Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-08 07:10:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
966 Commits 9 Branches 53 Tags
6eb154bb7455f7229e7a4ac774ce75abf99c41f1
Commit Graph

101 Commits

Author SHA1 Message Date
Nicola Murino
1b4a1fbbe5 add data retention check hook 2021-10-03 15:17:49 +02:00
Nicola Murino
cc134cad9a data retention: allow to notify results via e-mail 2021-10-02 22:25:41 +02:00
Nicola Murino
e6f969cb04 web UI: update js and css deps 2021-09-30 10:23:25 +02:00
Nicola Murino
ba1febba73 rework user and admin profiles 
users and admins can now also update their email and description
 2021-09-29 18:46:15 +02:00
Maharanjan
0661876e99 Added email field for user account 2021-09-25 19:06:13 +02:00
Nicola Murino
da5a061b65 add basic REST APIs for data retention 
Fixes #495
 2021-09-25 12:20:31 +02:00
Nicola Murino
5c34d814d6 fix a possible nil pointer dereference 
it can happen by upgrading from very old versions
 2021-09-11 14:19:17 +02:00
Nicola Murino
7bad65a43e user: add a permission to disable changing api key authentication 
also implement the missing APIs to enable/disable api key authentication
 2021-09-06 18:46:35 +02:00
Nicola Murino
101c2962ab web client UI: add a permission to disable password change 
Fixes #528
 2021-09-05 18:49:13 +02:00
Nicola Murino
8a4c21b64a add builtin two-factor auth support 
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
 2021-09-04 12:11:04 +02:00
Nicola Murino
be3857d572 dataprovider: add timestamp fields for users and admins 2021-08-19 15:51:43 +02:00
Nicola Murino
fe953d6b38 REST API: add support for API key authentication 2021-08-17 18:08:32 +02:00
Nicola Murino
90b324d707 Add a link on the login pages to switch between admin and web client login 
The links are hidden if only the web admin or only thw web client is
enabled and can also be controlled using the "hide_login_url" setting

Fixes #485
 2021-07-27 18:43:00 +02:00
Nicola Murino
3a22aae34f web UI: add support for upload, create dirs, rename, delete 2021-07-26 20:55:49 +02:00
Nicola Murino
83c7453957 user API: allow to disable writes ... 
... even if the user has permissions for these actions
 2021-07-23 21:41:02 +02:00
Nicola Murino
85a47810ff S3: expose more properties, possible backward incompatible change 
Before these changes we implictly set S3ForcePathStyle if an endpoint
was provided.

This can cause issues with some S3 compatible object storages and must
be explicitly set now.

AWS is also deprecating this setting

https://aws.amazon.com/it/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/
 2021-07-23 16:56:48 +02:00
Nicola Murino
ae8ccadad2 users API: add API to create, delete, rename files and directories 2021-07-23 10:19:27 +02:00
Nicola Murino
e1a2451c22 s3: allow to configure the chunk download timeout 2021-07-11 18:39:45 +02:00
Nicola Murino
9d3d7db29c azblob: store SAS URL as kms.Secret 2021-06-11 22:27:36 +02:00
Nicola Murino
feec2118bb improve defender and quotas REST API 2021-06-07 21:52:43 +02:00
Nicola Murino
43182fc25e OpenAPI: add users API 
These new APIs match the web client features.

I'm aware that some API do not follow REST best practises.

I want to avoid things likes "/user/folders/<path>"

where "path" must be encoded and making it optional create issues, so
I defined resources as query parameters instead of path parameters
 2021-06-05 16:07:09 +02:00
Nicola Murino
02bb09ec01 remove deprecated file extensions filters 
these filters were deprecated a long time ago, everyone should use
patterns filters now
 2021-05-22 12:28:05 +02:00
Nicola Murino
ecfed4dc04 Add a Getting Started Guide 2021-05-20 18:16:27 +02:00
Nicola Murino
23d9ebfc91 add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
Nicola Murino
a383957cfa OpenAPI: document that also folder-quota-update supports partial updates 2021-04-28 19:33:32 +02:00
Nicola Murino
00f97aabb4 OpenAPI: document that quota-update support partial updates 
If the update mode is "add" and you pass only used_quota_size or only
used_quota_files the missing field will remain unchanged
 2021-04-28 19:16:15 +02:00
Nicola Murino
32db0787bb add an example script for scheduled quota updates 2021-04-26 21:53:09 +02:00
Nicola Murino
3941255733 docs: fix a typo 2021-04-25 09:42:19 +02:00
Nicola Murino
46998252e5 use bcrypt as default password hashing algo 
argon2id has a high memory cost and, if not properly tuned, it can lead to
resource starvation.

Advanced users can still configure and use argon2id.
Passwords stored as argon2id will continue to work
 2021-04-25 09:38:33 +02:00
Nicola Murino
92638ce93d add support for hashing password using bcrypt 
argon2id remains the default
 2021-04-20 13:55:09 +02:00
Nicola Murino
0823928f98 allow to disable login filesystem checks 
SFTPGo requires that the user's home directory, virtual folder root,
and intermediate paths to virtual folders exist to work properly.
If you already know that the required directories exist, disabling
these checks will speed up login.
 2021-04-05 17:57:30 +02:00
Nicola Murino
fdf3f23df5 allow to disable some hooks on a per-user basis 
This way you can, for example, mix external and internal users
 2021-04-04 22:32:25 +02:00
Nicola Murino
1ee843757d fix OpenAPI schema 2021-04-03 17:09:08 +02:00
Nicola Murino
ea26d7786c sftpfs: add buffering support 
this way we improve performance over high latency networks
 2021-04-03 16:00:55 +02:00
Nicola Murino
a43854ae9b OpenAPI: document that secrets are automatically encrypted before saving 2021-03-28 11:23:06 +02:00
Mike Unitskyi
5939ac4801 Increase uid:gid limits (#362) 
Fixes #361
 2021-03-25 17:11:42 +01:00
Nicola Murino
8a1249878a OpenAPI schema: remove some superfluous required definitions 
Fixes #356
 2021-03-22 19:22:41 +01:00
Nicola Murino
d6dc3a507e extend virtual folders support to all storage backends 
Fixes #241
 2021-03-21 19:15:47 +01:00
Nicola Murino
67ea75cf03 improve OpenAPI schema so it is better rendered on Stoplight 2021-03-07 18:41:56 +01:00
Nicola Murino
1ab02d5891 OpenAPI: improve schema 
Fix some lint warnings
 2021-03-06 17:08:24 +01:00
Nicola Murino
055506e518 sftpfs: add an option to disable concurrent reads 2021-03-06 15:41:40 +01:00
Nicola Murino
534b253c20 WebDAV: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS certificate auth, the certificate common name is used as
username
 2021-03-01 19:28:11 +01:00
Nicola Murino
a6e36e7cad FTP: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
 2021-02-28 12:10:40 +01:00
Nicola Murino
2146b83343 data providers: add filesystem to folder ... 
... and some descriptive fields.
The filesystem support for virtual folders will be implemented in
future commits
 2021-02-24 19:40:29 +01:00
Nicola Murino
78bf808322 virtual folders: change dataprovider structure 
This way we no longer depend on the local file system path and so we can
add support for cloud backends in future updates
 2021-02-01 19:04:15 +01:00
Nicola Murino
c2bbd468c4 REST API: add logout and store invalidated token 2021-01-26 22:35:36 +01:00
Nicola Murino
80f5ccd357 web admin: add backup/restore 2021-01-22 19:42:18 +01:00
Nicola Murino
41a1af863e OpenAPI: minor changes 2021-01-18 13:24:38 +01:00
Nicola Murino
778ec9b88f REST API v2 
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
 2021-01-17 22:29:08 +01:00
Nicola Murino
d6b3acdb62 add REST API for the defender 2021-01-02 19:33:24 +01:00