amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-02-19 08:26:24 +00:00
Code Issues Projects Releases Wiki Activity
17,326 Commits 45 Branches 141 Tags
feature/devcontainer
Commit Graph

103 Commits

Author SHA1 Message Date
Hivert Quentin
c3234882eb feat(openID): second part with a lot of fixes and cleaning 2025-03-13 15:25:56 +01:00
Hivert Quentin
458d39d48a feat(openID): first stable version 2025-03-13 15:24:03 +01:00
Hivert Quentin
69116d8eb7 fix(core): don't show link if SOGoURLCreateAccount is set but empty 2025-02-26 14:20:28 +01:00
smizrahi
178b1a3a0e feat(core): Check password strength on login (SQL Source). Closes #6025. 2024-12-02 11:08:39 +01:00
smizrahi
f2ba6870d5 feat(core): Add new SOGoURLCreateAccount option to add a create account link below login form 2024-10-22 16:03:50 +02:00
smizrahi
fc778295ff feat(core): Add URL encryption for GDPR compliancy. Disable url encryption for caldav. 2024-02-12 14:52:01 +01:00
smizrahi
455fe97cbe feat(core): Add message of the day. Remove all html tags except for anchor tags (mobile only) 2024-01-29 17:16:08 +01:00
smizrahi
fc0f5d9d98 feat(core): Add URL encryption for GDPR compliancy. Fix redirect issue 2024-01-29 10:56:17 +01:00
smizrahi
eee50697b0 feat(core): Add message of the day 2024-01-22 14:34:22 +01:00
smizrahi
930a06e520 feat(core): Add URL encryption for GDPR compliancy 2024-01-09 11:01:17 +01:00
smizrahi
26b14671f5 fix(password recovery): Add default from mail parameter 2024-01-09 10:28:41 +01:00
smizrahi
2748d1dd08 feat(core): Add URL encryption for GDPR compliancy. Remove dav encryption 2024-01-02 13:46:46 +01:00
smizrahi
31c6f78913 feat(core): Add URL encryption for GDPR compliancy 2023-10-17 16:17:25 +02:00
Hivert Quentin
68b1c1e5df fix(CAS): key based on tciket was too long for memecached 2023-09-07 09:14:24 +02:00
Hivert Quentin
f5f74f751a fix(preferences): Fix language list sorting on preferences page 2023-08-04 10:36:50 +02:00
smizrahi
e0d76fba65 fix(login): Fix language list sorting on login page 2023-07-27 14:15:26 +02:00
smizrahi
9918f75580 feat(core): Add in user settings to force password change for a user when logging 2023-07-11 18:48:54 +02:00
smizrahi
8001e3f6ab feat(alarms): Add possibility to use SMTP master account for system alarms. Fixes #5565. 2023-02-16 18:51:28 +01:00
smizrahi
c4dd695b12 feat(password-recovery): Fix dictionary with nil value issue. Changed parameter to SOGoPasswordRecoveryEnabled 2022-10-04 18:22:57 +02:00
smizrahi
1ea8b9fb1f feat(password-recovery): Fix build issue. Restored previously removed used var. 2022-10-03 14:18:59 +02:00
smizrahi
656807b77d feat(password-recovery): Add password recovery with secret question or secondary email 2022-10-03 08:56:41 +02:00
Francis Lachapelle
d4da1facf9 fix(web): use a distinct salt for TOTP authentication 
If TOTP is enabled for a user, it will be disabled until the user
configure it again, which will generate a new private salt.
 2021-10-15 16:18:23 -04:00
Francis Lachapelle
f017c42608 perf(calendar(web)): initiate Web calendars reload from the frontend 
The Web calendars subsciptions marked to be reloaded on login are no
longer reloaded from the backend; the sync operation is now activated
from the frontend in XHR calls to avoid blocking the Web interface.

Fixes #4939
 2021-10-06 14:16:48 -04:00
Francis Lachapelle
20b2fd5e45 refactor(web): replace SOGoGoogleAuthenticatorEnabled with 
SOGoTOTPEnabled

Fixes #5294
 2021-06-16 14:59:02 -04:00
olivierperes
9ae9fa094e refactor(mail): replace "Google Authenticator" with more general vocabulary 
The 2FA feature is not specific to one application, rewording makes this more clear.

Fixes #5294
 2021-06-16 09:49:30 -04:00
Francis Lachapelle
0c1f9fdb02 fix(web): restore support of ppolicy OpenLDAP overlay 2021-05-05 12:41:08 -04:00
Nicolas
2300fe8aab fix(core): Require current password on password change (#285) 
Increase security by requiring the current password when changing the
password. This increases the security for cases such as XSS, or just a
forgotten browser window left open.

Fixes #4140
 2020-07-27 10:12:22 -04:00
Ludovic Marcotte
f78300a12e feat(core): initial Google Authenticator support for 2FA 2020-05-07 07:22:24 -04:00
Francis Lachapelle
2e46e89d58 refactor: replace calls to create GMT NSTimeZone instance 2019-12-09 08:50:50 -05:00
Francis Lachapelle
81ca398a35 (fix) Reload Web calendars on CAS login 2019-10-16 16:22:13 -04:00
Francis Lachapelle
d49219ceec Save original username in cookie 
Fixes #4363
 2018-03-01 11:20:37 -05:00
Francis Lachapelle
789398bd27 (web) Fix XSRF cookie path when changing password 
Fixes #4139
 2017-09-19 09:44:37 -04:00
Francis Lachapelle
cb2ab9152f (js) Don't change user language when not changed 
Fixes #4244
 2017-08-30 14:18:23 -04:00
Francis Lachapelle
41967d3eec Respect languages preferences on login page 
Fixes #4169
 2017-05-18 22:28:05 -04:00
Francis Lachapelle
d7b3a8176d Show user's name upon successful login (cont'd) 2016-09-16 15:51:21 -04:00
Ludovic Marcotte
582baf2960 (feat) added AngularJS's XSRF support (#3246) 2016-04-26 11:07:22 -04:00
Ludovic Marcotte
2774878fa2 (fix) avoid double-appending domain in cache (fixes #3614) 2016-04-12 13:20:09 -04:00
Patrice Levesque
7c25b53fdf Remove pointless #imports from .m and .h files 
This was done with a brute-force approach, ensuring no additional
warnings from GCC 4.9 under x86_64.
 2016-02-13 16:11:52 -05:00
Ludovic Marcotte
b80d8dbb06 (fix) Session fix when SOGoEnableDomainBasedUID is enabled but logins are domain-less 2015-08-21 10:51:45 -04:00
Ludovic Marcotte
7168779684 (feat) added password change support 2015-06-12 11:44:34 -04:00
Francis Lachapelle
24f01e72c2 JSON-based operations for root page 2015-06-11 15:25:22 -04:00
Ludovic Marcotte
416711ea43 (fix) avoid appending the domain unconditionally when SOGoEnableDomainBasedUID is set to YES 2015-05-19 13:48:59 -04:00
Chris Rosenhain
0e56527e05 Change ACL modification text to non-gender specific terms 2014-12-19 11:04:05 +10:30
Ludovic Marcotte
a24d809e40 Minor code/copyright/authors cleanups 2014-01-09 21:06:31 -05:00
Jean Raby
41ed498d65 Add support for CAS LogoutRequests 
Fixes #2346
This changes the serviceURL sent by SOGo to the CAS server:
  /SOGo/so/ -> /SOGo/so/index
 2013-06-20 14:32:14 -04:00
Ludovic Marcotte
cfee5aa3f4 Added new failed login rate-limiting options 2013-06-11 09:41:17 -04:00
Jean Raby
f8387b90ff Log x-webobjects-remote-host in login process 
Most of the time, the remote-host will contain data from the x-forwarded-for header.
Which could have more than one ip in it if the request went through multiple proxies.
eg. x-forwarded-for: real.client.ip, load.balancer.ip
 2013-02-06 09:23:47 -05:00
Jean Raby
7b5da8a2c9 don't use cache for login page 2013-02-01 19:58:25 -05:00
Jean Raby
ea26e0cc0a Use string version number where applicable 
The goal is to be able to use 'letter' releases such as '2.0.3a'
in the Version file.
SoObjects/Mailer/GNUmakefile.preamble: UIX_MAILER_*_VERSION are now strings
  Can't use SOGoVersion since the etag uses an 'underscore' notation (2_0_3a)
SoObjects/Mailer/*.m: updated format for UIX_MAILER_*_VERSION
SoObjects/SOGo/GNUmakefile: zap SOGo_VERSION, unsused
SoObjects/SOGo/GNUmakefile.preamble: fix defines
UI/MainUI/SOGoRootPage.m: use SOGoVersion
 2012-12-21 13:55:03 -05:00
Wolfgang Sourdeau
aeabd85c90 Finalized support for SAML2 logon 2012-11-02 15:31:49 -04:00