sftpgo

mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 06:10:54 +03:00

Author	SHA1	Message	Date
Nicola Murino	74f8539247	pre-login hook: require either a full user object or no user modification The previous behavior was a leftover from an old refactor. This change aligns the pre-login hook with the behavior of other hooks, although it may break some edge cases that relied on the previous inconsistent behavior. Fixes #2107 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-11-18 20:09:22 +01:00
Nicola Murino	5ce9688780	enforce group-level password strength for users and shares Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-10-26 09:44:32 +01:00
Nicola Murino	7f03dc0fab	convert action migration: allow to import any command action EnabledCommands are initialized after the migration so allow any command, they will be denied if not allowed and this is temporary. The migration will be removed in the future Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-09-20 17:59:15 +02:00
Nicola Murino	6bde42fc3f	dataprovider: prevent action execution after external authentication As per the documentation for external authentication, provider actions should not be executed post-authentication. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-08-21 07:20:06 +02:00
Nicola Murino	a2d3613250	dataprovider: preserve initial sort order for related resources Folders and groups now retain their initial order, improving compatibility and predictability when used with Terraform Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-08-19 16:11:53 +02:00
Nicola Murino	76f6dc06de	Log output from command hooks Re-adds #1208 now that the CLA has been signed. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-07-20 10:45:48 +02:00
Nicola Murino	3f7533b86a	update deps ... ... and adapt the code to the new constants I added to golang.org/x/crypto/ssh Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-05-19 19:42:36 +02:00
Nicola Murino	9e2230cc33	Support leading and trailing spaces in user passwords This improves compatibility with external authentication providers that allow such characters in passwords. Passwords created via the WebAdmin UI are still sanitized to prevent user confusion. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-04-26 14:31:13 +02:00
Nicola Murino	0da8adb7ac	EventManager: breaking change for placeholder names Placeholder names must now be in the format: {{.VirtualPath}} instead of: {{.VirtualPath}} Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-04-14 09:11:44 +02:00
Nicola Murino	cf573fc743	pre-login hook: fix loading user after update Fixes #1890 Closes #1891 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-03-29 17:29:28 +01:00
Nicola Murino	2255c5f000	upgrade golangci-lint to v2 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-03-29 11:36:19 +01:00
Nicola Murino	e590deebe0	db shared sessions: set key and type as primary key Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-03-23 11:34:10 +01:00
Nicola Murino	bf0961458c	remove some unnecessary string conversions Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2025-01-04 11:58:37 +01:00
Nicola Murino	37f8fb3a0e	add a link to the upgrading docs in the error message Fixes #1854 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-31 10:04:43 +01:00
Nicola Murino	bfe6c58133	don't allow DSA keys Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-18 19:01:15 +01:00
Nicola Murino	eba4c93efd	user: add additional emails Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-11 19:20:51 +02:00
Nicola Murino	126cb1ee0d	remove some useless hooks Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-09-27 15:52:51 +02:00
Nicola Murino	433d45ed87	WebUI: add a token validation mode that allows checking the signature Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-09-21 14:06:25 +02:00
Nicola Murino	fd6126134e	execute provider events also for plugin auth Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-09-06 19:17:31 +02:00
Nicola Murino	b9b370fbb8	add some pre-validation hooks Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-08-17 09:11:42 +02:00
Nicola Murino	d783ffc13f	fix new lint warnings Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-08-14 08:46:18 +02:00
Nicola Murino	d94f80c8da	replace utils.Contains with slices.Contains Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-24 18:27:13 +02:00
Nicola Murino	fef388d8cb	don't track quota for private virtual folders they are included within the user quota. This is a backward incompatible change. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-13 21:02:40 +02:00
Nicola Murino	92849ca473	quota: move user and folder management to a common method Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-07-13 19:30:40 +02:00
Nicola Murino	55be9f0b9c	EventManager: allow to configure the timezone to use for the scheduler Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-06-30 18:52:59 +02:00
Nicola Murino	c5c42f072b	squash database migrations Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-06-15 16:02:09 +02:00
Nicola Murino	3bd1eeacc1	make sure to return a fully populated user after plugin auth Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-06-04 18:14:09 +02:00
Nicola Murino	eb0c6549c4	micro optimization Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-05-12 18:10:03 +02:00
Nicola Murino	5d24d665bd	add an util method to convert []byte to string Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-05-08 19:01:58 +02:00
Nicola Murino	a1af33c6aa	WebClient: allow to set TLS certificates Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-05-03 18:30:03 +02:00
Nicola Murino	0a8a0ee771	revert #450 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-27 10:50:25 +02:00
Nicola Murino	1fc0f21506	hooks: remove logging output from external programs This reverts #1208 because the contributor did not respond to our request to sign the CLA Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-26 11:13:16 +02:00
Nicola Murino	26d19abf61	remove reading data provider username and password from file This reverts #1455 because the contributor cannot sign the CLA Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-26 10:57:38 +02:00
Nicola Murino	a38fd26cf6	minor refactor to memory provider initialization Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-20 16:45:20 +02:00
Nicola Murino	950cf67e4c	dataprovider: small refactor for password check Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-04-18 18:23:16 +02:00
Nicola Murino	cc9a0d4dc2	add time-based access restrictions Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-03-17 11:30:03 +01:00
Nicola Murino	92911bda2b	require at least 2048 bits for RSA certificates/keys Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-02-25 11:12:57 +01:00
Nicola Murino	9a6a65931e	two-factor auth: fixed validation of conflicting settings Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-02-22 18:20:51 +01:00
Nicola Murino	51ae2d7301	add copy permission Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-02-20 18:19:09 +01:00
Nicola Murino	c49553abd0	keyboard interactive: ask only the passcode if it is the second step Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-02-05 19:02:01 +01:00
Nicola Murino	8180b75ef1	WIP new WebAdmin: IP lists pages Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-01-24 19:23:15 +01:00
Nicola Murino	87451560e3	normalize common database errors Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-01-17 17:36:35 +01:00
Nicola Murino	d939a82225	user: add TLS certificates Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-01-14 21:36:23 +01:00
Nicola Murino	5c8214e121	WIP new WebAdmin: groups page Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-01-11 19:26:13 +01:00
Nicola Murino	e1b5d2fe39	WebAdmin: use the new UI for user pages Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-01-09 19:54:08 +01:00
Nicola Murino	784b7585c1	remove end year from Copyright notice in files so we don't have to update all the files every year Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-01-01 11:31:45 +01:00
Nicola Murino	c71f0426ae	WebClient WIP: add support for localizations Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-12-10 16:40:13 +01:00
Nicola Murino	6175acb572	add support for reading more secrets from files Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-11-24 20:43:50 +01:00
patrickap	a91cf22e0f	provider: support for username and password file (#1455 ) Signed-off-by: patrickap <patrick.schlageter@web.de>	2023-11-24 20:28:51 +01:00
Nicola Murino	bfa17314c6	keyboard interactive auth: respect hook disabled setting Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2023-11-18 11:28:15 +01:00

1 2

97 Commits