aboutsummaryrefslogtreecommitdiffhomepage
path: root/app/config/security.yml
Commit message (Collapse)AuthorAgeFilesLines
* Log an error level message when user auth failJeremy Benoist2017-06-081-0/+1
| | | | | | | | | | | | | When a user login using the form we know log an error level information with information about the user: - username used - IP - User agent For example: > Authentication failure for user "eza", from IP "127.0.0.1", with UA: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36". It’ll allows server admin using fail2ban to configure it to block these people if they generate too much failure authentication.
* API user creation behing a toggleJeremy Benoist2017-06-021-0/+1
| | | | | | | | I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled. Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information. I've moved all the internal settings definition to config to avoid duplicated place to define them. I don't know why we didn't did that earlier.
* Add users management UIJeremy Benoist2016-10-021-0/+1
| | | | | | - remove the “add a user” from the config page - add a CRUD on user - fix some missing translations (+ bad indentation)
* Share entry with a public URLNicolas Lœuillet2016-08-231-0/+1
|
* Remove useless spacesJeremy Benoist2016-06-241-7/+9
|
* Add version in APIVincent2016-03-071-0/+1
|
* Comment work with annotator v2Thomas Citharel2016-02-261-0/+1
| | | | | | - add missing annotator.js file and fix typo - edit & delete routes, started tests - basic tests
* Fix permission to settings pageJeremy Benoist2016-01-311-1/+1
|
* Add CraueConfig for internal settingsJeremy Benoist2016-01-311-0/+1
|
* Update bundle & stock fileJeremy Benoist2016-01-151-2/+7
| | | | | | - update stock file (AppKernel, app.php, etc ..) from SymfonyStandard edition) - update bundle to latest release - remove security on profiler
* CleanupJeremy Benoist2015-10-031-0/+1
| | | | | - remove unecessary routing for UserBundle - remove unused form type
* remove old implementation for login/register/recoverNicolas Lœuillet2015-10-031-2/+2
|
* allow API documentation for anonymousNicolas Lœuillet2015-10-031-1/+1
|
* * public registrationNicolas Lœuillet2015-10-031-10/+11
| | | | | * remove WSSE implementation * add oAuth2 implementation
* implement FosUserNicolas Lœuillet2015-09-111-23/+6
|
* Merge pull request #1323 from wallabag/v2-1302-checkboxJeremy Benoist2015-08-121-0/+6
|\ | | | | fix #1302: add 'stay connected' checkbox
| * add 'stay connected' checkboxNicolas Lœuillet2015-08-121-0/+6
| |
* | fix #1311, redirect after loginNicolas Lœuillet2015-08-101-2/+2
|/
* Add testsJeremy2015-03-311-0/+1
| | | | and fix few mistakes
* Handle forgot passwordJeremy2015-03-081-0/+1
|
* getSalt methodNicolas Lœuillet2015-02-101-0/+1
|
* authentication on APINicolas Lœuillet2015-02-091-3/+5
|
* Add custom auth encoder & providerJeremy2015-02-081-31/+31
| | | | These custom classes allow Wallabag v2 to be compatible with Wallabag v1 salted password
* disable authentication for the momentNicolas Lœuillet2015-02-021-29/+30
|
* first implementation of securityNicolas Lœuillet2015-01-311-38/+44
|
* symfony is thereNicolas Lœuillet2015-01-221-0/+52