1. 24 May, 2022 1 commit
  2. 25 Apr, 2022 1 commit
    • Julian's avatar
      Remailer support · 10e37c17
      Julian authored
      With this feature, uffd can be configured to hide mail addresses of users
      from certain services while still allowing the services to send mails to the
      users.
      
      To these services uffd returns special remailer addresses instead of the real
      mail addresses. When a service sends an email to a remailer address the mail
      server queries uffd's API and replaces the remailer address with the real mail
      address in both envelope and headers.
      
      This feature requires additional mail server configuration (Postfix
      canonical_maps) and support in uffd-socketmapd.
      10e37c17
  3. 22 Apr, 2022 2 commits
  4. 20 Apr, 2022 1 commit
    • Julian's avatar
      Fix "new invite" form resetting on error · bfd759bd
      Julian authored
      When the "new invite" page was submitted with e.g. an invalid "Valid Until"
      value, uffd displayed an error and reset the whole form. This was confusing
      to users.
      
      Now the form content is preserved on errors. Also the "Valid Until" field now
      has min/max attributes to prevent submitting the form with invalid values.
      
      Fixes #134
      bfd759bd
  5. 02 Apr, 2022 1 commit
  6. 29 Mar, 2022 1 commit
  7. 28 Mar, 2022 1 commit
  8. 24 Mar, 2022 1 commit
  9. 23 Mar, 2022 1 commit
  10. 22 Mar, 2022 3 commits
  11. 28 Feb, 2022 2 commits
    • Julian's avatar
      Refactor mapper object flushing/expiring in tests · 8a6ca93c
      Julian authored
      8a6ca93c
    • Julian's avatar
      Fix regression in service overview access behavior · 3880be9a
      Julian authored
      When the service overview was introduced, it was meant to be optional. Thus
      if the SERVICES config option was empty (the default), uffd returned 404.
      
      Commit fa67bde0 (Migrate OAuth2 and API clients to database) introduced the
      regression that accessing the service overview page when no services are
      visible based on the permissions of the current user (or guest if not logged
      in), 404 is returned.
      
      This change fixes the regression and further changes the behavior to improve
      consistency. Since fa67bde0, the page is relevant to admin users regardless of
      the SERVICES config option. Therefore uffd asks for login or reports missing
      permissions in all cases it originally returned 404.
      3880be9a
  12. 27 Feb, 2022 1 commit
  13. 25 Feb, 2022 3 commits
    • Julian's avatar
      Release preparations · e00ea70d
      Julian authored
      Added guard to first v2 migration in order to prevent accidental upgrades.
      Extended the upgrade instructions and moved them from the README to a
      standalone file.
      e00ea70d
    • Julian's avatar
      Fix "Migrate OAuth2 and API clients to database" (again) · 6948ddca
      Julian authored
      The original change completely broke single logout support.
      
      The migration now uses the correct hashing algorithm (unsalted SHA512 instead
      of salted SHA512) for OAuth2/API secrets/passwords.
      6948ddca
    • Julian's avatar
      Fix "Migrate OAuth2 and API clients to database" · a97358ed
      Julian authored
      The migration originally failed to convert the passwords/secrets to the
      format expected by PasswordHash resulting in invalid password hashes. With
      this change, the migration works correctly.
      
      Also fixes minor template bug.
      a97358ed
  14. 24 Feb, 2022 1 commit
    • Julian's avatar
      Migrate OAuth2 and API clients to database · fa67bde0
      Julian authored
      Also adds a shallow Service model that coexists with the config-defined
      services to group multiple OAuth2 and API clients together.
      
      Clients defined in the config with OAUTH2_CLIENTS and API_CLIENTS_2 are
      imported by the database migrations.
      
      Removes support for complex values for the OAuth2 client group_required option.
      Only simple group names are supported, not (nested) lists of groups previously
      interpreted as AND/OR conjunctions. Also removes support for the login_message
      parameter of OAuth2 clients.
      fa67bde0
  15. 17 Feb, 2022 1 commit
    • Julian's avatar
      Refactor Unix UID/GID generation · 66df931d
      Julian authored
      The generation now happens in a subquery inside the INSERT statement instead
      of separate client-managed query. This should also reduce the risk of race
      conditions.
      
      Service and non-service users may now use the same UID range.
      66df931d
  16. 16 Feb, 2022 3 commits
  17. 14 Feb, 2022 1 commit
  18. 13 Feb, 2022 3 commits
    • Julian's avatar
      Minor fix for last migration · 1a8960d4
      Julian authored
      Calling op.get_bind outside a callback broke "flask db history".
      1a8960d4
    • Julian's avatar
      Argon2 for user password hashing · ac003909
      Julian authored
      Argon2 is a modern password hashing algorithm. It is significantly more secure
      than the previous algorithm (salted SHA512). User logins with Argon2 are
      relativly slow and cause significant spikes in CPU and memory (100MB) usage.
      
      Existing passwords are gradually migrated to Argon2 on login.
      ac003909
    • Julian's avatar
      Unified password hashing for User and Signup · 117e257c
      Julian authored
      Previously User used salted SHA512 with OpenLDAP-style prefix syntax and
      Signup used crypt. Both models had their own hashing and verification
      code. Now both use OpenLDAP-style syntax with support for all traditional
      formats including crypt. Salted SHA512 is used for new User and Signup
      passwords.
      
      Existing Signup objects are migrated to the new format and remain functional.
      User passwords now support gradual migration to another hash algorithm when
      it is changed in the future.
      
      This code is planned to be used for database-stored API and OAuth2 client
      secrets.
      117e257c
  19. 08 Feb, 2022 1 commit
  20. 04 Feb, 2022 1 commit
    • Julian's avatar
      Constrain mail receive addresses and fix case-folding in API · 17b99372
      Julian authored
      Previously the getmails API endpoint did not match "receive_address" values
      case-insensitivly like it did pre-v2. To solve this independent of database
      collations, all existing mail receive addresses are converted to lower-case
      and new/changed receive addresses are constraint to ASCII lower-case letters,
      digits and symbols.
      17b99372
  21. 01 Feb, 2022 5 commits
  22. 11 Dec, 2021 1 commit
  23. 09 Dec, 2021 2 commits
    • Julian's avatar
      Replace CONFIG_FILENAME with CONFIG_PATH · 73c9b77e
      Julian authored
      CONFIG_FILENAME works relative to the app's instance path. While (strictly
      speaking) CONFIG_FILENAME is named correctly, it is not really obvious that
      it should be set to an instance-relative filename instead of a path. The
      current uwsgi.ini file illustrates this problem.
      
      Not having a way to specify an absolute config file path is a problem for
      the Debian package: The actual config file /etc/uffd/uffd.cfg must be
      symlinked to /usr/share/uffd/instance/config.cfg to be found. Setting
      CONFIG_PATH to "/etc/uffd/uffd.cfg" simplifies this.
      
      Since this change is part of a new major release, we can drop
      CONFIG_FILENAME in favour of CONFIG_PATH.
      73c9b77e
    • Julian's avatar
      Workaround for linter bug · d22b62ef
      Julian authored
      Pylint non-deterministicly fails to detect that a method is overwritten later
      and complains that the method does not exist. This is pretty annoying and
      remains unfixed in the most recent version.
      d22b62ef
  24. 03 Dec, 2021 1 commit
    • Julian's avatar
      HTTP Basic auth for API with new API_CLIENTS_2 · 917f9ecd
      Julian authored
      This change is going to be backported to v1.x.x to have a good migration path.
      Bearer auth with API_CLIENTS config key is deprecated and planned to be
      removed in v2.0.0.
      917f9ecd
  25. 26 Oct, 2021 1 commit