nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-02-11 08:23:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,795 Commits 11 Branches 404 Tags 293 MiB
Commit Graph

2795 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Daly
8343946de9 Merged jvalleroy's bcrypt. 2013-11-17 16:45:35 -06:00
Nick Daly
a0a9e96a29 Remove the /plinth/static location. 
Otherwise, Apache 500s on the static files.
 2013-11-17 16:22:21 -06:00
Nick Daly
33c2cec0ae Merged with upstream. 2013-11-17 16:06:41 -06:00
Nick Daly
0539dfb28a Privileged Actions can take option lists again. 2013-11-17 16:01:12 -06:00
Nick Daly
0426284ecf Merge pull request #55 from petterreinholdtsen/correct-issue-tracker 
Correct URL to current upstream github project.
 2013-11-17 09:41:03 -08:00
Petter Reinholdtsen
9274ccd814 Correct URL to current upstream github project. 2013-11-17 13:14:43 +01:00
James Valleroy
880e9bd76a Set default paths in auth_page module to begin with server_dir. 2013-11-16 13:21:27 -05:00
James Valleroy
42ab442930 Cosmetic changes to owncloud page. 2013-11-16 07:14:00 -05:00
James Valleroy
ea0f5b8102 Earlier I removed some flexibility from XMPP/Owncloud config forms to get things working. Restoring code that will make it easier to add new parameters in the future. 2013-11-16 07:05:27 -05:00
James Valleroy
6c15728426 Change Owncloud config form to use FormPlugin methods. 2013-11-16 00:10:06 -05:00
James Valleroy
ee8ee9f41f Merge branch 'improve-apps-page' into bugfixes 2013-11-15 23:37:36 -05:00
James Valleroy
579ae89477 Change XMPP server config form to use FormPlugin methods. This works with POST form method. 2013-11-15 23:36:45 -05:00
James Valleroy
4111fca8eb Move owncloud into its own module. 2013-11-14 22:21:17 -05:00
James Valleroy
63508b6bba Fix some bugs in xmpp module. 2013-11-14 19:15:45 -05:00
James Valleroy
a7decf383e Check user db permissions when we redirect to firstboot, instead of trying to check if the file exists. 2013-11-14 18:28:47 -05:00
James Valleroy
3f36781fdf If creating a new user db, make sure it's permission is 640. 2013-11-13 23:45:40 -05:00
James Valleroy
d48ecb6722 Use server_dir as replacement for base_href. 2013-11-13 20:47:33 -05:00
James Valleroy
1127ff4f99 Prepend server_dir to menu items. 2013-11-13 20:38:39 -05:00
James Valleroy
b5591cb008 Fix typo in base template. 2013-11-13 20:05:44 -05:00
Nick Daly
7f3b1a62c8 Added fixme. 2013-11-12 22:05:03 -06:00
Nick Daly
22cce897bc Made security.mdwn a little more explicit wrt bcrypt. 2013-11-12 21:13:02 -06:00
James Valleroy
2f7b56e6a9 No need to have avoid timing side-channel attack in user_add. We're just going to tell you if the user already exists anyway. 2013-11-11 07:34:27 -06:00
James Valleroy
96edae33ed Remove time.clock line in auth module. It wasn't being used. 2013-11-11 07:34:27 -06:00
James Valleroy
292bedebe6 Use POST instead of GET for forms. It seems like it's working now. 2013-11-11 07:34:27 -06:00
James Valleroy
25974bad85 Modify firstboot and user_add forms to use add_user function. 2013-11-11 07:34:27 -06:00
James Valleroy
3a696e0bb9 Fix check for already existing username in add_user. Add documentation of process for storing and validating hashed passwords. 2013-11-11 07:31:53 -06:00
James Valleroy
f7ad1089a5 Update tests for auth module, and fix some bugs discovered in auth module. 2013-11-11 07:31:53 -06:00
James Valleroy
2abe8559e5 Add add_user function to auth module. 2013-11-11 07:31:53 -06:00
James Valleroy
c4b2fb1a60 Use bcrypt to hash passwords for new users in firstboot and user_add forms. Removed references to md5 hashing which was already non-functional. 2013-11-11 07:31:53 -06:00
James Valleroy
41e46d53b5 update model 2013-11-11 07:28:27 -06:00
James Valleroy
4a9177a257 Use bcrypt for login form. Add tests to check that salts and hashes are random, and check handling of invalid passwords or salts. 2013-11-11 07:28:26 -06:00
Nick Daly
8ba1d318ec Hash the password on the server. 
This saves us the need of distributing additional client libraries,
and requires us to actually enable proper security instead of
badly-built shims.
 2013-11-10 21:54:39 -06:00
Nick Daly
d8ead196eb Added Debug flag (currently unused). 2013-11-10 21:50:09 -06:00
Nick Daly
d08f139c22 Made errors more Python version-independent. 2013-11-10 21:49:55 -06:00
Nick Daly
95fbf9527f Merge pull request #50 from jvalleroy/fix-redirects 
Fix redirects
 2013-11-10 19:34:34 -08:00
Nick Daly
2958df9f39 Revert 8fd6c607298517e6318ab027da940e3fe5c7830f. 2013-11-10 16:39:43 -06:00
Nick Daly
a9c6b17624 Merge Hostname fix. 2013-11-10 16:34:31 -06:00
Nick Daly
827defed77 Allow Apache to serve Plinth's static files correctly. 
When the */plinth/static* configuration is above */plinth*, it doesn't
work.  Move it below the */plinth* configuration so static files will
be served correctly.
 2013-11-10 16:31:23 -06:00
Nick Daly
13d8514634 Merge pull request #49 from jvalleroy/fix-hostname-change 
Fix parameter for hostname-change
 2013-11-10 13:12:46 -08:00
Nick Daly
574edb93cd Merged with upstream. 2013-11-05 22:46:52 -06:00
Nick Daly
1eb5dde1f7 Merge simple config changes. 2013-11-05 22:45:05 -06:00
Nick Daly
8fd6c60729 Remove static self-reference. 2013-11-05 22:44:06 -06:00
Nick Daly
ae3d61bec4 Simplify config loading. 
These changes should make it easier to customize standard Plinth file
locations for other distributions going forward.  Most of the defaults
have been removed from *cfg.py*: we now assume that your plinth.config
file contains all the data we need.  This may turn out to be a bad
decision (not everybody retains a copy of the original config file).

I've also reorganized *plinth.sample.config* to separate the
directories from the files they're storing.  This should be the file
distributions patch in order to customize file locations per their
preferred file organization.
 2013-11-05 22:03:32 -06:00
James Valleroy
91cdbc4ef8 No need to have avoid timing side-channel attack in user_add. We're just going to tell you if the user already exists anyway. 2013-11-04 02:37:12 +00:00
James Valleroy
978db68137 Remove time.clock line in auth module. It wasn't being used. 2013-11-04 02:23:40 +00:00
James Valleroy
f55ba41551 Use POST instead of GET for forms. It seems like it's working now. 2013-11-04 02:13:27 +00:00
James Valleroy
dccd1deae1 Modify firstboot and user_add forms to use add_user function. 2013-11-04 02:00:40 +00:00
James Valleroy
9238aea8fe Fix check for already existing username in add_user. Add documentation of process for storing and validating hashed passwords. 2013-11-04 01:14:17 +00:00
James Valleroy
01ac7e164e Update tests for auth module, and fix some bugs discovered in auth module. 2013-11-04 00:30:21 +00:00
James Valleroy
dbeb31dfa1 Add add_user function to auth module. 2013-11-03 23:39:16 +00:00