nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
382 Commits 11 Branches 403 Tags 290 MiB
Commit Graph

106 Commits

Author SHA1 Message Date
Nick Daly
434a2a5833 Merge pull request #59 from jvalleroy/module-manager 
Merge: James Valleroy's Plinth Module Manager
 2014-03-02 23:24:22 +00:00
Nick Daly
c5ceae5819 Properly use bcrypt: 
- Don't crypto: use a library provided time-independent comparison.

- Document details about max password length and other caveats.
 2014-03-02 15:36:22 -06:00
James Valleroy
1e21712fa5 Instead of a separate page and form classes for ownCloud module, just need one class that does both. 2014-01-31 23:19:38 -05:00
James Valleroy
c9d58ee73d Combined module management actions into a single file, so it should be easier to add new optional modules. 2014-01-31 21:44:32 -05:00
James Valleroy
411785eb3f Make module manager work for any available modules. 2014-01-31 19:48:40 -05:00
James Valleroy
7c6f1e72fa simple form for enabling/disabling owncloud module 2014-01-27 22:42:06 -05:00
Nick Daly
2f98202312 Added some module-level documentation. 
Of course, only stage 0 (#1: Hello!) is written.  The rest will come
next.
 2013-12-26 22:39:55 -06:00
Nick Daly
0ec794aaa7 Merge pull request #56 from jvalleroy/remove_old_user_db 
Remove old user stuff
 2013-11-24 20:43:35 -08:00
Nick Daly
16c994b787 Cleaned up missed references to privilegedactions. 2013-11-24 22:07:13 -06:00
Nick Daly
e23650232b Merged async actions. 2013-11-24 18:46:16 -06:00
Nick Daly
6567dc1758 Renamed privilegedactions to actions. 2013-11-24 18:29:27 -06:00
James Valleroy
2eb4f8bf1a Fix add/edit links in users module. 2013-11-20 21:37:03 -05:00
James Valleroy
030675b900 Remove old cfg.users_dir. Remove old UserStore class. 2013-11-20 21:29:28 -05:00
James Valleroy
880e9bd76a Set default paths in auth_page module to begin with server_dir. 2013-11-16 13:21:27 -05:00
James Valleroy
42ab442930 Cosmetic changes to owncloud page. 2013-11-16 07:14:00 -05:00
James Valleroy
ea0f5b8102 Earlier I removed some flexibility from XMPP/Owncloud config forms to get things working. Restoring code that will make it easier to add new parameters in the future. 2013-11-16 07:05:27 -05:00
James Valleroy
6c15728426 Change Owncloud config form to use FormPlugin methods. 2013-11-16 00:10:06 -05:00
James Valleroy
ee8ee9f41f Merge branch 'improve-apps-page' into bugfixes 2013-11-15 23:37:36 -05:00
James Valleroy
579ae89477 Change XMPP server config form to use FormPlugin methods. This works with POST form method. 2013-11-15 23:36:45 -05:00
James Valleroy
4111fca8eb Move owncloud into its own module. 2013-11-14 22:21:17 -05:00
James Valleroy
63508b6bba Fix some bugs in xmpp module. 2013-11-14 19:15:45 -05:00
Nick Daly
7f3b1a62c8 Added fixme. 2013-11-12 22:05:03 -06:00
Nick Daly
22cce897bc Made security.mdwn a little more explicit wrt bcrypt. 2013-11-12 21:13:02 -06:00
James Valleroy
2f7b56e6a9 No need to have avoid timing side-channel attack in user_add. We're just going to tell you if the user already exists anyway. 2013-11-11 07:34:27 -06:00
James Valleroy
96edae33ed Remove time.clock line in auth module. It wasn't being used. 2013-11-11 07:34:27 -06:00
James Valleroy
292bedebe6 Use POST instead of GET for forms. It seems like it's working now. 2013-11-11 07:34:27 -06:00
James Valleroy
25974bad85 Modify firstboot and user_add forms to use add_user function. 2013-11-11 07:34:27 -06:00
James Valleroy
3a696e0bb9 Fix check for already existing username in add_user. Add documentation of process for storing and validating hashed passwords. 2013-11-11 07:31:53 -06:00
James Valleroy
f7ad1089a5 Update tests for auth module, and fix some bugs discovered in auth module. 2013-11-11 07:31:53 -06:00
James Valleroy
2abe8559e5 Add add_user function to auth module. 2013-11-11 07:31:53 -06:00
James Valleroy
c4b2fb1a60 Use bcrypt to hash passwords for new users in firstboot and user_add forms. Removed references to md5 hashing which was already non-functional. 2013-11-11 07:31:53 -06:00
James Valleroy
4a9177a257 Use bcrypt for login form. Add tests to check that salts and hashes are random, and check handling of invalid passwords or salts. 2013-11-11 07:28:26 -06:00
Nick Daly
8ba1d318ec Hash the password on the server. 
This saves us the need of distributing additional client libraries,
and requires us to actually enable proper security instead of
badly-built shims.
 2013-11-10 21:54:39 -06:00
Nick Daly
95fbf9527f Merge pull request #50 from jvalleroy/fix-redirects 
Fix redirects
 2013-11-10 19:34:34 -08:00
Nick Daly
13d8514634 Merge pull request #49 from jvalleroy/fix-hostname-change 
Fix parameter for hostname-change
 2013-11-10 13:12:46 -08:00
James Valleroy
7536b7387b Remove references to deleted md5.js file. 2013-11-02 17:34:17 +00:00
James Valleroy
7b3a2fbe2c Remove completed TODO. 2013-11-02 17:34:17 +00:00
James Valleroy
504a195708 Remove commit line from UserStore. This function was not defined in withsqlite, and also unnecessary since autocommit is on. 2013-11-02 17:34:17 +00:00
James Valleroy
60ea9f43cd Prepend server_dir to form actions that use absolute paths. 2013-11-02 11:40:18 +00:00
James Valleroy
77948f0e96 prepend server_dir to remaining redirects 2013-11-02 11:34:23 +00:00
James Valleroy
38d3e84961 first_boot needs to move up a folder to reach router. Prepend server_dir to redirects in router, auth, and auth_page. 2013-11-02 11:25:37 +00:00
James Valleroy
4d97c29980 Change firstboot redirects so they don't go to firstboot/firstboot. 2013-11-02 11:03:26 +00:00
James Valleroy
a5adb1c292 Convert unicode (but otherwise valid) hostname to ASCII. Pass hostname option to hostname-change as a string rather than a list. 2013-11-02 02:20:02 +00:00
Nick Daly
3a30660c25 Revert 4d529b75857597dedd181045ba1bf97b99c66b3e. 
Turns out, that was a terrible idea.

Putting privilegedactions in actions/ meant that we tried to interpret
it during startup (along with other similarly silly bugs).  The
fastest way to fix this issue is to merely revert it.
 2013-10-30 21:45:43 -05:00
Nick Daly
0296a1a99c Removed unused import. 2013-10-27 17:47:18 -05:00
Nick Daly
9e276c3ffb Undo this change, bad idea. 
English letters do not always sort as expected in non-en locales.
 2013-10-27 17:41:19 -05:00
Nick Daly
5e9f221ef5 Simplified hostname name matching test. 
The first character must be a letter, and [A-z] is easier to manage
than 52 individual letters.
 2013-10-27 10:49:53 -05:00
Nick Daly
4d529b7585 Moved privilegedactions to the actions directory. 2013-10-27 10:26:06 -05:00
Nick Daly
692ac6fead Merge pull request #35 from jvalleroy/xmpp-service-module 
XMPP Service Module
 2013-10-06 19:25:47 -07:00
Nick Daly
a9c853e5bd Merged with upstream. 2013-10-06 21:21:43 -05:00