Commit Graph

222 Commits

Author SHA1 Message Date
Khushboo Vashi
d4697e8f1c Ensure that users should be able to modify the REMOTE_USER environment
variable as per their environment by introducing the new config parameter
WEBSERVER_REMOTE_USER.

Fixes #6953
2021-11-10 15:38:41 +05:30
Akshay Joshi
0f92f54452 Update version for release. 2021-10-18 16:10:37 +05:30
Khushboo Vashi
a726635290 1) Added support for authentication via the web server (REMOTE_USER). Fixes #6657
2) Fixed OAuth2 integration redirect issue. Fixes #6719

Initial patch for 6657 sent by: Tom Schreiber
2021-10-12 14:52:30 +05:30
Akshay Joshi
02edea9bd7 Update version for release. 2021-10-04 19:40:31 +05:30
Akshay Joshi
7d07770244 Reverting 'Two-factor authentication' support as it cause OSX and docker build failures.
This reverts commit 787a441343.
2021-09-29 13:24:18 +05:30
Ashesh Vashi
787a441343 Added support for Two-factor authentication for improving security. Fixes #6543 2021-09-28 17:47:00 +05:30
Akshay Joshi
522a92586a Added PG/EPAS 14 binary path entry in the preferences dialog. 2021-09-20 14:59:05 +05:30
Akshay Joshi
15c99ec9e7 Changed APP_SUFFIX and APP_VERSION_INT for testing upgrade scenario. 2021-09-10 12:01:05 +05:30
Akshay Joshi
a72bae9e2f Update version for release. 2021-09-06 19:23:02 +05:30
Nico Rikken
d13d2c6dda Introduced OAUTH2_SCOPE variable for the Oauth2 scope configuration. Fixes #6627 2021-08-31 14:36:14 +05:30
Rahul Shirsat
ab04b30726 1. Unverified email id is getting locked.
2. Admin should be able to lock the user, as currently it only unlocks it via
   user management dialog.
3. There were some indefinite login page loading issues when trying to log in
   with invalid password, where it should redirect to the login page again instead.

refs #6337 (Initial patch by Khushboo Vashi)
2021-08-09 21:04:49 +05:30
Akshay Joshi
8738f6dd98 Update version for release. 2021-08-09 14:44:52 +05:30
Florian Sabonchi
a3d3c74e67 Ensure that the login account should be locked after N number of attempts. N is configurable using the 'MAX_LOGIN_ATTEMPTS' parameter. Fixes #6337 2021-07-22 12:24:43 +05:30
Rahul Shirsat
b0727cc532 Fixed CSRF errors for stale sessions by increasing the session expiration time for desktop mode. Fixes #6369 2021-07-15 17:49:42 +05:30
Akshay Joshi
7b050a4c31 Update version for release. 2021-07-12 16:35:25 +05:30
Khushboo Vashi
48ca83f31d Added support for OAuth 2 authentication. Fixes #5940
Initial patch sent by: Florian Sabonchi
2021-07-06 13:22:58 +05:30
Rahul Shirsat
9fdda038a9 Resolve the log in issue for a user having a non-existing email id
1) Added CHECK_EMAIL_DELIVERABILITY & SECURITY_EMAIL_VALIDATOR_ARGS.
  2) Added test cases for deliverability check.

Fixes #6550
2021-07-05 12:55:40 +05:30
Dave Page
a2b67b933e PEP-8 fix. 2021-06-30 11:04:50 +01:00
Dave Page
b98e881d84 Disable email deliverability check that was introduced in flask-security-too by default to maintain backwards compatibility.
Fixes #6550
2021-06-30 10:46:32 +01:00
Dave Page
083509eb97 Show the full range of options for the default binary path dict. 2021-06-15 14:32:05 +01:00
Akshay Joshi
ae2d588f46 Update version for release. 2021-06-14 21:00:26 +05:30
Nikhil Mohite
2549688bdf 1) Disable the PSQL feature entirely in server mode by default.
2) Remove the code that attempts to filter out commands.

refs #2341
2021-06-14 20:53:11 +05:30
Akshay Joshi
07eb541806 1) Added logic to set the appropriate default binary path if DEFAULT_BINARY_PATH is
set in the config and the user not updated the preferences.
2) Remove 'gpdb' from DEFAULT_BINARY_PATH.
3) Fixed API test cases. 

refs #5370
2021-06-07 20:36:34 +05:30
Akshay Joshi
4bc4ca1ba9 1) Added browse button to select the binary path in the Preferences. Fixes #1561
2) Added support to set the binary path for the different database server versions. Fixes #5370
2021-06-04 17:55:35 +05:30
Yogesh Mahajan
faa49687be Added support to rotate the pgadmin log file on the basis of Size and Age. Fixes #6395 2021-05-25 20:18:46 +05:30
Nikhil Mohite
3ddf941cd7 Added support to launch PSQL for the connected database server. Fixes #2341 2021-05-25 20:12:57 +05:30
Akshay Joshi
1c2b312d49 Update version for release. 2021-05-17 19:15:27 +05:30
Khushboo Vashi
72f3730c34 Added support to connect PostgreSQL servers via Kerberos authentication. Fixes #6158 2021-05-03 16:10:45 +05:30
Akshay Joshi
81e077da5e Update version for release. 2021-04-19 17:10:57 +05:30
Akshay Joshi
1321a623bd Update version for release. 2021-03-22 18:05:13 +05:30
Akshay Joshi
102ffd141c Implemented runtime using NWjs to open pgAdmin4 in a standalone window
instead of the system tray and web browser. Used NWjs to get rid of QT
and C++. Fixes #5967

Use cheroot as the default production server for pgAdmin4. Fixes #5017
2021-01-29 13:38:27 +05:30
Akshay Joshi
e5407ab2bd Update version for release. 2021-01-25 17:32:56 +05:30
Khushboo Vashi
c0ef0a893d 1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457
2) Fixed incorrect log information for AUTHENTICATION_SOURCES. Fixes #5829
2021-01-18 16:32:10 +05:30
Akshay Joshi
f0debdd513 Revert "1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457"
This reverts commit 6ead597b43.
2021-01-14 14:46:59 +05:30
Khushboo Vashi
6ead597b43 1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457
2) Fixed incorrect log information for AUTHENTICATION_SOURCES. Fixes #5829
2021-01-14 13:46:48 +05:30
Akshay Joshi
b372f08a59 Update copyright notices for 2021 2021-01-04 15:34:45 +05:30
Akshay Joshi
bb25e85834 Update version for release. 2020-12-07 15:51:22 +05:30
Akshay Joshi
552a1bfaa6 Update version for release. 2020-11-09 14:35:55 +05:30
navnath gadakh
3a38f6b147 Added ALLOWED_HOSTS support.
refs #5919
2020-11-09 12:35:19 +05:30
Akshay Joshi
9e2127b2a5 Removed ALLOWED_HOSTS support as it requires 'netaddr' which doesn't support Python 3.5 2020-11-05 12:43:11 +05:30
Ganesh Jaybhay
08c4deba5a Added following security enhancements:
1) Added ALLOWED_HOSTS list to limit the host address.
  2) Added CSP and HSTS security header.
  3) Hide the webserver/ development framework version.

Fixes #5919
2020-10-20 17:14:45 +05:30
Akshay Joshi
9898e114f1 Update version for release. 2020-10-12 18:03:27 +05:30
Akshay Joshi
7dca844cbe Update version for release. 2020-09-14 17:53:54 +05:30
Cyril Jouve
5a253f9053 Change the following to replace Python 2 code with Python 3:
1) Replace the deprecated unit test method.
2) Wraps filter usage in a list call.
3) Converts the old metaclass syntax to new.
4) Use range instead of xrange method.
5) Change Unicode to str.
6) Several other transformations.
7) Fixed change password test cases.
8) Use simplejson instead of plain JSON.
2020-08-31 16:45:31 +05:30
Akshay Joshi
e3b1ef0b80 Update version for release. 2020-08-17 17:29:19 +05:30
Akshay Joshi
c0e30c93e5 Update version for release. 2020-07-20 16:18:36 +05:30
Khushboo Vashi
645517d22d Added support for LDAP anonymous binding. Fixes #5650 2020-07-20 15:30:06 +05:30
Dave Page
fb2178e5d3 Support configuration files that are external to the application installation. Fixes #5235 2020-07-17 17:54:12 +05:30
Khushboo Vashi
58b4c45d0c Added support for LDAP authentication with different DN by setting the dedicated user for the LDAP connection. Fixes #5484 2020-07-06 19:35:55 +05:30
Akshay Joshi
c2268c82ee Update version for release. 2020-06-22 17:42:46 +05:30