Commit Graph

202 Commits

Author SHA1 Message Date
Bai
5322bcbde8 fix: ukey login user deactive error no tips 2026-06-15 11:35:49 +08:00
Bai
98826222f6 fix: ukey auth user invalid alert error 2026-06-10 10:57:19 +08:00
Bai
b2dab8b059 fix: update user empty ukey_sn field value 2026-06-10 10:44:21 +08:00
Bai
096f72b563 fix: jida ukey show certAlg 2026-06-08 16:11:58 +08:00
Bai
002acb15bb perf: ukey auth security 2026-06-05 19:33:50 +08:00
Bai
8b7a4821ea perf: ukey change pin support validate length 2026-06-05 14:58:39 +08:00
Bai
a8aa4a0b55 perf: profile not display ukey for other user 2026-06-04 19:37:10 +08:00
Bai
9eae552d6f perf: add ukey_sn unique and unbind devSN operation 2026-06-04 18:55:07 +08:00
Bai
b65f67862c perf: auth ukey config interval time 5s 2026-06-04 15:06:14 +08:00
fit2bot
c38d661329 feat: support ukey 2026-06-04 14:47:19 +08:00
xiaoc
02137ec789 fix: LDAP user login exception 2026-05-29 18:34:15 +08:00
Bai
38f1d49e3f feat: add auth cert ca cert/key upload supported 2026-05-27 14:47:04 +08:00
Bai
1f1dd6b75a perf: auth cert add settings 2026-05-26 16:09:19 +08:00
Bai
1863c496a2 feat: cert auth support rsa 2026-05-26 14:44:42 +08:00
Bai
8316c2efb0 feat: driver config example 2026-05-26 14:13:27 +08:00
Bai
7fc87644d6 feat: modify cert login url 2026-05-25 19:20:43 +08:00
Jiangjie Bai
0d15c50e1f Feat authcert (#16856)
* feat: add auth cert config

* feat: add auth cert api driver.js

* feat: add auth cert enroll api - draft

* feat: add auth cert demo config yaml

* feat: finished gmssl sign user csr to cert

* feat: support auth cert login

* feat: support auth cert login

* perf: user login via cert, and driver config

* feat: user profile api add can_cert_auth field

* feat: add cert auth log

* feat: add cert auth support check acl, ip_block etc.

* feat: cert auth support mfa check

* feat: cert auth support mfa check

* feat: little perf

* feat: cert config add i18n

* feat: cert login html add i18n

* feat: add i18n lina

* feat: add driver config demo

* feat: add cert auth to settings

* feat: add gmssl dockerfile-ee

* feat: add user source choices

* feat: remove gmssl-python sdk
2026-05-25 16:41:47 +08:00
Bai
d0a5d68fec fix: oidc auth login log issue 2026-05-18 11:45:52 +08:00
Bai
48021bea50 fix: many login logs are record when user login once 2026-04-28 10:50:54 +08:00
wangruidong
d48eb40472 perf: Upgrade python version and dependency libraries
fix: Update aliyun-python-sdk-core-v3 to version 2.13.36 and remove telnetlib3 dependency

perf: Implement AsyncLocal for asynchronous context storage and update signal handler

fix: api docs access error

fix: ticket flow api docs access error

perf: stash ansible update version

perf: update pynacl to version 1.6.2

perf: update telnet version

perf: update docker-base

perf: update ci
2026-04-23 09:56:06 +08:00
ibuler
1e3f82fd43 Revert "perf: Upgrade python version and dependency libraries"
This reverts commit 07951b8ae1.
2026-04-22 19:03:23 +08:00
wangruidong
07951b8ae1 perf: Upgrade python version and dependency libraries
fix: Update aliyun-python-sdk-core-v3 to version 2.13.36 and remove telnetlib3 dependency

perf: Implement AsyncLocal for asynchronous context storage and update signal handler

fix: api docs access error

fix: ticket flow api docs access error

perf: stash ansible update version

perf: update pynacl to version 1.6.2

perf: update telnet version

perf: update docker-base
2026-04-22 17:20:35 +08:00
ibuler
4f430e2dd7 perf: update authenticated 2026-03-31 13:39:40 +08:00
ibuler
f9bcbaf168 Merge branch 'osm' of github.com:jumpserver/jumpserver into osm 2026-03-18 15:28:30 +08:00
ibuler
f94e1be039 perf: domains set to any 2026-03-18 15:28:16 +08:00
Bai
89baa52c99 feat: support custom-sso/login 2026-03-18 15:25:56 +08:00
wangruidong
fc2d4ae751 fix: Add user validity check to authentication process 2025-12-11 16:38:32 +08:00
Bai
14c2512b45 fix: accesskey authentication user is None error 2025-12-08 15:06:47 +08:00
Bai
d6d7072da5 perf: request.GET.copy() to dict(), because copy() returned values is list [] 2025-12-08 12:50:49 +08:00
fit2bot
993bc36c5e perf: handling the next parameter propagation issue in third-party authentication flows (#16395)
* perf: remove call client old- method via ?next=client

* feat: add 2 decorators for login-get and login-callback-get to set next_page and get next_page from session

* perf: code style

* perf: handling the next parameter propagation issue in third-party authentication flows

* perf: request.GET.dict() to copy()

* perf: style import

---------

Co-authored-by: Bai <baijiangjie@gmail.com>
2025-12-08 12:34:32 +08:00
fit2bot
ecff2ea07e perf: move oauth2_provider api auth_backend to the end, and while accesstoken_backend not user do not raise execption, go on next bakcned auth (#16393)
* perf: move oauth2_provider api auth_backend to the end, and while accesstoken_backend not user do not raise execption, go on next bakcned auth

* perf: re-sorted DEFAULT_AUTHENTICATION_CLASSES

---------

Co-authored-by: Bai <baijiangjie@gmail.com>
2025-12-08 09:57:17 +08:00
fit2bot
ba70edf221 perf: when oauth2 application delete expired well-known page cache via post_delete signal (#16392)
Co-authored-by: Bai <baijiangjie@gmail.com>
2025-12-08 09:54:18 +08:00
Bai
50050dff57 fix: cas only allow exist user login 2025-12-04 18:37:54 +08:00
fit2bot
ba17863892 perf: Remove unused CAS user exception handling and simplify login view error response (#16380)
* perf: Remove unused CAS user exception handling and simplify login view error response

* perf: position code

---------

Co-authored-by: wangruidong <940853815@qq.com>
Co-authored-by: Bai <baijiangjie@gmail.com>
2025-12-04 17:49:58 +08:00
fit2bot
e0388364c3 fix: use third part authentication service rediect to client failed (#16370)
* perf: .well-known cached 1h and support saml2 redirect_to client

* fix: support wecom redirect_to client (reslove wecom waf 501 error)

* fix: support oauth2 auth rediect to client

* fix: safe next url

---------

Co-authored-by: Bai <baijiangjie@gmail.com>
2025-12-03 19:07:00 +08:00
Bai
3c96480b0c perf: add manage.py command: init_oauth2_provider, resolve init jumpserver client failed issue 2025-12-03 14:37:20 +08:00
Bai
b8ecb703cf perf: url revoke_token/ to revoke/ 2025-12-02 18:21:13 +08:00
Bai
427fd3f72c perf: organize oauth2_provider urls, add .well-known API 2025-12-02 14:55:09 +08:00
wangruidong
d4d4cadbcd fix: OAuth2 Only allow existing users to log in operate log error 2025-11-13 18:42:28 +08:00
wangruidong
ad8c0f6664 fix: SAML2 Only allow existing users to log in operate log error 2025-11-13 16:36:58 +08:00
fit2bot
8d7267400d fix: OpenID Only allow existing users to log in operate log error (#16013)
Co-authored-by: wangruidong <940853815@qq.com>
2025-10-22 14:53:12 +08:00
feng
92e250e03b perf: user_can_authenticate add logger 2025-10-14 15:48:47 +08:00
Bai
b15f663c87 fix: AK/SK remained valid after the user expired. 2025-09-16 13:32:25 +08:00
Bai
7a6187b95f fix: temp token backend 2025-09-03 18:10:10 +08:00
fit2bot
24f7946b7b perf: change some field to encrypt field (#15842)
* perf: conn token add remote addr

* perf: change some field to encrypt field

---------

Co-authored-by: ibuler <ibuler@qq.com>
2025-08-14 15:05:18 +08:00
wangruidong
a822905ae7 fix: When the cas user doesn't exist, you will be prompted with an error when logging in. 2025-07-31 17:15:18 +08:00
ibuler
be24f28d9b perf: in safe mode passkey cannot be as mfa 2025-07-25 10:50:46 +08:00
feng
38b268b104 fix: Circular import 2025-07-22 14:36:22 +08:00
feng
75575af56f perf: Callback client 2025-07-22 13:51:08 +08:00
wangruidong
cc4be36752 perf: Log IntegrityError details during user authentication 2025-07-15 18:58:16 +08:00