Commit Graph

43 Commits

Author SHA1 Message Date
Akshay Joshi
964d211260 Copyright updated for 2025 2025-01-01 11:26:42 +05:30
Khushboo Vashi
f4761f55f7 Fixed Multi-Factor Authentication bypass vulnerability (CVE-2024-4215). #7425 2024-04-29 13:41:02 +05:30
Akshay Joshi
740ce15bd7 Update copyright notices for 2024 2024-01-01 14:13:48 +05:30
Yogesh Mahajan
cd613ded0a Ensure user is redirected to login page after failed login. #6704 2023-08-25 10:38:50 +05:30
Aditya Toshniwal
d6cddd8c29 Remove Bootstrap and jQuery from authentication pages and rewrite them in ReactJS. #6295 2023-06-30 16:08:33 +05:30
Yogesh Mahajan
39a0f46159 Ensure that internal users are able to login when auth sources are [ldap, internal]. #6151 2023-04-24 11:54:02 +05:30
Khushboo Vashi
fa29ba9163 Fixed the LDAP authentication issue for the simultaneous login attempts. 2023-04-04 18:47:13 +05:30
Aditya Toshniwal
292d76b39e Update SQLAlchemy, Flask, Flask-SQLAlchemy, and other packages to current versions. #5901
- Update Flask, Flask-SQLAlchemy, Flask-Babel, Flask-Security-Too, Flask-SocketIO, pytz, psutil, SQLAlchemy, bcrypt, cryptography, eventlet, Authlib, requests python packages
- Remove pinned dnspython, Werkzeug packages from requirements.txt
2023-03-15 11:57:16 +05:30
Akshay Joshi
3c56c0e4b7 Revert "Update SQLAlchemy, Flask, Flask-SQLAlchemy, and other packages to current versions. #5901"
This reverts commit 31818bb67a.
2023-03-09 16:53:43 +05:30
Aditya Toshniwal
31818bb67a Update SQLAlchemy, Flask, Flask-SQLAlchemy, and other packages to current versions. #5901
Remove the python version check from the requirements.txt.
2023-03-08 18:26:51 +05:30
Akshay Joshi
98184e5835 Update copyright notices for 2023 2023-01-02 11:53:55 +05:30
Khushboo Vashi
213c9d683f Fix the webserver and internal authentication setup issue. #5586 2022-12-20 11:26:47 +05:30
Aditya Toshniwal
4fc0f288c7 Use SocketIO instead of REST for fetching database tables data in ERD. #5065 2022-10-17 15:24:22 +05:30
Yogesh Mahajan
f052ecffc0 Fixed intermittent error shown while OAuth2 login 2022-09-23 13:58:02 +05:30
Aditya Toshniwal
e2b00dda1b Fixes a redirect vulnerability when the user opens the pgAdmin URL. Fixes #5343 2022-09-19 15:36:10 +05:30
Aditya Toshniwal
04b1e26041 Fixed an issue where server names with special characters are not displayed correctly in the process tab. Fixes #7695 2022-09-15 16:43:37 +05:30
Aditya Toshniwal
2de965d710 1. Use EDB's repo for react-data-grid instead of the personal repo.
2. Improved searching in the Search Objects.
3. Fixed react warnings in the query tool.
4. Fixed some SonarQube issues.
2022-09-13 19:13:33 +05:30
Yogesh Mahajan
7b6469bd35 Fixed an issue where the error is shown on logout when the authentication source is oauth2. Fixes #7059 2022-03-15 16:38:54 +05:30
Yogesh Mahajan
b539637426 Fixed an issue where a warning is flashed every time for an email address when
authentication sources are internal and ldap. Fixes #6999
2022-02-16 13:34:24 +05:30
Akshay Joshi
2786f7ac5a Update copyright notices for 2022 2022-01-04 13:54:25 +05:30
Yogesh Mahajan
48dc4bacc4 Fixed Kerberos authentication issue which is broken due to 2FA.
refs #6543
2021-12-06 20:14:39 +05:30
Ashesh Vashi
36c9eb3dfd Added support for Two-factor authentication for improving security. Fixes #6543 2021-12-02 16:47:18 +05:30
Akshay Joshi
d644b4f94e 1) Replace Flask-BabelEx with Flask-Babel. Fixes #6088
2) Upgrade Flask to version 2. Fixes #7010
2021-11-24 17:22:57 +05:30
Akshay Joshi
7d07770244 Reverting 'Two-factor authentication' support as it cause OSX and docker build failures.
This reverts commit 787a441343.
2021-09-29 13:24:18 +05:30
Ashesh Vashi
787a441343 Added support for Two-factor authentication for improving security. Fixes #6543 2021-09-28 17:47:00 +05:30
Akshay Joshi
7798584e1c Fixed an issue where columns with sequences get altered unnecessarily with a schema diff tool. Fixes #6564 2021-08-18 19:33:01 +05:30
Rahul Shirsat
ab04b30726 1. Unverified email id is getting locked.
2. Admin should be able to lock the user, as currently it only unlocks it via
   user management dialog.
3. There were some indefinite login page loading issues when trying to log in
   with invalid password, where it should redirect to the login page again instead.

refs #6337 (Initial patch by Khushboo Vashi)
2021-08-09 21:04:49 +05:30
Khushboo Vashi
78b041465e Fixed an issue where even if the user is locked, he can reset the password and can login into pgAdmin. Fixes #6664 2021-08-09 14:24:26 +05:30
Akshay Joshi
025c98ced8 1) Flash warning message of N no of attempts left for the unsuccessful login attempt.
2) Updated some strings in the Preferences for the "Maximum column width" option.
2021-08-03 17:06:06 +05:30
Florian Sabonchi
a3d3c74e67 Ensure that the login account should be locked after N number of attempts. N is configurable using the 'MAX_LOGIN_ATTEMPTS' parameter. Fixes #6337 2021-07-22 12:24:43 +05:30
Khushboo Vashi
3590c9172c Fixed an issue where the user unable to login with OAuth2 when LDAP & OAuth2 configured as login sources. Fixes #6594 2021-07-09 21:50:50 +05:30
Khushboo Vashi
48ca83f31d Added support for OAuth 2 authentication. Fixes #5940
Initial patch sent by: Florian Sabonchi
2021-07-06 13:22:58 +05:30
Ashesh Vashi
9574f43f87 Refactor the registry class logic and remove duplicate code for the same functionality. 2021-06-24 11:30:11 +05:30
Khushboo Vashi
460fb7ec29 Fixed an issue where pgAdmin does not open after password reset in server mode. Fixes #6513 2021-06-10 22:55:31 +05:30
Khushboo Vashi
72f3730c34 Added support to connect PostgreSQL servers via Kerberos authentication. Fixes #6158 2021-05-03 16:10:45 +05:30
Khushboo Vashi
437f0df0f3 Ensure that the strings in the LDAP auth module are translatable. Fixes #6274 2021-04-08 18:15:34 +05:30
Akshay Joshi
3fc0cc3e92 Fixed SonarQube issues 2021-02-15 17:31:20 +05:30
Khushboo Vashi
c0ef0a893d 1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457
2) Fixed incorrect log information for AUTHENTICATION_SOURCES. Fixes #5829
2021-01-18 16:32:10 +05:30
Akshay Joshi
f0debdd513 Revert "1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457"
This reverts commit 6ead597b43.
2021-01-14 14:46:59 +05:30
Khushboo Vashi
6ead597b43 1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457
2) Fixed incorrect log information for AUTHENTICATION_SOURCES. Fixes #5829
2021-01-14 13:46:48 +05:30
Akshay Joshi
b372f08a59 Update copyright notices for 2021 2021-01-04 15:34:45 +05:30
Aditya Toshniwal
370094274c Fixed post-login redirect location when running in server mode under a non-default root. Fixes #5473 2020-05-04 15:00:45 +01:00
Khushboo Vashi
f77aa3284f Added LDAP authentication support. Fixes #2186 2020-04-06 15:57:05 +05:30