FreedomBox

mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00

Author	SHA1	Message	Date
Nick Daly	0954d9d383	Merge pull request #17 from petterreinholdtsen/first-boot-create-user Create admin user on first boot.	2013-09-17 19:59:19 -07:00
Petter Reinholdtsen	f24d1fb94d	Merge branch 'master' into first-boot-create-user Resolve conflicts in modules/installed/first_boot.py.	2013-09-16 05:27:57 +02:00
Nick Daly	c99f074f22	Use ExMachina already in Plinth/vendor.	2013-09-15 21:55:23 -05:00
Nick Daly	87753531d2	Reverted change 657068b0.	2013-09-15 21:47:18 -05:00
Nick Daly	b71e832683	Merged Petter's unify-ExMachina-and-Plinth changes.	2013-09-15 21:40:23 -05:00
Nick Daly	5002715cb6	Merge pull request #24 from petterreinholdtsen/first-boot-no-dead-end Provide a way to get out of the first-boot screen, even if it isn't read...	2013-09-15 17:48:30 -07:00
Nick Daly	32a86a54b5	Merge pull request #19 from petterreinholdtsen/first-boot-set-hostname Change first_boot module to show and update current hostname,	2013-09-15 17:43:31 -07:00
Nick Daly	60fa9b0ee0	Merge pull request #18 from petterreinholdtsen/find-exmachina-client-library Fix typo blocking access to exmachina, and report the problem if unable ...	2013-09-15 16:11:59 -07:00
Nick Daly	4c42c1ad1f	Merge pull request #20 from petterreinholdtsen/expert-user-access Fix expert user access checks.	2013-09-15 16:11:18 -07:00
Nick Daly	702bc2292b	Merge pull request #21 from petterreinholdtsen/nonexpert-config-feedback Give sensible feedback for non-expert users visiting system/configure.	2013-09-15 16:10:27 -07:00
Nick Daly	04a266729e	Merge pull request #22 from p1otr/master use stdlib's json module if simplejson is missing	2013-09-15 16:09:58 -07:00
Nick Daly	b6b1119534	Merge pull request #25 from jvalleroy/fix-login Enable multithread for UserStore DB.	2013-09-15 16:05:32 -07:00
Petter Reinholdtsen	8cd1d23e1e	Improve message shown to the users.	2013-09-13 10:04:50 +02:00
James Valleroy	5be8a552ab	Enable multithread for UserStore DB.	2013-09-12 23:14:07 -04:00
Petter Reinholdtsen	023325fdde	Provide a way to get out of the first-boot screen, even if it isn't ready yet.	2013-09-13 00:00:17 +02:00
Petter Reinholdtsen	6409552e70	Fix exmachine import.	2013-09-12 12:58:39 +02:00
Petter Reinholdtsen	657068b026	Import exmachina into plint, using source from Tom Galloway.	2013-09-12 11:05:08 +02:00
Petter Reinholdtsen	7ff6ea14e2	Rewrite fix for UserStore.expert() to be more like UserStoreOld.expert().	2013-09-11 20:31:12 +02:00
Petter Reinholdtsen	1615b7818b	Give sensible feedback for non-expert users visiting system/configure. Explain that only expert users get access, instead of only showing an title.	2013-09-11 20:13:46 +02:00
Petter Reinholdtsen	6effc94349	Fix expert user access checks. Several places in the code, cfg.users.expert() is used as a boolean test to see if the current user is an expert user. But this do not work. Change the implementation of expert() to assume the current user if no argument is given, to get the code working.	2013-09-11 20:11:56 +02:00
Petter Reinholdtsen	71873b6702	Change first_boot module to show and update current hostname, instead of showing the box_name value and failing to set anything when the user specify a host name value.	2013-09-11 14:04:34 +02:00
Petter Reinholdtsen	bad8939389	Fix typo blocking access to exmachina, and report the problem if unable to load the exmachina client library.	2013-09-11 13:46:37 +02:00
Petter Reinholdtsen	0e5bab19d6	Create admin user on first boot. Extend the first_boot module to ask for username and password of user to create on first boot, and create it as a privileged user. This should remove the need for the admin user with well known password.	2013-09-11 09:58:42 +02:00
Piotr Ożarowski	20d4f961b6	use stdlib's json module if simplejson is missing json is available in Python >= 2.6	2013-09-10 23:12:46 +02:00
Nick Daly	ec9a457e3e	Merged: tzafrir's novendor patch. Author: Tzafrir Cohen <tzafrir@debian.org> Description: "vendor" packages are installed as separate system debs	2013-09-08 17:34:53 -05:00
Nick Daly	a97061055c	Merged: tzafrir's install_dir patch. Author: Tzafrir Cohen <tzafrir@debian.org> Description: These things are easier to install with dh * Python modules: fighting with dh_python2 is tough (it changes the /etc/ symlink, for isntance) * Let's just install man pages ourselves for now. * symlinks: with dh_link	2013-09-08 17:31:27 -05:00
Nick Daly	dc5139bd2d	Simplify authentication code.	2013-09-08 16:53:40 -05:00
Nick Daly	ad7f932fe8	Merged: Add time to auth.py Author: Tzafrir Cohen <tzafrir@debian.org> Desription: Missing import from auth.py http://git.tzafrir.org.il/?p=plinth/plinth.git	2013-09-08 16:52:57 -05:00
Nick Daly	10938f8ea9	Merge pull request #15 from petterreinholdtsen/typo-missing-submenus Typo missing submenus	2013-09-08 14:02:51 -07:00
Nick Daly	ff1d882657	Merged: Clean up init.d script, fix dependencies and indentation.	2013-09-08 15:26:31 -05:00
Nick Daly	354148ae69	Normalized whitespace.	2013-09-08 15:20:09 -05:00
Nick Daly	ce0d6a57e3	Included missing dependencies.	2013-09-08 15:07:18 -05:00
Nick Daly	46fb665fd8	Merge pull request #14 from petterreinholdtsen/typo-apps-openid Typo apps openid	2013-09-08 10:50:40 -07:00
Petter Reinholdtsen	63a5243e4b	Fix typo making submenus fail to show up in plinth.	2013-09-07 20:30:56 +02:00
Petter Reinholdtsen	8f917f0349	Fix typo in apps module, Open ID -> Photo Gallery.	2013-09-07 20:29:51 +02:00
Petter Reinholdtsen	2f702d4736	Clean up init.d script, fix dependencies and indentation.	2013-09-05 23:39:38 +02:00
Nick Daly	39ef8a0bf8	Merge pull request #11 from tomgalloway/master Withsqlite is now added as a submodule.	2013-06-26 18:49:29 -07:00
Tom Galloway	6a7a508eb1	Added withsqlite submodule.	2013-04-25 09:53:26 +01:00
Tom Galloway	2bd413e657	If needed instead of an elif.	2013-04-24 09:29:58 +01:00
Nick Daly	3ab7d05bf3	Add hosting and auto-archive-creation. The makefile has three new targets: 1. hosting: Publish repository and automagically build the archives to serve to clients. 2. current-checkout.tar.gz: Create an archive of the current project directory. 3. current-repository.tar.gz: Create an archive of the current project directory along with the source repository metadata so that the archive is a full checkout of the project.	2013-04-23 21:44:09 -05:00
Nick Daly	f55c7a48ea	Merged with James's upstream. Hope I did it right. If I screwed up, withsqlite is borked.	2013-04-23 17:49:22 -05:00
Nick Daly	157226f1b8	Updated links issue.	2013-03-23 22:05:17 -05:00
Nick Daly	1492fe9728	Unify authentication errors. Give the same error if the username doesn't exist or if the password is wrong. If we deliver separate errors, we tell the attacker whether they've picked a valid password or not. Also, if username doesn't exist, hash the password anyway to avoid this timing side-channel attack: 1. Invalid Username: A. User tries to log in with invalid username. B. User name is not found in database. C. Password is never hashed. 2. Invalid Password: A. User tries to log in with valid username. B. User name is found in database. C. Password is hashed. Given that proper password hashing will take a minute, not hashing the password takes so much less time that we've effectively indicated to the attacker that the username didn't exist, regardless of the error message. This way, no such error occurs.	2013-03-23 19:59:20 -05:00
Nick Daly	ea49a08675	Don't crash if we couldn't import ExMachina.	2013-03-23 18:45:07 -05:00
Nick Daly	bef0bcecca	Added "run make".	2013-03-23 18:44:32 -05:00
Nick Daly	83cc3b4614	Build files are now stored in ./vendor/	2013-03-23 18:44:13 -05:00
James Vasile	f5cd610535	template fiddling, but who cares. We're going to simplify that way down and likely delete this file.	2013-02-12 12:29:27 -05:00
James Vasile	939753c892	add text hidden type	2013-02-12 12:28:47 -05:00
James Vasile	bf0b3c28ab	more intro screen work	2013-02-12 12:27:08 -05:00
James Vasile	af650212ca	remove order line (we don't need it). Don't require auth for firstboot	2013-02-09 15:51:32 -05:00

1 2 3 4 5

217 Commits