All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Added extend session functionality
- Added & updated Weblate translations
- Added project, version, copyright information to POT file generation
- Refactored login page and styles to match latest changes in our theme
- Removed unused resources and updated dynamic configuration
- add tests, lint and publishing for gitlab CI
- migrate to hatchling instead of setuptools
- fix Content-type header to use application/json in wsgi.py
- change the name of LuCI cookies to adapt to the latest version of LuCI in TOS 7.0
- cookie: Drop compatibility for the 'samesite' cookie attribute for Python 3.7 and older.
- fix redirect to any origin on redirect
- fix empty cookie removal on logout
- argument
--luci-login
that enables login not only to Turris Authenticator but also to LuCI in one go
- updated translations
- translations
- automatic login if password is not set (required for initial setup)
- link to HTTPS documentation on login page
- replaced theme with Turris Bootstrap theme
- set cookie timeout to documented 10 minutes instead of 10 hours
- alert about insecure connection
- opportunistic redirect to HTTPS from HTTP
- magnet module is switched to fastcgi and everything is migrated to use that
- server now returns 401 error code when X-Requested-With header is send
- project is now named only turris-auth as it no longer is essentially dependent on Lighttpd
- website style migrated to the bootstrap version 4.6.0
- easy to exploit shell escape
- initial version of turris-auth with support for current Foris password