDAP server.
Also ldap3's mocked server is very limited and does not correctly verify
hashed password, update group memberships or implement ldap
overlays/extentions correctly.

Closes #20
      17892c4b
  41. Sep 25, 2020
  43. Jul 11, 2020

Impressum - Datenschutzerklärung