2e7247ec7c
feature (plg_authentication_htpasswd): bcrypt support
2025-07-10 00:26:13 +10:00
b59707c111
Merge branch 'master' of ssh://github.com/mickael-kerjean/filestash
2025-06-30 12:18:47 +10:00
45432e1f32
fix (htpasswd): hash acceptance rules - #821
...
For htpasswd entries where hash is an actual valid hash (SHA etc.), the hash
itself should not be accepted as password. Otherwise, obtaining the htpasswd
file gives an attacker access to all accounts withoutneeding to crack/reverse
hashes.
This commit tries to ensure that hash==password is only accepted if hash is
not a valid hash (plaintext password fallback).
2025-06-30 12:18:37 +10:00
72312435cf
chore (refactoring): cleanup plugin
2025-06-30 12:11:42 +10:00
eb7e30424e
fix (capitalisation): disable android capit.
2025-03-18 20:57:34 +11:00
d6bc0d55f1
chore (banner): auth middleware banners
2024-12-10 00:42:06 +11:00
e1b477b65b
feature (base): configurable base
2024-06-21 21:05:44 +10:00
5b89af8237
chore (extand): additional attributes for htpasswd
2024-06-04 08:06:24 +10:00
742b5be307
chore (maintain): htpasswd failed build
2024-06-04 01:56:36 +10:00
b4043715d2
chore (maintenance): dependency upgrade
2024-06-04 01:21:34 +10:00
d554c81fa5
fix (build): broken build on dependency
2024-06-04 00:26:58 +10:00
cb7f1693bd
feature (config): encrypt sensitive fields in config.json
2022-11-22 08:12:36 +11:00
e585be579a
feature (htpasswd): enlarge scope of htpasswd auth plugin
2022-11-12 23:26:39 +11:00
10daf893cd
improve (plg_authenticate_htpasswd): support additional algorithm
2022-11-12 00:50:45 +11:00
c828b22f7a
improve (middleware): content for description fields
2022-11-10 00:16:08 +11:00
e0f2f29307
feature (htpasswd): new authentication middleware
2022-11-09 14:00:48 +11:00
