trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website
History
Jens L b0fbd576fc
security: cure53 fix (#6039) 
* ATH-01-001: resolve path and check start before loading blueprints

This is even less of an issue since 411ef239f6, since with that commit we only allow files that the listing returns

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: fix missing user filter for webauthn device

This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.

* ATH-01-008: fix web forms not submitting correctly when pressing enter

When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly

This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.

* ATH-01-004: remove env from admin system endpoint

this endpoint already required admin access, but for debugging the env variables are used very little

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-005: use hmac.compare_digest for secret_key authentication

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-009: migrate impersonation to use API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: rework

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-014: save authenticator validation state in flow context

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

bugfixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-012: escape quotation marks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add website

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release ntoes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update with all notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 		2023-06-22 22:25:04 +02:00
..
blog website/blog: update hackathon post with final date (#6038) 2023-06-22 16:28:45 +02:00
developer-docs website/devdocs: draft for hackathon page (#5973) 2023-06-16 10:25:37 -05:00
docs security: cure53 fix (#6039) 2023-06-22 22:25:04 +02:00
help root: fix linting errors 2021-07-18 20:54:34 +02:00
integrations website: add Firezone integration (#5945) 2023-06-22 13:26:48 +02:00
netlify/functions website: handle go-get requests statically (#5821) 2023-05-31 12:51:45 +02:00
src website: fix go-import 2023-06-20 12:32:43 +02:00
static web: bump storybook from 7.0.18 to 7.0.20 in /web (#5896) 2023-06-08 11:08:07 +02:00
test website: add sidebar item tests, bump node version to latest LTS 2023-02-09 22:06:07 +01:00
.gitignore website: copy static files instead of linking them to prevent cache issues 2022-12-23 15:18:21 +01:00
.prettierignore website: format docs with prettier (#2833) 2022-05-09 21:22:41 +02:00
.prettierrc.json Migrate to Docusaurus (#329) 2020-11-15 22:42:02 +01:00
README.md website: cleanup readme 2022-09-18 18:45:05 +02:00
babel.config.js Migrate to Docusaurus (#329) 2020-11-15 22:42:02 +01:00
docusaurus.config.js website: automatically add PR links to release notes (#5682) 2023-05-18 22:59:43 +00:00
docusaurus.docs-only.js website: automatically add PR links to release notes (#5682) 2023-05-18 22:59:43 +00:00
netlify.toml website: handle go-get requests statically (#5821) 2023-05-31 12:51:45 +02:00
package-lock.json website: bump postcss from 8.4.23 to 8.4.24 in /website (#5783) 2023-05-29 12:06:34 +02:00
package.json website: bump postcss from 8.4.23 to 8.4.24 in /website (#5783) 2023-05-29 12:06:34 +02:00
sidebars.js security: cure53 fix (#6039) 2023-06-22 22:25:04 +02:00
sidebarsDev.js website/devdocs: draft for hackathon page (#5973) 2023-06-16 10:25:37 -05:00
sidebarsIntegrations.js website: add Firezone integration (#5945) 2023-06-22 13:26:48 +02:00

README.md

Website

This website is built using Docusaurus 2, a modern static website generator.

Installation

npm ci

Local Development

npm run watch

This command starts a local development server and open up a browser window. Most changes are reflected live without having to restart the server.

Build

npm run build

This command generates static content into the build directory and can be served using any static contents hosting service.