Commit Graph

978 Commits

Author SHA1 Message Date
si458 aa87fd61bb maybe fix weird undefined user login accepted #5870
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-03-01 15:45:39 +00:00
Ylian Saint-Hilaire f2e43cc6da Added option to check HTTP origin. 2024-02-17 11:22:38 -08:00
si458 0b0f2999db fix meshcentral assistant downloads
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-14 16:45:04 +00:00
Simon Smith 7c2eea68b6
Fix meshcentral assistant monitor mode always using direct connect mode (#5693)
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-13 10:52:17 -08:00
si458 c248eada46 add blob to frame-src csp for intel amt #5678
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-09 13:00:24 +00:00
Simon Smith e967f00977
allow setting meshcentral assistant type for agentinvites (#5672)
* allow setting meshcentral assistant type for agentinvites

Signed-off-by: si458 <simonsmith5521@gmail.com>

* forgot webserver for assistantTypeAgentInvite

Signed-off-by: si458 <simonsmith5521@gmail.com>

* dont use capital letters with domain args

Signed-off-by: si458 <simonsmith5521@gmail.com>

---------

Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-07 22:21:54 -08:00
Simon Smith e4001e67ef
add language selector to login (#5648)
* add language selector to login

* add showLanguageSelect to pick top or bottom boxe
2024-01-04 02:17:27 +00:00
jrf280 bc0550a791
Added device group name to search results as config option (#5544) 2023-11-12 15:18:00 -08:00
Simon Smith c05cbeae88
showNotesPanel in device view (#5543)
Signed-off-by: si458 <simonsmith5521@gmail.com>
2023-11-12 10:13:21 -08:00
Simon Smith b7385e382c
fix agentaliasdns display (#5518) 2023-11-07 00:10:12 +00:00
gomeghi a8aa294199
add connect-flash for generic open oidc (#5497) 2023-11-04 11:30:22 -07:00
Simon Smith 47767e86a1
add android apk to web ui (#5449)
* add android apk to web ui

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* add amazon and google buttons instead

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* add android link and brand icons to agentinvite

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* oops change mysql back

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* add android to agentinvite selector

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* forgot paragraph begin

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

---------

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-10-20 17:29:48 -07:00
Ylian Saint-Hilaire 6e1138ee5b Added scrollToTop option in domain section of the config.json. 2023-10-08 21:33:23 -07:00
Ylian Saint-Hilaire a0b7280893
Merge pull request #5398 from Ylianst/hide-powerstate
hidePowerTimeline
2023-10-06 12:16:06 -07:00
Simon Smith 4171a0766f fix pwa manifest
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-10-06 18:24:51 +00:00
Simon Smith 82c94cdf9d rename hidepowerstate to hidepowertimeline 2023-10-06 12:31:25 +00:00
Simon Smith 8b8ec48430 hide powerstate with hidepowerstate
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-10-06 12:01:04 +00:00
Ylian Saint-Hilaire 3a3663bb55 Improvements to show config option in MyServer tab. 2023-10-03 20:35:02 -07:00
Simon Smith 403c313771 update passport to 0.6.0
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-09-07 08:26:13 +01:00
Ylian Saint-Hilaire b1d2d1aea9 Started work on support for loading ECDSA certificates as HTTPS cert. 2023-08-20 23:29:08 -07:00
Simon Smith 258d7d1d12 update ua-parser-js to latest npm
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-08-08 16:13:31 +01:00
jirijanata 3f0d9484b7
If is user using 2FA the basic URL user and pass method fails.
https://github.com/Ylianst/MeshCentral/issues/4870

If user has 2FA enabled and tries to login with URL parameters then the login should fail.
2023-07-05 19:15:18 +02:00
Gaston Meghinasso 181d4db0fe add oidc options from config if they exist 2023-05-21 22:18:53 -03:00
Ylian Saint-Hilaire 775568c7a7 Added Windows ARM 64bit support. 2023-04-14 13:36:34 -07:00
Martin Mädler d698760d30 Fix pluginHandler access 2023-02-01 14:04:23 +01:00
Martin Mädler a8f89e1068 Add hook to allow adding custom api endpoints to Express routing 2023-01-27 12:28:33 +01:00
Ylian Saint-Hilaire b52385406f Removed debug line. 2022-12-15 19:45:45 -08:00
Ylian Saint-Hilaire 79faaaee1f Fixed various server exceptions. 2022-12-10 12:02:33 -08:00
Joko Sastriawan b5338b746a fix: AMT Direct TLS connection and Digest authentication
- fix: ensure TLS is used when TLS is enabled
- add constants.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION for TLS client connection for newer Nodejs
- ensure nc of AMT redirection Digest authentication to have at 8 bytes length
2022-11-15 14:12:12 -07:00
Антон Мороз c1b59294cf Added displayname handling to SAML strategy 2022-11-06 09:50:24 +03:00
Ylian Saint-Hilaire 99fc690f4b Tuned HTTPS cipher suites to get A+ on SSL labs testing." 2022-11-02 22:36:03 -07:00
Ylian Saint-Hilaire 3a22bfbc24 Fixed issue with TLS certificate that had an no issuer CN (#4681) 2022-11-02 10:45:10 -07:00
Ylian Saint-Hilaire e74a308113 Added relay right and fixed relay permissions (#4682) 2022-11-01 16:05:36 -07:00
Ylian Saint-Hilaire 0c2c55726e Fixed web relay when used with local device group. 2022-11-01 14:23:46 -07:00
Ylian Saint-Hilaire 6f234f83fc Fixed handleStrategyLogin() server exception. 2022-10-26 14:45:22 -07:00
Ylian Saint-Hilaire 41fb7d4f42 Fixed guest web relay session revocation (#4667) 2022-10-25 11:14:26 -07:00
Ylian Saint-Hilaire 392c34bbd0 Updated MeshCentral Router to support messaging 2FA (#4650) 2022-10-24 07:13:20 -07:00
Ylian Saint-Hilaire e2cf723c6a Added support for 2FA messaging (#4650) 2022-10-22 12:59:12 -07:00
Ylian Saint-Hilaire 7e3dce0ef7 First pass at adding Telegram support (#4650) 2022-10-22 07:23:55 -07:00
Ylian Saint-Hilaire 1abaa54b62
Merge pull request #4521 from mstrhakr/bug-4520
BUG: Fix handleStrategyLogin checking undefined property.
2022-09-07 08:10:28 -07:00
silversword411 8a34b88151
Typo???? Please check! 2022-09-07 10:41:20 -04:00
silversword411 597c67bb1f
typo squashing 2022-09-07 10:40:36 -04:00
mstrhakr b0ec3af9bb Fix checking sub property before parent property
fixes bug 4520
2022-09-07 10:31:02 -04:00
mstrhakr 25345fe6b5 fix bug with required group + debug cleanup 2022-09-06 17:58:37 -04:00
Ylian Saint-Hilaire 1ae01b2113 Added LDAP site admin support, OpenID samples and schema and more (#4506) 2022-09-06 00:30:07 -07:00
mstrhakr 5619948d31 Added Group Support to OIDC
Supports choosing groups to..
  -Allow or restrict login to server
  -Sync with user groups (with / without filter)
  -Grant or revoke site admin privileges
2022-09-06 00:29:22 -04:00
mstrhakr 60ee315b79 actually working discovery 2022-09-04 19:41:14 -04:00
mstrhakr 7ec476ec4d initial working discovery
if user is missing info, we will discover it automatically using well-known endpoints
2022-09-04 15:18:53 -04:00
mstrhakr c8774e700b update oidc scope
passport-openidconnect adds the 'openid' scope to the request, regardless of if its already there.
removed 'openid' scope
removed unused 'groups' scope
2022-09-03 18:22:26 -04:00
Ylian Saint-Hilaire d1e04a7ca7 Fixed SSPI authentication exception. 2022-09-03 00:32:49 -07:00
Ylian Saint-Hilaire 49e04bd454 Improved user authentication log and added 'authlog' tracing. 2022-09-01 22:06:08 -07:00
mstrhakr 03e15c6be1 update oidc passport module
Updated to official passport-openidconnect module, removed custom module.
2022-08-31 23:51:24 -04:00
Ylian Saint-Hilaire d4d1f7d454 MeshCMD is now signed using the MeshCentral code signing cert. 2022-08-31 01:36:23 -07:00
Ylian Saint-Hilaire 0bf459bb51 Many web relay improvements and fixes (#4467, #4456) 2022-08-30 17:53:27 -07:00
Ylian Saint-Hilaire f7dc1d749b Added 'keepcerts' option to force keeping HTTPS/MPS cert. 2022-08-26 15:43:12 -07:00
Ylian Saint-Hilaire 4fe394226c Improved web relay sharing (#4413) 2022-08-25 21:10:09 -07:00
Ylian Saint-Hilaire 5d7fabfc21 Added guest web sharing of HTTP/HTTPS (#4413) 2022-08-25 20:11:47 -07:00
Ylian Saint-Hilaire 6b1b034c61 Fixed device sharing links when using in LAN mode. 2022-08-24 14:10:40 -07:00
Ylian Saint-Hilaire fcfe4d964e Intel AMT tab will now show up in the correct language if available. 2022-08-22 13:06:25 -07:00
Ylian Saint-Hilaire 334a9b8321 Added LDAPSyncWithUserGroups to config.json schema (#4415) 2022-08-22 11:57:11 -07:00
Ylian Saint-Hilaire 00765288e6 Added LDAP membership user group sync options (#4415) 2022-08-22 11:43:45 -07:00
Ylian Saint-Hilaire 6b4179c20c Added LDAP debug improvements. 2022-08-21 22:19:57 -07:00
Ylian Saint-Hilaire 8dd07495f5 MeshCentral will now auto-create LDAP user groups and sync users to their membership groups when the login using LDAP. (#4415) 2022-08-21 21:19:34 -07:00
Ylian Saint-Hilaire daa4c60b77 You can now restrict what LDAP users can login based on LDAP membership groups (#4415) 2022-08-21 14:05:51 -07:00
Ylian Saint-Hilaire 8d1eab20e5 Logout will not redirect to /login (#4420) 2022-08-21 00:41:17 -07:00
Ylian Saint-Hilaire ab84719afe Fixed saving run command dialog state on the server. 2022-08-19 13:42:44 -07:00
Ylian Saint-Hilaire 0ae91ede62 Fix for SAML (#4408) 2022-08-18 00:37:39 -07:00
Ylian Saint-Hilaire 4092615c63 Fixed auth strategies when using with a second domain with a DNS (#4404) 2022-08-17 14:14:56 -07:00
Ylian Saint-Hilaire 2c9fcdbfd0 Fixed U2F server exception (#4346) 2022-07-31 11:25:28 -07:00
Ylian Saint-Hilaire c8d8fc422c When doing session IP address checkingin default 'lax' mode, if both addresses are private/loopback, it's now accepted as a match. 2022-07-28 15:12:28 -07:00
Daniel Castellanos ddbd76e254
Fix for #4307
Added missing equals sign when checking null session
2022-07-22 23:01:43 +00:00
Ylian Saint-Hilaire 3dd8531ef9 Added code to skip the agent code signing certificate if missing and getting certs from database or vault (#4299) 2022-07-21 17:17:08 -07:00
Ylian Saint-Hilaire 46e511ef95 Fixed webserver.js exception. 2022-07-21 16:10:01 -07:00
Ylian Saint-Hilaire 4db8ff3946 Fixed webserver.js exception. 2022-07-21 16:08:38 -07:00
Ylian Saint-Hilaire 034ebc986c LDAP debug improvements. 2022-07-20 13:35:59 -07:00
Ylian Saint-Hilaire 61e486ba38 Added support for LDAP account images (#4283) 2022-07-20 12:57:24 -07:00
Ylian Saint-Hilaire b7bc172c40 ldapUserName and ldapUserRealname can now be set to for example: {{{givenName}}} {{{sn}}} (#4276) 2022-07-20 00:50:32 -07:00
Ylian Saint-Hilaire 58cd5e3bea LDAP improvements (#4276) 2022-07-20 00:10:09 -07:00
Ylian Saint-Hilaire 466c765df5 LDAP improvements (#4283) 2022-07-19 13:50:40 -07:00
Ylian Saint-Hilaire 954e5cde32 ldapSaveUserToFile will now append the file (#4276) 2022-07-18 16:18:15 -07:00
Ylian Saint-Hilaire b3dd3d3613 Added ldapSaveUserToFile option to help debug LDAP issues. 2022-07-18 16:12:53 -07:00
Ylian Saint-Hilaire 9f4c2cc53e Fix for SSPI auth un-authorized. 2022-07-15 13:13:53 -07:00
Ylian Saint-Hilaire acb9a5bb6e Fixed Web-RDP when used with non-default domain (#4271) 2022-07-14 15:18:41 -07:00
Ylian Saint-Hilaire 66b0315624 Browser session security improvements. 2022-07-12 17:45:19 -07:00
Ylian Saint-Hilaire 04fb1f2bf0 Added CAPTCHA option when creating new accounts on login screen. 2022-07-11 14:35:05 -07:00
Ylian Saint-Hilaire 4382899468 Clean up cookie-session instance. 2022-07-11 11:19:04 -07:00
Ylian Saint-Hilaire 626c490771 Switch browser cookie signature from SHA1 to SHA384. 2022-07-11 11:11:03 -07:00
Ylian Saint-Hilaire a151dcbfe6 Web relay can now handle connection:close responses. 2022-07-10 13:08:28 -07:00
Ylian Saint-Hilaire 5eca4eecee Completed support for web relay with multiple DNS names. 2022-07-10 11:32:59 -07:00
Ylian Saint-Hilaire 1a72126c4f Added DELETE and OPTIONS as supported web relay methods, #4241 2022-07-10 10:50:57 -07:00
Ylian Saint-Hilaire a0ea6ead09 Put in the groundwork for web relay with multiple relay DNS names. 2022-07-10 01:32:11 -07:00
Ylian Saint-Hilaire bd9739e106 Changed the web relay system to correctly with multiple DNS names, #4242 2022-07-09 13:32:55 -07:00
Ylian Saint-Hilaire 9dac8b7807 Web relay improvements, #4240 2022-07-08 18:00:15 -07:00
Ylian Saint-Hilaire 40bc91b6f3 Many CrowdSec improvements. 2022-07-07 21:51:09 -07:00
Simon Smith e72614296c
fix dns relay and samesite lax 2022-07-07 14:57:48 +01:00
Ylian Saint-Hilaire 695e3068de Fixed server exception when using agent installation invite codes, #4233 2022-07-06 23:39:36 -07:00
Ylian Saint-Hilaire 947d9094cb Added support for Crowdsec, an open-source and collaborative IPS (Intrusion Prevention System) 2022-07-06 20:34:04 -07:00
Ylian Saint-Hilaire e89effac46 Added options to remove the SSH Connect and SFTP connect from the terminal and files tab when other options exist, #4214 2022-07-05 14:25:38 -07:00
Ylian Saint-Hilaire 568097597c Web relay with DNS now uses the main HTTPS alias port when set, #4210. 2022-07-05 13:21:14 -07:00
Simon Smith d16523af7b
fix backup code visibility 2022-07-05 18:42:00 +01:00