mirror of
https://github.com/openziti/zrok.git
synced 2025-01-11 00:18:43 +01:00
Merge branch 'v0.4.0_password_requirements' into v0.4.0
This commit is contained in:
commit
c889005ac1
@ -22,6 +22,7 @@ type Config struct {
|
|||||||
Bridge *metrics.BridgeConfig
|
Bridge *metrics.BridgeConfig
|
||||||
Endpoint *EndpointConfig
|
Endpoint *EndpointConfig
|
||||||
Email *emailUi.Config
|
Email *emailUi.Config
|
||||||
|
Invites *InvitesConfig
|
||||||
Limits *limits.Config
|
Limits *limits.Config
|
||||||
Maintenance *MaintenanceConfig
|
Maintenance *MaintenanceConfig
|
||||||
Metrics *metrics.Config
|
Metrics *metrics.Config
|
||||||
@ -33,11 +34,8 @@ type Config struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type AdminConfig struct {
|
type AdminConfig struct {
|
||||||
InvitesOpen bool
|
Secrets []string `cf:"+secret"`
|
||||||
InviteTokenStrategy string
|
TouLink string
|
||||||
InviteTokenContact string
|
|
||||||
Secrets []string `cf:"+secret"`
|
|
||||||
TouLink string
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type EndpointConfig struct {
|
type EndpointConfig struct {
|
||||||
@ -45,6 +43,12 @@ type EndpointConfig struct {
|
|||||||
Port int
|
Port int
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type InvitesConfig struct {
|
||||||
|
InvitesOpen bool
|
||||||
|
TokenStrategy string
|
||||||
|
TokenContact string
|
||||||
|
}
|
||||||
|
|
||||||
type MaintenanceConfig struct {
|
type MaintenanceConfig struct {
|
||||||
ResetPassword *ResetPasswordMaintenanceConfig
|
ResetPassword *ResetPasswordMaintenanceConfig
|
||||||
Registration *RegistrationMaintenanceConfig
|
Registration *RegistrationMaintenanceConfig
|
||||||
|
@ -21,20 +21,22 @@ func newConfigurationHandler(cfg *config.Config) *configurationHandler {
|
|||||||
func (ch *configurationHandler) Handle(_ metadata.ConfigurationParams) middleware.Responder {
|
func (ch *configurationHandler) Handle(_ metadata.ConfigurationParams) middleware.Responder {
|
||||||
data := &rest_model_zrok.Configuration{
|
data := &rest_model_zrok.Configuration{
|
||||||
Version: build.String(),
|
Version: build.String(),
|
||||||
InvitesOpen: cfg.Admin != nil && cfg.Admin.InvitesOpen,
|
InvitesOpen: cfg.Invites != nil && cfg.Invites.InvitesOpen,
|
||||||
RequiresInviteToken: cfg.Registration != nil && cfg.Admin.InviteTokenStrategy == "store",
|
RequiresInviteToken: cfg.Invites != nil && cfg.Invites.TokenStrategy == "store",
|
||||||
}
|
}
|
||||||
if cfg.Admin != nil {
|
if cfg.Admin != nil {
|
||||||
data.TouLink = cfg.Admin.TouLink
|
data.TouLink = cfg.Admin.TouLink
|
||||||
data.InviteTokenContact = cfg.Admin.InviteTokenContact
|
}
|
||||||
if cfg.Passwords != nil {
|
if cfg.Invites != nil {
|
||||||
data.PasswordRequirements = &rest_model_zrok.PasswordRequirements{
|
data.InviteTokenContact = cfg.Invites.TokenContact
|
||||||
Length: int64(cfg.Passwords.Length),
|
}
|
||||||
RequireCapital: cfg.Passwords.RequireCapital,
|
if cfg.Passwords != nil {
|
||||||
RequireNumeric: cfg.Passwords.RequireNumeric,
|
data.PasswordRequirements = &rest_model_zrok.PasswordRequirements{
|
||||||
RequireSpecial: cfg.Passwords.RequireSpecial,
|
Length: int64(cfg.Passwords.Length),
|
||||||
ValidSpecialCharacters: cfg.Passwords.ValidSpecialCharacters,
|
RequireCapital: cfg.Passwords.RequireCapital,
|
||||||
}
|
RequireNumeric: cfg.Passwords.RequireNumeric,
|
||||||
|
RequireSpecial: cfg.Passwords.RequireSpecial,
|
||||||
|
ValidSpecialCharacters: cfg.Passwords.ValidSpecialCharacters,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return metadata.NewConfigurationOK().WithPayload(data)
|
return metadata.NewConfigurationOK().WithPayload(data)
|
||||||
|
@ -20,6 +20,10 @@ func newInviteHandler(cfg *config.Config) *inviteHandler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *inviteHandler) Handle(params account.InviteParams) middleware.Responder {
|
func (h *inviteHandler) Handle(params account.InviteParams) middleware.Responder {
|
||||||
|
if h.cfg.Invites == nil || !h.cfg.Invites.InvitesOpen {
|
||||||
|
logrus.Warn("not accepting invites; attempt from '%v'", params.Body.Email)
|
||||||
|
return account.NewInviteBadRequest()
|
||||||
|
}
|
||||||
if params.Body == nil || params.Body.Email == "" {
|
if params.Body == nil || params.Body.Email == "" {
|
||||||
logrus.Errorf("missing email")
|
logrus.Errorf("missing email")
|
||||||
return account.NewInviteBadRequest()
|
return account.NewInviteBadRequest()
|
||||||
@ -38,7 +42,7 @@ func (h *inviteHandler) Handle(params account.InviteParams) middleware.Responder
|
|||||||
}
|
}
|
||||||
defer func() { _ = tx.Rollback() }()
|
defer func() { _ = tx.Rollback() }()
|
||||||
|
|
||||||
if h.cfg.Admin != nil && h.cfg.Admin.InviteTokenStrategy == "store" {
|
if h.cfg.Invites != nil && h.cfg.Invites.TokenStrategy == "store" {
|
||||||
inviteToken, err := str.FindInviteTokenByToken(params.Body.Token, tx)
|
inviteToken, err := str.FindInviteTokenByToken(params.Body.Token, tx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.Token, params.Body.Email, err)
|
logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.Token, params.Body.Email, err)
|
||||||
|
29
etc/ctrl.yml
29
etc/ctrl.yml
@ -23,18 +23,6 @@ admin:
|
|||||||
# If `tou_link` is present, the frontend will display the "Terms of Use" link on the login and registration forms
|
# If `tou_link` is present, the frontend will display the "Terms of Use" link on the login and registration forms
|
||||||
#
|
#
|
||||||
tou_link: '<a href="https://google.com" target="_">Terms and Conditions</a>'
|
tou_link: '<a href="https://google.com" target="_">Terms and Conditions</a>'
|
||||||
#
|
|
||||||
# To allow open invites to your `zrok` instance, set `invites_open` to `true`
|
|
||||||
#
|
|
||||||
invites_open: true
|
|
||||||
#
|
|
||||||
# Set `token_strategy` to `store` to require an invite token.
|
|
||||||
#
|
|
||||||
#token_strategy: store
|
|
||||||
#
|
|
||||||
# Set `invite_token_contact` to include an email address or a URL where an invite token can be requested
|
|
||||||
#
|
|
||||||
invite_token_contact: invites@zrok.io
|
|
||||||
|
|
||||||
# The `bridge` section configures the `zrok controller metrics bridge`, specifying the source and sink where OpenZiti
|
# The `bridge` section configures the `zrok controller metrics bridge`, specifying the source and sink where OpenZiti
|
||||||
# `fabric.usage` events are consumed and then sent into `zrok`. For production environments, we recommend that you use
|
# `fabric.usage` events are consumed and then sent into `zrok`. For production environments, we recommend that you use
|
||||||
@ -65,6 +53,23 @@ email:
|
|||||||
password: ""
|
password: ""
|
||||||
from: ziggy@zrok.io
|
from: ziggy@zrok.io
|
||||||
|
|
||||||
|
# Invites
|
||||||
|
#
|
||||||
|
invites:
|
||||||
|
#
|
||||||
|
# Setting `invites_open` to `true` will allow your service instance to allow users to request invites.
|
||||||
|
#
|
||||||
|
invites_open: false
|
||||||
|
#
|
||||||
|
# Setting `token_strategy` to `store` will use the `invite_tokens` table in the database for available invite tokens.
|
||||||
|
#
|
||||||
|
token_strategy: store
|
||||||
|
#
|
||||||
|
# Setting `token_contact` to something other than an empty string will show the contact information in the
|
||||||
|
# `zrok invite` command.
|
||||||
|
#
|
||||||
|
token_contact: invite@zrok.io
|
||||||
|
|
||||||
# Service instance limits configuration.
|
# Service instance limits configuration.
|
||||||
#
|
#
|
||||||
# See `docs/guides/metrics-and-limits/configuring-limits.md` for details.
|
# See `docs/guides/metrics-and-limits/configuring-limits.md` for details.
|
||||||
|
Loading…
Reference in New Issue
Block a user