nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
256 Commits 11 Branches 403 Tags 290 MiB
Commit Graph

58 Commits

Author SHA1 Message Date
Nick Daly
692ac6fead Merge pull request #35 from jvalleroy/xmpp-service-module 
XMPP Service Module
 2013-10-06 19:25:47 -07:00
Nick Daly
a9c853e5bd Merged with upstream. 2013-10-06 21:21:43 -05:00
Nick Daly
c61e73245a Made URLs less absolute. 2013-10-06 21:11:08 -05:00
James Valleroy
17f3965db8 Added XMPP settings form with control of in-band registration. 2013-10-03 19:48:57 -04:00
James Valleroy
349517339d Check output of XMPP account registration. 2013-10-03 06:16:37 -04:00
James Valleroy
2fd1d6e7b2 Added action to register xmpp account. 2013-09-29 23:00:54 -04:00
James Valleroy
d0157e09ab Non-functional XMPP account registration form. 2013-09-29 22:28:26 -04:00
James Valleroy
cda21f395f Fix to avoid python error about non-ASCII character. 2013-09-28 18:06:03 -04:00
Nick Daly
d722ca950f Merge pull request #31 from petterreinholdtsen/app-owncloud 
Add support for owncloud in the apps menu
 2013-09-28 10:48:39 -07:00
Nick Daly
f69549c480 Merge pull request #27 from petterreinholdtsen/forms-radio-buttons 
Add support for radio buttons.
 2013-09-28 10:46:32 -07:00
Petter Reinholdtsen
6630a8f3d5 Make sure login do not throw exception for unknown users. 2013-09-26 20:04:27 +02:00
Petter Reinholdtsen
829e40198d Get owncloud enabling limping along. 2013-09-26 11:34:04 +02:00
Petter Reinholdtsen
fe33c348b4 First draft to add owncloud support. 2013-09-23 15:18:53 +02:00
Petter Reinholdtsen
444365ec78 Rewrite plinth to use sudo and action scripts instead of exmachina for privileged accesss. 2013-09-23 09:37:24 +02:00
Petter Reinholdtsen
3c78b92d04 Add support for radio buttons. 2013-09-19 12:35:16 +02:00
Petter Reinholdtsen
f24d1fb94d Merge branch 'master' into first-boot-create-user 
Resolve conflicts in modules/installed/first_boot.py.
 2013-09-16 05:27:57 +02:00
Nick Daly
5002715cb6 Merge pull request #24 from petterreinholdtsen/first-boot-no-dead-end 
Provide a way to get out of the first-boot screen, even if it isn't read...
 2013-09-15 17:48:30 -07:00
Nick Daly
32a86a54b5 Merge pull request #19 from petterreinholdtsen/first-boot-set-hostname 
Change first_boot module to show and update current hostname,
 2013-09-15 17:43:31 -07:00
Nick Daly
4c42c1ad1f Merge pull request #20 from petterreinholdtsen/expert-user-access 
Fix expert user access checks.
 2013-09-15 16:11:18 -07:00
Nick Daly
702bc2292b Merge pull request #21 from petterreinholdtsen/nonexpert-config-feedback 
Give sensible feedback for non-expert users visiting system/configure.
 2013-09-15 16:10:27 -07:00
Nick Daly
04a266729e Merge pull request #22 from p1otr/master 
use stdlib's json module if simplejson is missing
 2013-09-15 16:09:58 -07:00
Petter Reinholdtsen
8cd1d23e1e Improve message shown to the users. 2013-09-13 10:04:50 +02:00
James Valleroy
5be8a552ab Enable multithread for UserStore DB. 2013-09-12 23:14:07 -04:00
Petter Reinholdtsen
023325fdde Provide a way to get out of the first-boot screen, even if it isn't ready yet. 2013-09-13 00:00:17 +02:00
Petter Reinholdtsen
7ff6ea14e2 Rewrite fix for UserStore.expert() to be more like UserStoreOld.expert(). 2013-09-11 20:31:12 +02:00
Petter Reinholdtsen
1615b7818b Give sensible feedback for non-expert users visiting system/configure. 
Explain that only expert users get access, instead of only showing
an title.
 2013-09-11 20:13:46 +02:00
Petter Reinholdtsen
6effc94349 Fix expert user access checks. 
Several places in the code, cfg.users.expert() is used as a boolean
test to see if the current user is an expert user.  But this do not work.
Change the implementation of expert() to assume the current user if no
argument is given, to get the code working.
 2013-09-11 20:11:56 +02:00
Petter Reinholdtsen
71873b6702 Change first_boot module to show and update current hostname, 
instead of showing the box_name value and failing to set anything
when the user specify a host name value.
 2013-09-11 14:04:34 +02:00
Petter Reinholdtsen
0e5bab19d6 Create admin user on first boot. 
Extend the first_boot module to ask for username and password of
user to create on first boot, and create it as a privileged user.
This should remove the need for the admin user with well known
password.
 2013-09-11 09:58:42 +02:00
Piotr Ożarowski
20d4f961b6 use stdlib's json module if simplejson is missing 
json is available in Python >= 2.6
 2013-09-10 23:12:46 +02:00
Nick Daly
ec9a457e3e Merged: tzafrir's novendor patch. 
Author: Tzafrir Cohen <tzafrir@debian.org>
Description: "vendor" packages are installed as separate system debs
 2013-09-08 17:34:53 -05:00
Nick Daly
dc5139bd2d Simplify authentication code. 2013-09-08 16:53:40 -05:00
Nick Daly
ad7f932fe8 Merged: Add time to auth.py 
Author: Tzafrir Cohen <tzafrir@debian.org>
Desription: Missing import from auth.py
http://git.tzafrir.org.il/?p=plinth/plinth.git
 2013-09-08 16:52:57 -05:00
Petter Reinholdtsen
8f917f0349 Fix typo in apps module, Open ID -> Photo Gallery. 2013-09-07 20:29:51 +02:00
Tom Galloway
2bd413e657 If needed instead of an elif. 2013-04-24 09:29:58 +01:00
Nick Daly
f55c7a48ea Merged with James's upstream. 
Hope I did it right.  If I screwed up, withsqlite is borked.
 2013-04-23 17:49:22 -05:00
Nick Daly
1492fe9728 Unify authentication errors. 
Give the same error if the username doesn't exist or if the password
is wrong.  If we deliver separate errors, we tell the attacker whether
they've picked a valid password or not.

Also, if username doesn't exist, hash the password anyway to avoid
this timing side-channel attack:

1. Invalid Username:

   A. User tries to log in with invalid username.
   B. User name is not found in database.
   C. Password is never hashed.

2. Invalid Password:

   A. User tries to log in with valid username.
   B. User name is found in database.
   C. Password is hashed.

Given that proper password hashing will take a minute, *not* hashing
the password takes so much less time that we've effectively indicated
to the attacker that the username didn't exist, regardless of the
error message.  This way, no such error occurs.
 2013-03-23 19:59:20 -05:00
Tom Galloway
76d67d67f1 Add User & Delete User now works correctly. 2013-01-22 20:22:19 +00:00
Tom Galloway
c4cddbfc0e Changes to get user management screens started. Updated UserStore to add all expected functions. Added tests for these functions. 2013-01-21 10:30:52 +00:00
Tom Galloway
646b5518bb withsqlite is now retrieved from github. Manage User & Groups pages now display correctly but don't do anything yet. 2013-01-16 13:08:48 +00:00
Tom Galloway
b54a4906e6 Fix to allow hostname to be updated on Ubuntu. This needed a change to exmachina which I've created a pull request for. I've updated Make to point to my fork of exmachina until this has been merged, when it can be reverted. 2013-01-10 09:15:31 +00:00
bnewbold
09fbb23e90 use exmachina to configure timezone 2012-07-26 12:41:26 -07:00
bnewbold
f1e764f2e5 integrate exmachina configuration management layer 
- add exmachina code and test code
- modify plinth.py to listen for shared secret on stdin at start
  (if appropriate flag is set) and try to connect to exmachina daemon
- use exmachina to read and set /etc/hostname as a demo
- update plinth init.d script to start exmachina and share keys
- update docs with new deps and run instructions
 2012-07-12 22:25:50 -04:00
Sean O'Brien
5685d3f387 fixes to boostrap, new icons, mobile view works 2012-03-12 14:39:32 -04:00
Sean O'Brien
638b287d1b new template based upon bootstrap 2012-03-12 14:39:31 -04:00
James Vasile
72cf4d639b unlink santiago 2012-02-19 15:16:39 -05:00
James Vasile
992eff9e13 flesh out santiago and apache config a bit 2012-02-19 15:07:16 -05:00
James Vasile
f7d59c5900 enable santiago 2012-02-19 15:07:16 -05:00
James Vasile
71074920b8 starting santiago 2012-02-19 15:07:16 -05:00
James Vasile
d86de60270 add order to privacy page plugin 2012-02-19 15:07:14 -05:00