Commit Graph

19 Commits (af0a630ea39ff2e803c8708bc645553413912cb3)

Author SHA1 Message Date
Jordan Wright bb7de8df3e
Initial Implementation of a Password Policy (#1867)
This PR adds the initial work to implement a password policy as defined in #1538.

Specifically, this implements the following

* Rate limiting for the login handler
* Implementing the ability for system admins to require a user to reset their password
* Implementing a password policy that requires passwords to be a minimum of 8 characters
* Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up
* Adds a password strength meter when choosing a new password

Fixes #1538
2020-06-19 22:03:51 -05:00
Jordan Wright ec8b17238e General code cleanup as part of an effort to integrate staticcheck into our CI pipeline. 2020-05-25 21:46:36 -05:00
Jordan Wright be459e47bf
Refactoring tests to remove stretchr/testify dependency 2020-02-01 21:44:50 -06:00
Jordan Wright 84096b8724
Implement User Management API (#1473)
This implements the first pass for a user management API allowing users with the `ModifySystem` permission to create, modify, and delete users. In addition to this, any user is able to use the API to view or modify their own account information.
2019-05-31 13:58:18 -05:00
David Maciejak de21f608d6 Prevent adding an empty recipient (#1448) 2019-05-30 11:46:45 -05:00
Jordan Wright 47f0049c30
Refactor servers (#1321)
* Refactoring servers to support custom workers and graceful shutdown.
* Refactoring workers to support custom mailers.
* Refactoring mailer to be an interface, with proper instances instead of a single global instance
* Cleaning up a few things. Locking maillogs for campaigns set to launch immediately to prevent a race condition.
* Cleaning up API middleware to be simpler
* Moving template parameters to separate struct
* Changed LoadConfig to return config object
* Cleaned up some error handling, removing uninitialized global error in models package
* Changed static file serving to use the unindexed package
2018-12-15 15:42:32 -06:00
Jordan Wright 240a0d3ad2 Simple check for empty columns in CSV import to prevent crashes 2018-06-09 14:20:14 -05:00
Jordan Wright 35a8f13990 Improved group CSV parsing. Added ability to download CSV template from the group modal. 2018-06-09 13:22:11 -05:00
Jordan Wright ebb6cd61b2 Implemented the ability to preview landing pages when sending a test email. 2018-06-08 21:20:52 -05:00
Jordan Wright 5d23263898
Moved logging to logrus package. Not perfect yet (still want to update the access logs), but should set the foundation to make better logging in the future. 2018-05-03 19:07:41 -05:00
Jordan Wright 0d03d01fa5 Fixed CSV Parsing to allow emails in <email@example.com> syntax. Fixes #764 2017-09-24 17:50:58 -05:00
Jordan Wright 0f5bf29972 Automatic Creation of SSL Certificates (#443)
Thanks @ss23!
2016-11-19 12:04:10 -06:00
Jordan Wright 7f381f861e Minor gofmt change 2016-02-09 22:29:13 -06:00
Jordan Wright 32aaa15da7 Added documentation for multiple endpoints. Fixes #54 2016-01-24 20:47:16 -06:00
Jordan Wright e78ec27ef2 Adding package documentation for util and worker packages 2016-01-16 22:34:02 -06:00
William Woodson 3a0fa4f93f Update bcrypt dependency and code moved to gophish group 2016-01-10 11:04:03 -06:00
unknown 0b73d5f6ee Can now use Position in CSV import.
Added Position attribute to Target model.
Fixes #17
2015-02-21 11:36:08 -06:00
unknown 759f86447d Working on importing emails from source (still doesn't work yet!) 2015-02-15 21:53:30 -06:00
Jordan efec86ae56 Added util package for handling misc. tasks
Added basic (*not finished*) functionality for handling bulk user insert
2014-06-21 21:06:16 -05:00