harmacist/healthchecks
1
0
Fork 0
forked from GithubBackups/healthchecks
Code Issues Pull Requests Projects Releases Wiki Activity
1,759 Commits 3 Branches 0 Tags
Commit Graph

145 Commits

Author SHA1 Message Date
Pēteris Caune
f85aec225d
Fix redirect-after-login when using TOTP 
If user has both WebAuthn and TOTP configured,
when logging in, they will be asked to choose between
"Use security keys" and "Use authenticator app".
The "Use authenticator app" is a link to a different
page (/accounts/login/two_factor/totp/). This commit makes
sure the ?next= query parameter is preserved when navigating
to that page.

For reference, the ?next= query parameter is the URL we should
redirect to after a successful login. Use case:
User is logged out. They click on a bookmarked "Check Details"
link. They get redirected to the login form. After
entering username & password and completing 2FA,
they get redirected to the "Check Details" page they
originally wanted to visit.
 2021-08-06 12:09:41 +03:00
Pēteris Caune
ca3afa33f9
Add auth method selection step 
This has dual purpose:

* if user has both WebAuthn and TOTP set up, they can choose
  between the two as equal options.
* we initiate WebAuthn flow only after an explicit user action
  (button press). This may help with authentication failures
  on recent MacOS, iOS and iPadOS versions [1]

[1] https://support.yubico.com/hc/en-us/articles/360022004600-No-reaction-when-using-WebAuthn-on-macOS-iOS-and-iPadOS
 2021-08-05 16:27:06 +03:00
Pēteris Caune
222722569e
Add support for 2FA using TOTP 
Fixes: #354
 2021-07-30 16:43:23 +03:00
Pēteris Caune
dfa6f404e6
Improve the "Invite a Team Member" dialog 2021-07-26 15:21:45 +03:00
Pēteris Caune
bbd2786e0f
Optimize queries and fix team member sorting 2021-07-26 14:27:03 +03:00
Pēteris Caune
74427ba3f1
Fix wording in the "Team size limit reached" message 2021-07-26 13:12:06 +03:00
Pēteris Caune
4f83f8c06b
Fix a 403 when transferring a project to a read-only team member 2021-07-26 12:50:43 +03:00
swoga
9640d2242f feat: add manager role 2021-07-26 12:26:06 +03:00
Pēteris Caune
936a5213f8
Switch from Member.rw to Member.role as the source of truth 2021-07-22 17:16:52 +03:00
Pēteris Caune
059a855b3f
Fix more contrast issues 2021-06-18 17:07:27 +03:00
Pēteris Caune
6c10980889
Add Account Settings > Appearance page 2021-06-18 13:51:07 +03:00
Pēteris Caune
6094bca241
Improve wording 2021-05-24 14:13:43 +03:00
Pēteris Caune
df44ee58c0
Add an option for weekly reports (in addition to monthly) 2021-05-24 13:44:34 +03:00
Pēteris Caune
03a538c5e2
Add Profile.reports field 
This is in preparation of adding an option for weekly
reports (#407)
 2021-05-24 11:20:28 +03:00
Pēteris Caune
e090aa5403
Improve the handling of unknown email addresses in the Sign In form 2021-05-12 13:49:56 +03:00
Pēteris Caune
6ed983cdd5
Improve copy in "Profile" > "Email and Password" section 
When an account has a password, replace "Set Password"
button's label with "Change Password"
 2021-04-22 10:31:35 +03:00
Pēteris Caune
67560c96e1
Change icon CSS class prefix to work around Fanboy's filter list 
Problem: if you use uBlock Origin, and enable the
"Fanboy's Social" filter list, Healthchecks does not show
Telegram or WhatsApp icons. This is because the filter list
contains "##.icon-telegram" and "##.icon-whatsapp" entries.

This commit changes the CSS class prefix to "ic-". So we're
now using icon classes like "ic-telegram" and "ic-whatsapp".

As a bonus, we save 2 bytes in HTML per displayed icon :-)
 2021-02-03 10:44:35 +02:00
Pēteris Caune
725be65bdd
Add the PROMETHEUS_ENABLED setting 2021-01-29 15:05:42 +02:00
Pēteris Caune
dfd159ab18
Add a "Lost password?" link with instructions in the Sign In page 2020-12-09 15:38:19 +02:00
Pēteris Caune
eed7ef36d1
Improve text instructions 2020-11-19 17:35:21 +02:00
Pēteris Caune
c8d387aee4
Improve text instructions 2020-11-19 16:35:44 +02:00
Pēteris Caune
8448f882cf
Add notes about adding a second key, and removing the last key 2020-11-19 15:05:08 +02:00
Pēteris Caune
7124383a53
Add checks for RP_ID, add a 2FA section in README 2020-11-19 12:54:00 +02:00
Pēteris Caune
9401bc3987
Update the "Close Account" function to use confirmation codes 2020-11-16 16:22:25 +02:00
Pēteris Caune
48750ee668
Update "Change Password" to show messages in panel's footer 2020-11-16 15:45:25 +02:00
Pēteris Caune
fb79948759
Update the "Change Email" function to use confirmation codes 2020-11-16 15:33:29 +02:00
Pēteris Caune
ed6b15bfa9
Update the "Set Password" function to use confirmation codes 2020-11-16 14:53:50 +02:00
Pēteris Caune
adb7702f39
Rename login_tfa to login_webauthn 2020-11-16 14:16:06 +02:00
Pēteris Caune
64be87137b
Add a two-factor authentication form (WIP) 2020-11-14 12:54:26 +02:00
Pēteris Caune
2ac0f87560
Implement a "Remove Security Key" feature 2020-11-14 11:45:09 +02:00
Pēteris Caune
42497fe91a
Add rate limiting to the sudo code form 2020-11-13 22:04:19 +02:00
Pēteris Caune
2c3286c280
Improve the "add security key" UX, require sudo mode 2020-11-13 16:23:28 +02:00
Pēteris Caune
e3aedd3b03
Add require_sudo_mode decorator 
Planning to use it for sensitive operations (add/remove security keys),
change email, change password, close account.

The decorator sends a six-digit confirmation code to user's email
and renders a form for entering it back. If the user enters the
correct code, the decorators sets a sudo=active marker in
user's session, valid for 30 minutes.
 2020-11-13 11:08:06 +02:00
Pēteris Caune
03ea725612
Add Credential.created field 2020-11-12 18:03:12 +02:00
Pēteris Caune
53688f1d87
Add error handling on the client side, use Django form API 2020-11-12 17:08:23 +02:00
Pēteris Caune
1eaa216d3a
Add experimental code for registering Webauthn credentials 2020-11-12 16:15:07 +02:00
Pēteris Caune
0a85c5ed12
In Account Settings > My Projects, indicate read-only memberships as read-only 2020-08-31 11:07:39 +03:00
Pēteris Caune
d73de68f70
Specify the read-write/read-only flag when inviting a team member. 2020-08-26 16:09:17 +03:00
Pēteris Caune
adb004b333
Read-only users cannot change project settings. 2020-08-26 15:04:12 +03:00
Pēteris Caune
2346ac3e80
Bugfix: don't allow duplicate team memberships 2020-08-19 12:07:48 +03:00
Pēteris Caune
9a1127005e
Link to the "Security" section in dashboard's README 2020-08-18 14:21:38 +03:00
Pēteris Caune
b7e2404f98
Host a read-only dashboard (from github.com/healthchecks/dashboard/), link to it from "Project Settings" > "Show API keys" 2020-08-18 14:07:55 +03:00
Pēteris Caune
697cb19bde
Handle excessively long email addresses in the team member invite form. 2020-08-17 12:05:19 +03:00
Pēteris Caune
b63f3bed8e
Limit project name to 60 characters to prevent abuse 2020-08-10 11:23:59 +03:00
Pēteris Caune
519a666057
{% site_name %} -> {{ site_name }} so we can use blocktrans tags for L10N 2020-07-21 17:59:39 +03:00
Pēteris Caune
cfb294862f
DRY, have a single "No billing address" modal dialog. 2020-05-29 15:33:33 +03:00
Pēteris Caune
95279f6f3f
Billing page allows setting up a subscription before a payment method is added. 2020-05-29 15:08:00 +03:00
Pēteris Caune
c057dbfb2c
Cleanup. 2020-04-20 11:54:27 +03:00
Pēteris Caune
57da17b8e2
Send an "Ownership Transfer Request" email notification. 2020-04-13 15:04:59 +03:00
Pēteris Caune
3bf1ad9746
Fix invite suggestions. 2020-04-13 12:26:05 +03:00