upstream/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2026-06-17 12:35:55 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
14337 commits 138 branches 78 tags 82 MiB
Commit graph

114 commits

Author SHA1 Message Date
Johannes Rauh
5665b64df5 Remove redundant $skip2fa parameter from Auth::isAuthenticated() 
The parameter was only ever passed as true by the RememberMe path in
`loginAction()`, intending to let a cookie-based re-authentication bypass the
2FA gate. It was unnecessary for the following reason:

`RememberMe::authenticate()` already calls `setTwoFactorSuccessful()` on the
user before `setAuthenticated()` is called, so the gate condition evaluates to
false on its own.
 2026-04-30 10:59:24 +02:00
Johannes Rauh
b1a3ec8770 Use one combined LoginForm 
The form displays either the login inputs or the inputs to verify
the totp token depending on whether `'2fa_must_challenge_token'`
is set `true` in the session.
 2026-04-30 10:59:24 +02:00
Johannes Rauh
e6b97eeb90 Rewrite authentication forms to ipl forms 
Removed description for `rememberme` input, because it wasn't
displayed anywhere.
 2026-04-30 10:59:24 +02:00
Johannes Rauh
5e223322df Adjust remember me functionality to work with 2fa 
If 2fa is enable the remember me cookie only gets set if the 2fa
authentication was successful. To log the user back in from the
cookie the 2fa will be skipped.
 2026-04-30 10:59:24 +02:00
Johannes Rauh
69e4e43baf Simplify if condition 2026-04-30 10:59:24 +02:00
Johannes Rauh
b34978533c Rename session key for 2fa challenge 
Rename from 'must_challenge_2fa_token' to '2fa_must_challenge_token'
for a uniform naming schema in the future always starting with '2fa_'.
 2026-04-30 10:59:24 +02:00
Jan Schuppik
121fe23c25 Initial implementation 
From https://github.com/Icinga/icingaweb2/pull/5397
 2026-04-30 10:59:24 +02:00
Eric Lippmann
97d3106b73 wip 2026-04-30 10:59:24 +02:00
Eric Lippmann
662de28f85 License source files as GPL-3.0-or-later 
Add SPDX license headers and mark source files as GPL-3.0-or-later to
preserve the option to relicense under later GPL versions.
 2026-03-26 17:49:26 +01:00
Alexander Aleksandrovič Klimov
4037eb51b1
LoginButtonHook: Support additional buttons below the login form (#5442)
Some checks failed
L10n Update / update (push) Has been cancelled
Details
CI / PHP (push) Has been cancelled
Details 
Introduces `LoginButtonHook`, a new hook for rendering additional buttons
below the login form. Extend this class to display custom buttons on the
Icinga Web login page — useful for alternative authentication flows such
as SSO. Register your implementation by calling
`YourLoginButtons::register()` during module initialization.
 2026-03-04 15:32:06 +01:00
raviks789
0476046ce6 AuthenticationController: Use correct name case for method AesCrypt::getIV() 2023-08-23 10:53:14 +02:00
Johannes Meyer
ec7fb82a94 login: Don't redirect to external resources 
fixes #4945
 2022-12-07 11:54:45 +01:00
Sukhwinder Dhillon
8c22514758 Utilize multiple encryption ciphers for remember me 2021-08-09 16:58:58 +02:00
Sukhwinder Dhillon
645c0770a2
Rememberme compatibility with php version 5.6+ (#4472) 2021-07-26 17:37:38 +02:00
Eric Lippmann
68acf12407
Remember me (#4112) 
Co-authored-by: Sukhwinder Dhillon <sukhwinder.dhillon@icinga.com>
 2021-05-21 15:43:06 +02:00
Johannes Meyer
67c8053dc9 login: Override the default title instead of setting a title 
refs #3851
 2019-07-15 08:26:23 +02:00
Johannes Meyer
4c96da3d56 auth/external: Use a stripped down layout for the logout workaround 
We've used the standard layout before which caused a automatic login.
Automatic because the browser saw our js/css <link> tags and accessed
the routes which in turn logged in the user, but only if there's a
enabled module which's configuration.php (or run.php) accesses the
Auth singleton. The stripped down layout provides its own js/css so
there's no need for our full-blown resources.

fixes #3583
 2018-10-02 15:24:11 +02:00
Davide Bizzarri
8b5fe61996 Add AuthenticationHook 
Created AuthenticationHook class with two main methods: onLogin and
onLogout that are called after login and before logout.
 2018-03-28 16:18:31 +02:00
Alexander A. Klimov
474803fee4 Change all license headers to only reflect a file's year of creation 
refs #11000
 2016-02-08 15:41:00 +01:00
Eric Lippmann
271b5f9d5c Move cookie support detection to a helper class 
Icinga\Web\Cookie will become a real cookie implementation.
 2015-11-27 15:42:18 +01:00
Eric Lippmann
e92414ea6d Use Request::setBody() for cookies disabled message 2015-08-27 13:21:43 +02:00
Eric Lippmann
016bcf070f Remove unused alias in the AuthenticationController 2015-08-27 13:10:21 +02:00
Eric Lippmann
5518f61614 Namespace the AuthenticationController 
refs #5786
 2015-08-27 13:09:58 +02:00
Alexander Fuhr
a9ff6eebc0 Merge branch 'master' into bugfix/cookie-support-7383 2015-08-13 11:22:14 +02:00
Alexander Fuhr
d468c59e32 AuthenticationController: Add cookie detection to login action 
refs #7383
 2015-08-13 11:21:05 +02:00
Johannes Meyer
fa1e3a763d Do not show the full layout on the login page 
...

refs #9892
 2015-08-13 08:12:30 +02:00
Eric Lippmann
1b5c5deace lib: Rename remote user to external user 
We renamed our backend. Code now reflects this.

refs #9660
 2015-07-29 15:44:32 +02:00
Eric Lippmann
23fcd39503 Relax auth controller complexity 
refs #9660
 2015-07-29 14:17:07 +02:00
Johannes Meyer
6ca68f438d Move concrete UserBackend classes to Icinga\Authentication\User 
refs #8826
 2015-04-21 12:51:31 +02:00
Eric Lippmann
7288f2e92b Use space after the boolean negotiation operator 2015-03-11 22:25:52 +01:00
Eric Lippmann
4570151b4b Fix indentation for strings spanning multiple lines in our auth controller 2015-03-11 22:11:10 +01:00
Johannes Meyer
dfc18e0f95 Display authentication exceptions as form errors 2015-02-12 09:11:03 +01:00
Eric Lippmann
6bae2e0a53 Note that our license is GPL v2 or any later version in our license header instead of pointing to the license's URL 2015-02-04 10:52:27 +01:00
Eric Lippmann
5b4fab0750 Add license header 
This time without syntax errors hopefully :)
 2015-02-03 16:27:59 +01:00
Eric Lippmann
5fa2e3cfdc Revert "Add license header" 
This reverts commit 338d067aba.
 2015-02-03 16:16:26 +01:00
Eric Lippmann
338d067aba Add license header 
fixes #7788
 2015-02-03 15:51:04 +01:00
Johannes Meyer
7ad44b8411 login: Show a note if the only active external auth backend is not available 
refs #8274
 2015-01-27 14:26:06 +01:00
Johannes Meyer
d99d147901 Fix usages of AutoLoginBackend 
refs #8274
 2015-01-27 13:45:13 +01:00
Eric Lippmann
250e05f2e8 Optimize imports in AuthenticationController.php 2014-12-29 14:30:47 +01:00
Eric Lippmann
9d8fab51b1 Use the setup related utility functions in AuthenticationController.php 2014-12-29 14:30:06 +01:00
Johannes Meyer
be6358452e Do not redirect to the wizard in case of an empty config.ini 2014-11-18 13:13:02 +01:00
Thomas Gelf
da47c7fc7e Merge remote-tracking branch 'origin/master' into feature/redesign-7144 2014-11-14 21:32:57 +01:00
Johannes Meyer
775c20d9ad Rename namespace Icinga\Form to Icinga\Forms 
refs #7553
 2014-11-14 10:57:14 +01:00
Bernd Erk
c98a6d5912 Fixes type in error message 2014-11-13 15:41:31 +01:00
Johannes Meyer
259a465f97 Show only the most important warning on the login page 2014-11-12 16:23:55 +01:00
Johannes Meyer
2eb9a771c9 Do not check for any config file, just the directory to show the login-warning 
refs #7163
 2014-11-12 15:58:18 +01:00
Johannes Meyer
b26e585837 Fix that the authentication.ini is being used as trigger for the config warning 
Should have been the config.ini instead.

refs #7163
 2014-11-11 12:42:49 +01:00
Johannes Meyer
8909bd5d59 Show warning on login page even if the configuration directory exists 
refs #7163
 2014-11-11 10:04:01 +01:00
Johannes Meyer
79493592bb Do not use Installer anywhere. 
"It's setup."

refs #7163
 2014-11-10 10:30:52 +01:00
Johannes Meyer
170ded6510 Merge branch 'master' into feature/setup-wizard-7163 
Conflicts:
	library/Icinga/Authentication/Backend/LdapUserBackend.php
	library/Icinga/File/Ini/IniWriter.php
 2014-11-04 14:22:53 +01:00