public_git
/
wg-portal
mirror of https://github.com/h44z/wg-portal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
412 Commits 27 Branches 50 Tags 32 MiB
Commit Graph

209 Commits

Author SHA1 Message Date
Christoph Haas e9005b1b90
add minimum password length check 2025-05-16 09:55:35 +02:00
Christoph Haas 1394be2341 add webauthn (passkey) support 2025-05-12 22:53:43 +02:00
Christoph Haas 6a96925be7 add API endpoints to prepare fresh interfaces and peers (#432) 2025-05-09 16:19:36 +02:00
Vladimir Dombrovski 3eb84f0ee9
Enable allowed_domains in oauth and oidc providers (#416) 
* Enable allowed_domains in oauth and oidc providers

Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>

* Domain check code cleanup

* Run gofmt on domain validation code

---------

Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>
 2025-05-05 18:26:19 +02:00
Christoph Haas b4aa6f8ef3 fix gorm error if no encryption is used (#427) 2025-05-04 17:42:13 +02:00
Christoph Haas 923d4a6188 docs: add reverse-proxy example, improve docker examples, fix slow_query_threshold documentation; feat: allow config.yml and config.yaml as configuration files 2025-05-03 22:21:56 +02:00
Christoph Haas b9c4ca04f5 allow to encrypt keys in db, add browser-only key generator, add hints that private keys are stored on the server (#420) 2025-05-02 18:48:35 +02:00
Christoph Haas b06c03ef8e fix missing error check (#419) 2025-05-01 19:12:19 +02:00
Vladimir Dombrovski 62f3c8d4a1
Implement EditableKeys parameter (#417) 
Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>
 2025-04-30 22:05:40 +02:00
Christoph 059234d416 never publish pointer payloads on message bus (#411) 2025-04-21 16:42:35 +02:00
Christoph e2966d32ea fix user creation (#411) 2025-04-21 15:29:53 +02:00
Christoph 9354a1d9d3 add simple webhook feature for peer, interface and user events (#398) 2025-04-19 21:29:26 +02:00
Christoph 6681dfa96f generate interface and peer configuration filenames in backend only (#395) 2025-04-19 13:12:31 +02:00
Christoph 37904f96fb run initial LDAP sync on startup (#407) 2025-04-19 12:12:45 +02:00
Christoph Haas b938bc8c4c fix: fix peer audit event 2025-03-30 23:16:10 +02:00
Christoph Haas 87bf5da5bd fix: fix session handling (remove IdleTimeout) 2025-03-30 23:14:49 +02:00
Christoph Haas 3723e4cc75 fix: fix csrf token handling after login 2025-03-29 17:21:54 +01:00
Christoph Haas 6cbccf6d43 feat: add simple audit ui 2025-03-29 16:42:31 +01:00
Christoph Haas 7d0da4e7ad chore: use interfaces for all other services 2025-03-23 23:09:47 +01:00
Christoph Haas 02ed7b19df chore: use interfaces for web related services 2025-03-09 21:48:38 +01:00
Christoph Haas 678b6c6456 Merge branch 'master' into chore-code-cleanup 
# Conflicts:
#	go.mod
#	go.sum
 2025-03-09 21:17:47 +01:00
Christoph Haas 0206952182 chore: replace gin with standard lib net/http 2025-03-09 21:16:42 +01:00
klmmr 53bae9d194
config: validate mail configuration certificates by default (#388) 
Before this commit, the default was to not validate TLS certificates of
the SMTP server. This is perhaps a rather unexpected default and can be
considered insecure. This commit activates mail server TLS cert validation
by default.

This change might break some users' email configuration, if they did not
explicitly set the `mail.cert_validation` config variable. Nonetheless,
I think that the secure option should be the default option (e.g.,
to prevent man-in-the-middle attacks and breaching mail server login
credentials).

Signed-off-by: klmmr <35450576+klmmr@users.noreply.github.com>
 2025-03-05 19:20:57 +01:00
Christoph Haas 7473132932 chore: replace logrus with standard lib log/slog 2025-03-02 08:51:13 +01:00
Christoph Haas 5c51573874 chore: update to yaml v3 2025-02-28 16:15:22 +01:00
Christoph Haas fdb436b135 chore: get rid of static code warnings 2025-02-28 16:11:55 +01:00
Christoph Haas e24acfa57d chore: cleanup code formatting 2025-02-28 08:37:55 +01:00
Christoph Haas f7d7038829 chore: update to Go 1.24, improve oauth admin mapping tests 2025-02-27 22:32:11 +01:00
Christoph Haas 66ccdc29e9 fix qr-code generation for large configurations (#374) 2025-02-26 22:59:11 +01:00
Christoph Haas 986f6fdead fix peer creation for client interface (#371) 2025-02-26 22:02:53 +01:00
klmmr eeb0c87c68
ldap-sync: fix creation of only one user per LDAP sync (#375) 
Before this fix, a too early `return` statement terminated the
`updateLdapUsers()` function, whenever one not already existing user was
created. Therefore, in each LDAP sync a maximum of one new user could be
created (i.e., it took x LDAP sync cycles until x new LDAP users are
registered in wg-portal). Depending on the LDAP `sync_interval` this can
take a long time and produces unecessary long waiting times until users
are available in wg-portal.

Removing the early return statement, and move the remainder of the
function into an `else` statement, so that all new users can be
added in a single LDAP sync.

Also adding a debug statement to better trace the behavior.

Signed-off-by: klmmr <35450576+klmmr@users.noreply.github.com>
 2025-02-26 21:56:22 +01:00
Christoph Haas f6d7a851d1 frontend: fix locked user display (#367) 2025-02-17 08:18:36 +01:00
Christoph Haas fc712ebf42 api: fix ExpiredAt format (#368) 2025-02-17 08:03:43 +01:00
Christoph Haas 43163273fa api: remove IsAdmin from required attributes (#366) 2025-02-17 07:43:31 +01:00
Christoph Haas e983a7b8f3 automatic API access for default admin (#357) 2025-02-07 22:42:48 +01:00
Christoph Haas c33eaba1c0 remove unsupported validator (#360) 2025-02-07 22:21:16 +01:00
Christoph Haas d01d865b4d fix self provisioning feature (#272) 2025-01-26 11:35:24 +01:00
Christoph Haas 1b8cdc3417 automatically append listening port to endpoint address (#352) 2025-01-26 09:52:09 +01:00
Christoph Haas f6c8cd5ea8 allow LDAP users (and linked peers) to be automatically re-enabled (#345) 2025-01-21 18:03:30 +01:00
Christoph Haas a04eaa4bfb fix user group parsing for OAuth login (#317) 2025-01-21 17:33:01 +01:00
Dmytro Bondar 2cea2e477a
Show version on frontend (#346) 2025-01-21 12:27:25 +01:00
Christoph Haas c73ce0288e fix disabling of missing ldap users (#344) and allow deletion of all user types 2025-01-18 17:39:18 +01:00
Christoph Haas 662e9c0549 Improve admin privilege handling for OAuth. Update documentation. 2025-01-18 11:55:56 +01:00
Christoph Haas 6523a87dfb fix peer disable if ldap user is disabled (#343) 2025-01-17 21:59:15 +01:00
Christoph Haas 17844ed929 fix update of userdata after OAuth login (#317, #160) 2025-01-13 22:14:00 +01:00
Christoph Haas 2d78fe33b8 add metric endpoint to public API (#72, #80) 2025-01-11 23:42:05 +01:00
Christoph Haas 63d85d8123 code cleanup 2025-01-11 22:56:25 +01:00
Christoph Haas 26d3257516 update userdata after OAuth login (#317, #160) 2025-01-11 18:55:23 +01:00
h44z d596f578f6
API - CRUD for peers, interfaces and users (#340) 
Public REST API implementation to handle peers, interfaces and users. It also includes some simple provisioning endpoints.

The Swagger API documentation is available under /api/v1/doc.html
 2025-01-11 18:44:55 +01:00
Christoph Haas 3020fbca4e fix change of peer identifier (public key) (#265) 2025-01-05 11:30:34 +01:00