Beelance

Commit Graph

Author	SHA1	Message	Date
Sindre Stephansen	4acd265951	Add QR image to set up authenticator	5 years ago
Sindre Stephansen	15384fb78d	Add two-factor authentication Fixes #4	5 years ago
Sindre Stephansen	ac243db11b	Minor restructure to improve code usability and readability	5 years ago
Sindre Stephansen	d5b155a348	Set SMTP timeout	5 years ago
Sindre Stephansen	f7d309268f	Properly indent email messages	5 years ago
Sindre Stephansen	dd27cb68a4	Implement password reset Fixes #2	5 years ago
Sindre Stephansen	46394af70f	Implement email registration Fixes #1	5 years ago
Sindre Stephansen	b0bd63d0a1	Implement email. It almost works The email works when sent from app.py, but not from any other file. Also, it requires mysql-connector-python version 8.0.5, for some reason. Right now the email is logged, so even if it couldn't get through the server testing works.	5 years ago
Sindre Stephansen	cb0219dbba	Remove initial admin user, and change the database password Fixes #7	5 years ago
Sindre Stephansen	442f6e1470	Prevent account enumeration when creating a project Fixes #9	5 years ago
Sindre Stephansen	a4a1bd5451	Add a render helper that adds required globals	5 years ago
Sindre Stephansen	f8022f372f	Log user registration and invalid login attempts Fixes #15	5 years ago
Sindre Stephansen	3c3cf6ebc7	Replace printing with logging in model files	5 years ago
Sindre Stephansen	a2b8932f39	Add setup for outputing nginx, uwsgi and python logs to files outside docker	5 years ago
Sindre Stephansen	593028b3fb	Fix OS remote code execution Fixes #6	5 years ago
Sindre Stephansen	24bc79c575	Implement protection from brute-force attacks The implementation enforces a timeout of one minute after three or more incorrect login attempts for an account. Fixes #8	5 years ago
Sindre Stephansen	9491cfd5dd	Implement stricter password policy Fixes #22	5 years ago
Sindre Stephansen	9892487c44	Implement better password security The new scheme uses bcrypt and a random salt for each user. This is not compatible with old passwords. Fixes #13	5 years ago
Sindre Stephansen	94dc16a0bb	Optimize Docker build	5 years ago
Sindre Stephansen	4d562df0de	Minor fixes to code style in project files	5 years ago
Sindre Stephansen	4a2af0f574	Check permissions and ownership when changing a project Fixes #10	5 years ago
Sindre Stephansen	09ef868038	Upgrade pip on build	5 years ago
Sindre Stephansen	9738a31915	Disable the debug error page Fixes #11	5 years ago
Sindre Stephansen	b1242840a7	Add security headers Fixes #26 and #12	5 years ago
Sindre Stephansen	d89ddd6228	Remove old static file Fixes #23	5 years ago
Sindre Stephansen	e9b76013c3	Implement CSRF protection Fixes #16	5 years ago
Sindre Stephansen	dafe82af0a	Make remember cookie HttpOnly Fixes #24	5 years ago
Sindre Stephansen	1257cadf70	Secure remember cookie. This doesn't enable http-only	5 years ago
Sindre Stephansen	56c14f149f	Reduce remember cookie expiry, and enforce by storing it in the database Fixes #14	5 years ago
Sindre Stephansen	ba8b2e6153	Use random string for remember cookie, replacing deserialization The random string token is stored in the database, and is revoked when the user logs out. Fixes #17	5 years ago
Sindre Stephansen	a21b56775d	Use bound variables instead of concatenation in SQL queries Fixes #5	5 years ago
Sindre Stephansen	7629423772	Update mysql-connector dependency Fixes #18	5 years ago
Sindre Stephansen	f31d593e3a	Add HTTPS support with a self signed certificate Fixes #3	5 years ago
jakobsn	e3d02892d3	config for mailserver	5 years ago
Jakob Notland	b1bab743d0	Change permissions to grant usergroup access. This change does not add or remove any vulnerablities. But makes it possibe for different administrators to manage the repository.	5 years ago
Jakob Notland	b10c8b4866	Fix errorhandler bug	5 years ago
jakobsn	2ef59fd840	Bug in exceptionhandler	5 years ago
jakobsn	9388eda466	typo	5 years ago
jakobsn	016d5a63ee	Error handling to prevent database from crashing on too easy on sql injections	5 years ago
jakobsn	dfc0928f7c	Database exception handling	5 years ago
jakobsn	a696c319df	Add smtp server	5 years ago
jakobsn	212d0a9197	Accept zeros aswell	5 years ago
jakobsn	2cd20c5106	Uwsgi init file	5 years ago
jakobsn	96215ad1ff	NGINX skeleton for https	5 years ago
jakobsn	01ce46108c	update	5 years ago
jakobsn	919d3c633d	Update subnet for bridge and readme description	6 years ago
jakobsn	3bb08a973f	Correctly use env variable to connect to database after image is running	6 years ago
jakobsn	8cedf0d58f	Set ip and ports from groupid environment variable	6 years ago
jakobsn	6f0754ce54	clean	6 years ago
jakobsn	cbe5cc7413	generate docs	6 years ago

1 2 3 4

170 Commits (master)