Commit Graph

32 Commits (14bb02f2d201bdf4a43968947bd07aed625d1279)

Author SHA1 Message Date
Glenn Wilkinson 0558da90fe
Added support to allow invalid IMAP certificates (#1909)
This commit allows self-signed certificates to be used in upstream IMAP connections.
2020-08-08 15:03:42 -05:00
Jordan Wright bb7de8df3e
Initial Implementation of a Password Policy (#1867)
This PR adds the initial work to implement a password policy as defined in #1538.

Specifically, this implements the following

* Rate limiting for the login handler
* Implementing the ability for system admins to require a user to reset their password
* Implementing a password policy that requires passwords to be a minimum of 8 characters
* Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up
* Adds a password strength meter when choosing a new password

Fixes #1538
2020-06-19 22:03:51 -05:00
Glenn Wilkinson 9de32746ee Added IMAP support for checking reported emails (#1612)
Initial support of managing reporting through IMAP.

Co-Authored-By: Jordan Wright <jmwright798@gmail.com>
2020-01-18 11:58:34 -06:00
Jordan Wright 84096b8724
Implement User Management API (#1473)
This implements the first pass for a user management API allowing users with the `ModifySystem` permission to create, modify, and delete users. In addition to this, any user is able to use the API to view or modify their own account information.
2019-05-31 13:58:18 -05:00
Jordan Wright ba8ceb81da
Initial commit of RBAC support. (#1366)
* Initial commit of RBAC support. Closes #1333
2019-02-19 20:33:50 -06:00
Jordan Wright abafe3526b Moved documentation links to point to docs.getgophish.com. 2018-10-11 12:06:36 -05:00
Jordan Wright 6f81f1f2e2 Making the results map an optional setting stored in localStorage. Fixes #747
Also does more formatting fixes for various files.
2017-09-16 23:30:04 -05:00
Jordan Wright dbadac3eca Explicitly disabled autocomplete for password fields 2017-02-10 18:38:23 -06:00
Jordan Wright c52981614a Updated nav link to point to the correct User Guide 2017-01-14 17:33:37 -06:00
Jordan Wright 9dfe54ac3d Added gulpfile to minify and concat JS + CSS files for faster loading. 2017-01-08 14:35:08 -06:00
Jordan Wright e7a9fb5666 Moved user guide to github wiki 2016-11-13 20:54:27 -06:00
Jordan Wright 33df3c3868 Added the version to the settings page. 2016-08-06 18:58:34 -05:00
Rob Cutmore e39ae8dfdd Confirm password on registration or change
Updated to confirm password when registering user or changing a
user's password.

Fixes #180
2016-03-02 08:33:27 -05:00
William Woodson 306d315941 Updated menus to include link to sending_profiles page 2016-02-20 16:39:23 -06:00
Jordan Wright fdfeafa1ec Restricted registration to only logged in users. Fixes #137 2016-02-09 22:19:06 -06:00
unknown fc2aa71e91 Fixed settings - can now reset password, api key. 2015-08-15 16:03:39 -05:00
unknown 0c71c8982e Fixed settings page (missing closing script tag) 2015-07-29 23:15:49 -05:00
unknown 0e496bdf73 Migrated settings (at least it loads).
Working on making the template syntax consistent across all the files, cleaning them up, etc.
2015-06-21 16:10:47 -05:00
unknown e1eadc3892 Re-organizing files to use Jquery instead of Angular 2015-06-15 16:49:16 -05:00
Jordan 776f591f68 Cleaned up old gorp code
Bug fix in settings template
2014-03-26 15:01:49 -05:00
Jordan b3e3dd8ff1 Added "templates" Template, View, and Route
Added "unsafe" filter per stackoverflow
Updated side nav to include links to "/templates"
2014-03-18 15:20:34 -05:00
Jordan 631cd1ad13 Fixed the way Angular POSTS data
Added error code to checkError to support responses such as BadRequest, NotFound, etc.
2014-02-12 10:43:54 -06:00
Jordan eb8491c144 Implemented ChangePassword() (now password can be changed from /settings)
A couple of UI fixes in tables
2014-02-10 13:02:44 -06:00
Jordan 40cd2ae837 Cleaned up some errors
Implemented using db.* helpers (ie GetUser)
Implemented ChangePassword (not reachable from UI currently)
Fixed angular issue in settings.html template
2014-02-06 10:49:53 -06:00
Jordan 7045c7f3e2 Refined CSRF Protection Exempt Glob (/api/* to /api/*/*) to provide CSRF protection /api/reset
Added stub for /api/campaigns/:id/launch
2014-02-03 23:41:31 -06:00
Jordan e0e15221b1 Updated README
Added CSRF Protection to login, /api/reset functions
Added auto highlighting of API key when clicked
2014-02-03 17:21:56 -06:00
Jordan 43417d160f Cleaning up some broken links
Changed default admin password to 'gophish'
Fixed bug in POST /api/campaigns
Starting to implements groups and users functionality
2014-02-02 16:37:36 -06:00
Jordan e312e90570 Added ability to reset API token
Cleaned up session flash handling
2014-02-02 14:47:06 -06:00
Jordan 87fbd41184 Changing int to int64
Starting to implement angularjs
Implemented /api/campaigns/:id GET
Changed template delims to {{% and %}}
2014-01-31 20:49:22 -06:00
Jordan c60b9d584b - Working on implementing the API (started working on /api/campaigns)
- Implemented APIKey middleware
- Changed settings template to look a bit nicer and to, you know, work.
2014-01-30 22:46:25 -06:00
Jordan e9aa8d2c88 Updated settings template and route to show basic user info 2014-01-30 15:15:12 -06:00
Jordan Wright a64b0c10c9 Moved structs to models.go file
Changed config to have "host" string
Working on simple mailing library
Some basic template bug fixes (eventually I might move the side nav to a template)
2013-12-12 00:27:43 -06:00