Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-09 16:25:15 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,218 Commits 10 Branches 53 Tags
5f313cc6be8cbb949a5ec2d535e41446c216fdc7
Commit Graph

232 Commits

Author SHA1 Message Date
Nicola Murino
ca730e77a5 add separate permissions to delete and rename files and dirs 
perm_delete and perm_rename still exist for backward compatibility,
now they are an alias to assign both new split permissions
 2021-11-14 16:23:33 +01:00
Nicola Murino
3bc58f5988 WebClient/REST API: add sharing support 2021-11-06 14:13:20 +01:00
Nicola Murino
4aa9686e3b refactor custom actions 
SFTPGo is now fully auditable, all fs and provider events that change
something are notified and can be collected using hooks/plugins.

There are some backward incompatible changes for command hooks
 2021-10-10 13:08:05 +02:00
Maharanjan
0661876e99 Added email field for user account 2021-09-25 19:06:13 +02:00
Nicola Murino
59140a6d51 add additional data to MFA secrets and fix pointers management 2021-09-05 14:10:12 +02:00
Nicola Murino
8a4c21b64a add builtin two-factor auth support 
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
 2021-09-04 12:11:04 +02:00
Nicola Murino
b903a6e46f data provider: remove default admin 
you need to load initial data or set "create_default_admin" to true
and the appropriate env vars if you don't want to use the web admin
setup screen to create the default admin
 2021-08-20 10:37:51 +02:00
Nicola Murino
bcf088f586 data provider: update internal caches if the data provider is shared 2021-08-20 09:35:06 +02:00
Nicola Murino
be3857d572 dataprovider: add timestamp fields for users and admins 2021-08-19 15:51:43 +02:00
Nicola Murino
b99d4ce82e fix folders validation 
Fixes #510
 2021-08-19 11:28:53 +02:00
Nicola Murino
fe953d6b38 REST API: add support for API key authentication 2021-08-17 18:08:32 +02:00
Nicola Murino
a20373b613 add support for auth plugins 2021-08-08 17:09:48 +02:00
Nicola Murino
ced2e16f41 add support for password validation rules 
Fixes #494
 2021-08-06 18:56:07 +02:00
Nicola Murino
c41ae116eb improve logging 
Fixes #381
 2021-07-24 20:11:17 +02:00
Nicola Murino
c900cde8e4 notifiers plugin: add settings to retry unhandled events 2021-07-20 12:51:21 +02:00
Nicola Murino
bd5191dfc5 add experimental plugin system 2021-07-11 15:26:51 +02:00
Nicola Murino
076b2f0ee0 modules: add v2 support 2021-06-26 07:31:41 +02:00
Nicola Murino
c1b862394d move other errors to utils package 2021-06-19 13:06:01 +02:00
Manuel Reithuber
f19937b715 move Filesystem config validation to vfs 2021-06-19 12:24:43 +02:00
Nicola Murino
9d3d7db29c azblob: store SAS URL as kms.Secret 2021-06-11 22:27:36 +02:00
Nicola Murino
4be6307d87 webadmin: add defender page 2021-06-08 13:24:28 +02:00
Nicola Murino
feec2118bb improve defender and quotas REST API 2021-06-07 21:52:43 +02:00
Nicola Murino
c63b923ec3 cryptfs: add support for atomic uploads 2021-05-31 21:45:29 +02:00
Nicola Murino
25a44030f9 actions: add pre-download and pre-upload 
Downloads and uploads can be denied based on hook response
 2021-05-26 07:48:37 +02:00
Nicola Murino
600268ebb8 httpclient: allow to set custom headers 2021-05-25 08:36:01 +02:00
Nicola Murino
02bb09ec01 remove deprecated file extensions filters 
these filters were deprecated a long time ago, everyone should use
patterns filters now
 2021-05-22 12:28:05 +02:00
Nicola Murino
b9bc8d722d try to improve web client credentials page 
I should do the same for the admin page too
 2021-05-22 09:54:27 +02:00
Nicola Murino
f2b93c0402 add a setup screen to create the first admin user 
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.

You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
 2021-05-14 19:21:15 +02:00
Nicola Murino
0540b8780e redact credentials within hooks 
go-retryablehttp does not redact credentials, so we still log them
when we use it

https://github.com/hashicorp/go-retryablehttp/pull/133
 2021-05-12 22:44:17 +02:00
Nicola Murino
23d9ebfc91 add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
Nicola Murino
1275328fdf Authentication errors: try to avoid user enumeration 
Fixes #395
 2021-04-26 19:48:21 +02:00
Nicola Murino
46998252e5 use bcrypt as default password hashing algo 
argon2id has a high memory cost and, if not properly tuned, it can lead to
resource starvation.

Advanced users can still configure and use argon2id.
Passwords stored as argon2id will continue to work
 2021-04-25 09:38:33 +02:00
Nicola Murino
92638ce93d add support for hashing password using bcrypt 
argon2id remains the default
 2021-04-20 13:55:09 +02:00
Nicola Murino
6ef85d6026 add, optional, in memory password caching 
Verifying argon2 passwords has a high memory and computational cost,
by enabling, in memory, password caching you reduce this cost
 2021-04-20 09:39:36 +02:00
Nicola Murino
2ffefbeb33 add sql_tables_prefix also to indexes and constraints 
This allows you to reuse the same database for multiple SFTPGo instances

Fixes #372
 2021-04-12 20:00:49 +02:00
Nicola Murino
c844fc7477 add support for delayed quota update 
If there are a lot of close uploads, accumulating quota updates can
save you many queries to the data provider
 2021-04-11 08:38:43 +02:00
Nicola Murino
fdf3f23df5 allow to disable some hooks on a per-user basis 
This way you can, for example, mix external and internal users
 2021-04-04 22:32:25 +02:00
Nicola Murino
2f56375121 improve SFTP loop detection 2021-04-01 18:53:48 +02:00
Nicola Murino
3bfd7e4d17 sftpfs: try to detect if an SFTP user point to itself 
this will cause an infinite loop on login. The check should be improved
 2021-03-29 21:53:44 +02:00
Nicola Murino
5cd27ce529 document Cockroach driver name 2021-03-27 19:41:00 +01:00
Nicola Murino
9ad750da54 WebDAV: try to preserve the lock fs as much as possible 2021-03-27 19:10:27 +01:00
Nicola Murino
5f49af1780 external auth: allow to inspect and preserve an existing user 2021-03-26 15:19:01 +01:00
Nicola Murino
70e035315e data provider: add CockroachDB support 2021-03-23 19:14:15 +01:00
Nicola Murino
5e375f56dd kms: add a lock, secrets could be modified concurrently for cached users 
also reduce the size of the JSON payload omitting empty secrets
 2021-03-22 19:03:25 +01:00
Nicola Murino
f7c7e2951d initialize argon params before creating the data provider 
Fixes #349
 2021-03-21 19:58:57 +01:00
Nicola Murino
d6dc3a507e extend virtual folders support to all storage backends 
Fixes #241
 2021-03-21 19:15:47 +01:00
Nicola Murino
df41f0c556 add a setting to skip natural keys validation 
Enabling the "skip_natural_keys_validation" data provider setting,
the natural keys for REST API/Web Admin as usernames, admin names,
folder names are not restricted to unreserved URI chars

Fixes #334 #308
 2021-03-04 09:48:53 +01:00
Nicola Murino
534b253c20 WebDAV: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS certificate auth, the certificate common name is used as
username
 2021-03-01 19:28:11 +01:00
Nicola Murino
a6e36e7cad FTP: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
 2021-02-28 12:10:40 +01:00
Nicola Murino
ca3e15578e Use new methods in the io and os packages instead of ioutil ones 
ioutil is deprecated in Go 1.16 and SFTPGo is an application, not
a library, we have no reason to keep compatibility with old Go
versions.

Go 1.16 fix some cifs related issues too.
 2021-02-25 21:53:04 +01:00