- Change sso refresh url to refresh-pubtkt since refresh was conflicting with
captcha's image refresh url.
- Fix datetime.timedelta calculation for refresh interval. Now validity of
ticket is 30 seconds as it was intended to be. It was wrongly set to 30 days
earlier.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
(django-axes + django-simple-captcha) with sso is working at this point.
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- clearing ip address correctly is not implemented yet
- currently clearing all ip addresses
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
User will be shown captcha in the second attempt to login if login
fails in the first attempt.
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Removed key generation for mod_auth_pubtkt from first boot.
- Running setup every time plinth starts so that new essential modules
can be setup properly.
Partially fixes#875
- Install mod_auth_pubtkt and generate public/private key-pair.
- Redirect user to login page if no cookie is presented.
- Add check for authenticated user for login page.
- Temporarily switched to DSA because of a bug in mod_auth_pubtkt
which causes it to accept only DSA and not RSA. Also had to use SHA1
instead of SHA256.
- Enabled SSO for Syncthing, Repro and TT-RSS.
- Using tokens to authorize by user groups.
- Generate keys during first boot.
