* Bump npm
* Bump deps for dependabot issues
* MFA (#660)
* 2fa wip
add encrypted map
gen schema
add nimble_totp
add module doc
add qrusty
bump base to enable use of qrusty
requires a newer version of glibc
Revert "add qrusty"
This reverts commit 27eaf7864ea98578186c53ed4c5f650e244e8ede.
cannot be used on bionic
add eqrcode
scaffold
extract renderQR
Revert "add eqrcode"
This reverts commit fe6f74f18f13dfcc92dbdace657d194e5536e164.
use frontend qr code generation
display MFA methods
add description
* wip
* finish mfa totp addition workflow
* use real user
* allow deleting authenticator
* use valid? and :since
* make credo happy
* use mfa
* make credo happy
* add account page for unprivileged users
* eof
* add unit tests
* add integration tests
* Workaround for SSH dropping by not using random port (#697)
* Bump npm
* Bump deps for dependabot issues
* Workaround for SSH dropping by not using random port
Fixes#478
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
* Update repo README (#700)
* update main readme
* add link
* update badges
* remove redundant copy
* Fix show-config to display current config (#703)
Fixes#553
* Minor MFA fixes (#704)
* Fix conflicting cache-control header (#706)
* Add manual refresh (#705)
* Add manual refresh
* Align button right
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Co-authored-by: Po Chen <chenpaul914@gmail.com>
Co-authored-by: Gabi <gabriel@firezone.dev>
Co-authored-by: Jason G <52545545+gongjason@users.noreply.github.com>
* improve text readability
* title font weight
* improve hover look
* font size and colors
* wip logo redo
* site nav font size
* Styled Docs Navigation
* Styling Select Version
* Custom Header Changes
* Button Style Update
* Build Correction
* Major Styling Updates
* Change Aux Link
* Styling Updates
* Changes
* fix links in nav
* inter -> Fira sans + mono
* Pre Commit Run
Co-authored-by: Chetan Verma <chetan61verma@gmail.com>
* simplify deployment instructions
* fix lint error
* add troubleshooting section
* additional server instrucrtions
* clarify supported distros in intro
* punctuation
* upgrade to 0.3.17
* clarifications from review
@jamilbk changed based on your comments. There was a section about upgrading that was supposed to be in another branch (OIDC). I removed that.
@lilibobear added a screenshot
* add note for ssh interruptions during install
* link to github issue for ssh interrupt
* review note fixes
* testing signed commit
* update gpg email
Implements the OpenID Connect standard for SSO Authentication
which allows users to use any OpenID Connect provider for authentication
not just a predefined list of providers
User can add OIDC config settings to firezone.rb which will then
populate the AUTH_OIDC environment variable as a JSON string.
FZ_HTTP will use this environment variable to create
provider(s) to authenticate against
Additional notes:
- Updates .env.sample to include an example of a 'stringified' JSON
environment variable for setting AUTH_OIDC in development
- Add dep for 'openid_connect' and test dep for 'mox'
* add mailer
* setup configs
* only setup mailer if from_email is present
* Do not assume OUTBOUND_EMAIL_FROM exists
* update docs
* add usage of mailer as tests
* address comments
* Found endpoint empty bug
* Fix use_site_ bugs
* Generate private keys client-side instead of on the Firezone server (#451)
* Rename events; add crypto lib
* seemingly working keygen
* Checkpoint
* Remove private key from devices; make tests pass
* Refactor auth to use simplified new router helper
* Fix js bundle
* Refactor event listeners into their own file
* Refactor settings
* Fix JS
* Working live views in unprivileged sections
* Rough draft working
* Checkpoint before fixing tests
* Tests passing
* Max devices per user configuration option (#471)
* Max tunnels per user configuration option
* Clean up remaining tunnel references
* Replace local auth system with Ueberauth / Guardian (#475)
* Checkpoint working authentication
* Working admin and unprivileged auth using Guardian
* Remove Sessions cruft
* More cleanup
* load new secrets
* Remove firezone tmp dirs
* Okta and Google Oauth (#485)
* working oauth!
* Remove keycloak; working google
* Ensure nil to_s
* Passing tests
* Add compile-time prod config
* Fix live_view typo
* Revert key_ttl to vpn_session_duration
* print logs after first configure
* Use get_env/1 for fetching optional config vars
* Disable telemetry from config
* miss the to_s
* Fix sign in page
* add tunnel admin guide
* auth path
* Fix tests
* Device editing no more (#491)
