Radicale

mirror of https://github.com/Kozea/Radicale.git synced 2025-10-03 21:20:45 +00:00

Author	SHA1	Message	Date
Peter Bieringer	b0d56f898b	Merge pull request #1668 from pbiering/login-cache add optional cache for login result and htpasswd + fixes final version will be updated to 3.4.0 next	2025-01-03 07:51:06 +00:00
Peter Bieringer	2442a794ae	tox fixes	2025-01-02 23:17:34 +01:00
Peter Bieringer	a9f2e6fe7b	improve code/adjustments	2025-01-03 07:14:32 +01:00
Peter Bieringer	cf914450ee	remove obsolete code and comment as constant execution time is now done by __init__.py	2025-01-03 07:02:29 +01:00
Peter Bieringer	0d43a49ffb	add variable sleep to have a constant execution time on failed login	2025-01-02 22:33:54 +01:00
Peter Marschall	99f5ec389d	LDAP auth: indroduce config option 'ldap_user_attribute' This option gives us - flexible authentication options where the name used for logging on does not have to be the account name e.g. use ldap_filter = (&(obhjectclass=inetOrgperson)(\|(cn={0]})(mail={0}))) to allow loginng on using the cn or the mail address - automatically consistent / canonicalized username values (i.e. exactly the way the LDAP server returns them)	2025-01-02 12:05:39 +01:00
Peter Marschall	0253682c00	LDAP auth: do not blindly assume groups have a 2-letter naming attribute Instead, strip away everything before (and including) the '=' sign of ther RDN.	2025-01-02 12:05:39 +01:00
Peter Marschall	8c2feb4726	LDAP auth: escape values used in LDAP filters to avoid possible injection of malicious code.	2025-01-02 12:05:39 +01:00
Peter Marschall	c243ae4ebf	LDAP auth: require exactly one result when searching for the LDAP user DN This makes sure not fail securely when the query returns multiple entries - correct grammar in some cases - we're doing _authentication here, not authorization - uppercase LDAP in messages & comments - rename variable _ldap_version to _ldap_module_version to avoid misunderstanding it as LDAP's protocol version - align formatting & messages better between _login2() and _login3()	2025-01-02 12:05:39 +01:00
Peter Marschall	6f82333ff7	LDAP auth: harmonize _login2() and _login3() methods	2025-01-02 12:05:32 +01:00
Peter Bieringer	6f0ac545f0	code fix	2025-01-02 08:08:22 +01:00
Peter Bieringer	0a5ae5b0b4	extend startup logging for htpasswd	2025-01-01 17:31:16 +01:00
Peter Bieringer	5a591b6471	use different token	2025-01-01 16:41:11 +01:00
Peter Bieringer	8604dacad0	fix typing	2025-01-01 16:40:55 +01:00
Peter Bieringer	ca665c4849	add a dummy delay action	2025-01-01 16:32:07 +01:00
Peter Bieringer	8fdbd0dbf6	log cosmetics	2025-01-01 16:31:47 +01:00
Peter Bieringer	46fe98f60b	make htpasswd cache optional	2025-01-01 16:31:31 +01:00
Peter Bieringer	c10ce7ae46	add support for login info log	2025-01-01 16:30:34 +01:00
Peter Bieringer	6ebca08423	extend copyright	2025-01-01 15:47:22 +01:00
Peter Bieringer	c1be04abd1	fixes suggested by tox	2024-12-31 18:26:43 +01:00
Peter Bieringer	5357e692d9	[auth] htpasswd: module 'bcrypt' is no longer mandatory in case digest method not used in file	2024-12-31 17:09:21 +01:00
Peter Bieringer	2489356dda	implement htpasswd file caching	2024-12-31 16:14:38 +01:00
Peter Bieringer	5ce0cee8bf	add chache cleanup and locking	2024-12-31 16:13:52 +01:00
Peter Bieringer	b75e303556	reorg code, disable caching on not required types	2024-12-31 08:11:19 +01:00
Peter Bieringer	a794a51885	fix failed_login cache, improve coding	2024-12-31 07:57:54 +01:00
Peter Bieringer	4f2990342d	add additional debug line	2024-12-31 07:57:13 +01:00
Peter Bieringer	9af15e6656	fixes triggered by tox	2024-12-30 05:25:10 +01:00
Peter Bieringer	ddd099accd	debug log which password hash method was used	2024-12-30 08:17:59 +01:00
Peter Bieringer	8e97b709bf	implement cache_logins* option	2024-12-30 08:17:59 +01:00
Peter Marschall	b22038c746	LDAP auth: a little bit of cleanup - correct grammar in some cases - we're doing authentication here, not authorization - uppercase LDAP in messages & comments - rename variable _ldap_version to _ldap_module_version to avoid misunderstanding it as LDAP's protocol version	2024-12-29 17:36:01 +01:00
IM	94898ef6c1	flake8 E302	2024-12-25 22:28:01 +03:00
IM	7df2fb35a7	Disable overloading BaseAuth login method	2024-12-25 21:56:04 +03:00
Peter Bieringer	3ebe51a4cb	Add: option [auth] uc_username for uppercase conversion (similar to existing lc_username)	2024-12-14 09:25:36 +01:00
Peter Bieringer	886f4ee8d0	make tox happy	2024-12-14 09:09:36 +01:00
Peter Bieringer	46acbfd987	Improve: auth.ldap config shown on startup, terminate in case no password is supplied for bind user	2024-12-14 09:04:15 +01:00
Peter Bieringer	0e0592e3b8	extend copyright	2024-12-14 09:02:36 +01:00
Bishtawi	ee2af306d7	Support loading ldap secret from file	2024-11-05 00:35:36 -08:00
Peter Bieringer	687624a403	fix spelling	2024-11-02 13:23:41 +01:00
Jean-Denis Girard	f25a5fbc79	Rebase galaxy4public patch on top of `bf4f5834`	2024-10-30 10:33:10 -10:00
Dipl. Ing. Péter Varkoly	e887b06d21	Fix syntax	2024-09-23 15:49:58 +02:00
Dipl. Ing. Péter Varkoly	b1c682de57	Enhance docomentation. Fix imports	2024-09-23 15:46:08 +02:00
Dipl. Ing. Péter Varkoly	0feca04086	Implementing ssl connection for ldap auth	2024-09-23 10:19:50 +02:00
Dipl. Ing. Péter Varkoly	645619bac8	Fix format string	2024-09-17 09:33:31 +02:00
Dipl. Ing. Péter Varkoly	b081b3ea06	Fix issue #197 [ERROR] An exception occurred during GET request on '/.web/': string indices must be integers, not 'str' when using LDAP Enhance logging	2024-09-17 09:25:38 +02:00
Dipl. Ing. Péter Varkoly	a7f33c8795	Reorder imports.	2024-09-12 12:17:34 +02:00
Dipl. Ing. Péter Varkoly	da04d95b75	Fixing type definition error.	2024-09-11 14:13:06 +02:00
Dipl. Ing. Péter Varkoly	e05fbeb950	Apply suggestions of mypy	2024-09-11 09:13:26 +02:00
Dipl. Ing. Péter Varkoly	d75b071fec	Fix the problems found by flake8.	2024-09-11 08:12:08 +02:00
Dipl. Ing. Péter Varkoly	5cb16a3a2d	Fix syntax	2024-09-09 09:42:30 +02:00
Dipl. Ing. Péter Varkoly	8b8d7729a2	Now ldap auth can use ldap and ldap3 also.	2024-08-26 14:16:40 +02:00

1 2 3

114 commits