Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix CSP for disqus and Google Analytics | Sheogorath | 2018-03-30 | 1 | -1/+3 |
| | | | | | | | | | | | | | This commit should fix existing problems with Disqus and Google Analytics enabled in the meta-yaml section of a note. Before this commit they were blocked by the strict CSP. It's still possible to disable the added directives using `addDisqus` and `addGoogleAnalytics` in the `csp` config section. They are enabled by default to prevent breaking changes. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | Remove unused LDAP option `tokenSecret` | Felix Schäfer | 2018-03-05 | 1 | -1/+0 |
| | | | | | | hackmdio/hackmd#754 Signed-off-by: Felix Schäfer <felix@thegcat.net> | ||||
* | Introduce ldap.useridField | Dustin Frisch | 2018-03-01 | 1 | -1/+2 |
| | | | | Signed-off-by: Dustin Frisch <fooker@lab.sh> | ||||
* | Add README and `config.json.example` content | Sheogorath | 2018-01-23 | 1 | -0/+7 |
| | | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | Merge pull request #598 from xxyy/feature/csp | Christoph (Sheogorath) Kern | 2018-01-22 | 1 | -3/+10 |
|\ | | | | | Implement basic CSP support | ||||
| * | Move CSP logic to new file, Fix boolean config examples | Literallie | 2017-10-22 | 1 | -5/+5 |
| | | | | | | | | Not sure why I was quoting these in the first place | ||||
| * | Change CSP config format to be more intuitive | Literallie | 2017-10-22 | 1 | -0/+7 |
| | | |||||
* | | Fix config.json.example format error | Xiaodong Xu | 2018-01-09 | 1 | -1/+1 |
| | | |||||
* | | Merge branch 'master' into ldap-username-field | Christoph (Sheogorath) Kern | 2017-12-12 | 1 | -1/+1 |
|\ \ | |||||
| * | | parse HMD_LDAP_SEARCHATTRIBUTES env var as a comma-separated array | alecdwm | 2017-12-09 | 1 | -1/+1 |
| | | | | | | | | | | | | Signed-off-by: Alec WM <firstcontact@owls.io> | ||||
* | | | Add setting `ldap.usernameField` | Lukas Kalbertodt | 2017-12-09 | 1 | -0/+1 |
|/ / | | | | | | | | | | | | | | | This determines which ldap field is used as the username on HackMD. By default, the "id" is used as username, too. The id is taken from the fields `uidNumber`, `uid` or `sAMAccountName`. To give the user more flexibility, they can now choose the field used for the username instead. | ||||
* | | added guide for SAML settings | Norihito Nakae | 2017-12-04 | 1 | -1/+0 |
| | | |||||
* | | fixed the SAML callback URL to unconfigurable. | Norihito Nakae | 2017-11-29 | 1 | -1/+0 |
| | | |||||
* | | Initial support for SAML authentication | Norihito Nakae | 2017-11-28 | 1 | -0/+16 |
| | | |||||
* | | added auth docs and images for GitHub and Twitter | Devon Jue | 2017-11-08 | 1 | -1/+7 |
| | | |||||
* | | Add mattermost authentication | Christoph Witzany | 2017-10-31 | 1 | -0/+5 |
|/ | |||||
* | Make HSTS behaviour configurable; Fixes #584 | Literallie | 2017-10-13 | 1 | -0/+9 |
| | |||||
* | Add config option for gitlab api scope and auto adapt gitlab snippet feature ↵ | Wu Cheng-Han | 2017-03-14 | 1 | -1/+2 |
| | | | | on it | ||||
* | Change database config development to sqlite, test to memory | bananaappletw | 2017-02-04 | 1 | -8/+3 |
| | |||||
* | Merge branch 'frontend-next' into t216-refactor-common | Yukai Huang | 2017-01-15 | 1 | -0/+12 |
|\ | |||||
| * | Merge pull request #279 from alecdwm/ldap-auth | Max Wu | 2017-01-09 | 1 | -0/+12 |
| |\ | | | | | | | Support for LDAP server authentication | ||||
| | * | Initial support for LDAP server authentication | alecdwm | 2016-12-13 | 1 | -0/+12 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Limitations as of this commit: - tlsOptions can only be specified in config.json, not as env vars - authentication failures are not yet gracefully handled by the UI - instead the error message is shown on a blank page (/auth/ldap) - no email address is associated with the LDAP user's account - no picture/profile URL is associated with the LDAP user's account - we might have to generate our own access + refresh tokens, because we aren't using oauth. The currently generated tokens are just a placeholder. - 'LDAP Sign in' needs to be translated to each locale | ||||
* | | | Add google apiKey & dropbox appKey to config.json | Yukai Huang | 2017-01-14 | 1 | -2/+4 |
|/ / | |||||
* | | Fix config mistake | bananaappletw | 2016-12-24 | 1 | -2/+4 |
| | | |||||
* | | Add sqlite for test environment | bananaappletw | 2016-12-22 | 1 | -0/+4 |
|/ | |||||
* | Create example config | Yukai Huang | 2016-10-05 | 1 | -0/+52 |