harmacist/healthchecks
1
0
Fork 0
forked from GithubBackups/healthchecks
Code Issues Pull Requests Projects Releases Wiki Activity
1,759 Commits 3 Branches 0 Tags
Commit Graph

1090 Commits

Author SHA1 Message Date
Pēteris Caune
c196dc16d7
Fix latin-1 handling in webhook header values 2021-08-10 21:14:05 +03:00
Pēteris Caune
544ec7ea69
Add handling for non-latin-1 characters in webhook headers 2021-08-10 10:36:58 +03:00
Pēteris Caune
af7e8fc949
Fix the login view to handle already authenticated users 
If an already authenticated user visits /accounts/login/,
Healthchecks will now redirect them to their dashboard
instead of showing the login form.
 2021-08-06 13:54:12 +03:00
Pēteris Caune
7252f2f101
Fix _allow_redirect function to reject absolute URLs 
This fixes a security issue:
- attacker can crafts a redirect URL to an external site
- attacker gets victim to click on it
- victim logs in
- after login, Healthchecks redirects victim to the external site

The _allow_redirect function now additionally
requires the redirect URL is relative (has no scheme or domain).
 2021-08-06 13:34:40 +03:00
Pēteris Caune
f85aec225d
Fix redirect-after-login when using TOTP 
If user has both WebAuthn and TOTP configured,
when logging in, they will be asked to choose between
"Use security keys" and "Use authenticator app".
The "Use authenticator app" is a link to a different
page (/accounts/login/two_factor/totp/). This commit makes
sure the ?next= query parameter is preserved when navigating
to that page.

For reference, the ?next= query parameter is the URL we should
redirect to after a successful login. Use case:
User is logged out. They click on a bookmarked "Check Details"
link. They get redirected to the login form. After
entering username & password and completing 2FA,
they get redirected to the "Check Details" page they
originally wanted to visit.
 2021-08-06 12:09:41 +03:00
Pēteris Caune
e6427995b7
Add Whitenoise and improve README 
Fixes: #548
 2021-08-05 18:06:47 +03:00
Pēteris Caune
ca3afa33f9
Add auth method selection step 
This has dual purpose:

* if user has both WebAuthn and TOTP set up, they can choose
  between the two as equal options.
* we initiate WebAuthn flow only after an explicit user action
  (button press). This may help with authentication failures
  on recent MacOS, iOS and iPadOS versions [1]

[1] https://support.yubico.com/hc/en-us/articles/360022004600-No-reaction-when-using-WebAuthn-on-macOS-iOS-and-iPadOS
 2021-08-05 16:27:06 +03:00
Pēteris Caune
f3af13654e
Refactor email sending functions to allow customization 
For example, if we need to use a custom From: address,
we can now do:

    m = make_message("template-name", recipient, ctx)
    m.from_email = "...."  # customize here
    send(m)
 2021-08-05 14:13:25 +03:00
Pēteris Caune
fca600659d
Improve hc.lib.emails.send() 
- add optional `from_email` argument
- add test cases that exercise the retry loop
 2021-08-03 19:02:25 +03:00
Pēteris Caune
c3d458f6f0
Fix the unsubscribe_reports view to handle already deleted users 2021-08-02 12:51:05 +03:00
Pēteris Caune
d60d8a43b6
Add protection against TOTP code reuse 2021-07-30 18:17:21 +03:00
Pēteris Caune
8ed5e93cd2
Add rate limiting for TOTP auth attempts 2021-07-30 17:30:28 +03:00
Pēteris Caune
222722569e
Add support for 2FA using TOTP 
Fixes: #354
 2021-07-30 16:43:23 +03:00
Pēteris Caune
bbd2786e0f
Optimize queries and fix team member sorting 2021-07-26 14:27:03 +03:00
Pēteris Caune
e1c3beb4e9
Add test cases for manager operations 2021-07-26 13:07:05 +03:00
Pēteris Caune
4f83f8c06b
Fix a 403 when transferring a project to a read-only team member 2021-07-26 12:50:43 +03:00
swoga
9640d2242f feat: add manager role 2021-07-26 12:26:06 +03:00
Pēteris Caune
ce9ff3ac42
Add a migration to remove Member.rw 2021-07-22 17:40:08 +03:00
Pēteris Caune
cb799dbd29
Remove the Member.rw field (superseded by Member.role) 2021-07-22 17:28:38 +03:00
Pēteris Caune
936a5213f8
Switch from Member.rw to Member.role as the source of truth 2021-07-22 17:16:52 +03:00
Pēteris Caune
d19cb8c681
Add a data migration to populate Member.role 2021-07-22 16:28:02 +03:00
Pēteris Caune
5230dbb425
Add Member.role field 2021-07-22 16:13:41 +03:00
Pēteris Caune
e46000ecdf
Add admin action to log in as any user 2021-07-20 11:16:12 +03:00
Pēteris Caune
2382bf6722
Add SITE_LOGO_URL setting 
Fixes: #323
 2021-07-16 15:30:34 +03:00
Pēteris Caune
b75b062559
Remove unsigned token support in hc.front.views.unsubscribe_email 2021-07-16 12:01:44 +03:00
Pēteris Caune
d243f502d3
Fix off-by-one-month error in monthly reports, downtime columns 
Fixes: #539
 2021-07-02 15:22:51 +03:00
Pēteris Caune
61a8a8de26
Remove Profile.reports_allowed (obsolete) 
It is obsoleted by Profile.reports
 2021-06-29 14:38:06 +03:00
swoga
b70e2c9a25 feat: treat failure before success 2021-06-29 14:05:56 +03:00
Pēteris Caune
8a154cbaf5
Expose Credentials model in Django admin 
This is to help troubleshoot 2FA issues without
running manual SQL queries.
 2021-06-29 10:46:08 +03:00
Pēteris Caune
2d20f439dd
Remove PagerDuty Connect 
PagerDuty Connect is deprecated and will be discontinued.
It is replaced by PagerDuty Simple Install Flow (see
README for setup instructions).
 2021-06-21 10:44:21 +03:00
Pēteris Caune
6c10980889
Add Account Settings > Appearance page 2021-06-18 13:51:07 +03:00
Pēteris Caune
fd7ab5e767
Implement PagerDuty Simple Install Flow 2021-06-16 14:18:32 +03:00
Pēteris Caune
a0cd2c63e9
Update report templates for weekly reports 2021-05-26 09:48:23 +03:00
Pēteris Caune
8ce09ab9e5
Widen report time window to 9AM - 11AM 2021-05-24 15:17:27 +03:00
Pēteris Caune
548b2ac33c
Update the signup form to collect browser's timezone 2021-05-24 14:38:12 +03:00
Pēteris Caune
6094bca241
Improve wording 2021-05-24 14:13:43 +03:00
Pēteris Caune
fa5dd8b45a
Add mitigation for bad tz values 2021-05-24 14:04:05 +03:00
Pēteris Caune
df44ee58c0
Add an option for weekly reports (in addition to monthly) 2021-05-24 13:44:34 +03:00
Pēteris Caune
03a538c5e2
Add Profile.reports field 
This is in preparation of adding an option for weekly
reports (#407)
 2021-05-24 11:20:28 +03:00
Pēteris Caune
e91441d814
Add fallback for legacy sms values 2021-05-21 13:05:37 +03:00
Pēteris Caune
855d188981
Add support for "... is UP" SMS notifications 
Fixes: #512
 2021-05-21 12:57:23 +03:00
Pēteris Caune
e090aa5403
Improve the handling of unknown email addresses in the Sign In form 2021-05-12 13:49:56 +03:00
Pēteris Caune
64f2e86051
Increase "Success / Failure Keywords" field lengths to 200 2021-05-06 11:00:36 +03:00
Pēteris Caune
6ed983cdd5
Improve copy in "Profile" > "Email and Password" section 
When an account has a password, replace "Set Password"
button's label with "Change Password"
 2021-04-22 10:31:35 +03:00
Pēteris Caune
6c8b6a2a19
Remove functools.cached_property usage 
Cannot use functools.cached_property, as it was added in Py 3.8,
but we support 3.6+
 2021-04-14 16:29:28 +03:00
Pēteris Caune
738a648407
Improve project sorting in the "My Projects" page 
Primary sort key: projects with overall_status=down go first
Secondary sort key: project's name
 2021-04-14 16:18:43 +03:00
Pēteris Caune
4587b45cab
Add more tests for hc.api.views.create_check 2021-04-14 12:21:58 +03:00
Pēteris Caune
2831e5d7c1
Add a test case for filtering flips by timestamp 2021-04-14 12:00:32 +03:00
Pēteris Caune
742af7bfd8
Remove unused return statement 2021-04-14 11:54:43 +03:00
Pēteris Caune
78652b5659
Upgrade Django version to 3.2 2021-04-07 11:39:11 +03:00