Jordan Wright
a73ac4ab7c
Fixed various minor linting issues
2018-12-15 21:38:51 -06:00
Jordan Wright
5d23263898
Moved logging to logrus package. Not perfect yet (still want to update the access logs), but should set the foundation to make better logging in the future.
2018-05-03 19:07:41 -05:00
Shuhei Kitagawa
d7810ddd2b
Fix to raise error when trying to register a duplicate username ( #926 )
...
This corrects a minor error from recent changes in which registering an existing username didn't throw an error.
2018-01-13 16:35:58 -06:00
Shuhei Kitagawa
405bc5effe
Refactor GetUserByUsername method not to suppress an error ( #920 )
...
Also adding some other tests for the User models.
2018-01-11 18:37:38 -06:00
s vignesh
bfb7fd11e8
Fixing XSS Vulnerabilities
...
This pull request fixed XSS vulnerabilities identified in the gophish admin panel.
**Important: These vulnerabilities could only be exploited if someone had access to the admin panel already, and could only exploit the vulnerability against the same account.**
2016-09-15 00:52:58 -04:00
Jordan Wright
103fd72cc8
Fixing context issues with Go 1.7.
2016-09-14 22:24:51 -05:00
Jordan Wright
cb70e0b953
Making all cookies httponly - Fixes #333
2016-08-06 16:00:36 -05:00
Rob Cutmore
a5a7b23479
Use more descriptive variable names in auth.go
2016-03-02 19:59:40 -05:00
Rob Cutmore
e39ae8dfdd
Confirm password on registration or change
...
Updated to confirm password when registering user or changing a
user's password.
Fixes #180
2016-03-02 08:33:27 -05:00
Jordan Wright
3d9e447992
Removing support for empty passwords - fixes #149
2016-02-13 16:37:12 -06:00
Jordan Wright
32aaa15da7
Added documentation for multiple endpoints. Fixes #54
2016-01-24 20:47:16 -06:00
Jordan Wright
fc6d556742
Caused API key to be generated dynamically for admin user. Fixes #60
2016-01-12 20:46:17 -06:00
Jordan Wright
1081258c02
Fixing dependencies
2016-01-11 22:46:48 -06:00
Jordan Wright
737f41e5c6
Updated bcrypt dependency - fixes #63
2016-01-10 14:54:59 -06:00
unknown
f21d40d77a
Registration works again.
...
Additional cleanup, removing unused code
2015-02-07 17:30:22 -06:00
Jordan
e137126a90
Working on gorm integration
...
TODO:
[ ] Finish up groups (many-to-many with group_targets)
[ ] Convert Template models
2014-03-25 23:53:51 -05:00
Jordan
584d7dbc23
Major refactoring - modularized models into separate files. Removed db package (moved to models)
...
I will be looking to migrate to gorm (instead of gorp) soon!
2014-03-24 22:31:33 -05:00
Jordan
a3882cbf02
A couple more auth.go cleanups
2014-03-18 14:35:02 -05:00
Jordan
38db9480a2
Cleaned up comments for auth.go
2014-03-18 14:28:47 -05:00
Jordan
eb8491c144
Implemented ChangePassword() (now password can be changed from /settings)
...
A couple of UI fixes in tables
2014-02-10 13:02:44 -06:00
Jordan
40cd2ae837
Cleaned up some errors
...
Implemented using db.* helpers (ie GetUser)
Implemented ChangePassword (not reachable from UI currently)
Fixed angular issue in settings.html template
2014-02-06 10:49:53 -06:00
Jordan
50292da53f
Implemented Registration
...
Created auth.GenerateSecureKey to handle generating API Keys
2014-02-04 18:39:01 -06:00
Jordan
e312e90570
Added ability to reset API token
...
Cleaned up session flash handling
2014-02-02 14:47:06 -06:00
Jordan
87fbd41184
Changing int to int64
...
Starting to implement angularjs
Implemented /api/campaigns/:id GET
Changed template delims to {{% and %}}
2014-01-31 20:49:22 -06:00
Jordan
c59415a133
Adding some models - Incorporated use of `gorp` package to allow ORM'ish functionality
2014-01-30 15:08:14 -06:00
Jordan
6944854005
Added support for --setup flag to reset database
2014-01-12 22:39:40 -06:00
Jordan
4ad8c3c468
Implemented GetUserByAPIKey and changed GetUser to GetUserById
2014-01-12 20:00:52 -06:00
Jordan
cdb4181406
Renamed CheckLogin to Login
...
Changed encryption cookie to be 32 bytes (64 bytes not supported)
2014-01-11 00:10:52 -06:00
Jordan
2a62f62bc6
Cleaned API even more (everything is via HandlerFunc)
...
Sessions are now encrypted as well as signed.
2014-01-10 22:37:42 -06:00
Jordan
61ef18b3b4
Implemented auth.GetUser(id)
...
Impemented RequireLogin() middleware
Login is now working, just need to clean up the architecture a bit
2014-01-09 22:21:12 -06:00
Jordan
bb627396ee
Implemented Flashes (Model and functionality)
...
Working on login functionality
Changed the way templates are loaded and rendered
2014-01-09 21:21:54 -06:00
Jordan
7eb90b27ad
Moved DB to root folder
...
Created db package to handle DB connection/queries
Removed Setup.go (now handled in db package)
Setup context in middleware
2014-01-09 17:18:49 -06:00
Jordan
7f084760f9
Major refactoring - created auth, config, models, controllers, and middleware packages. Should help provide modularity and a clean architecture.
...
Added doc.go for each package
2014-01-09 00:42:05 -06:00