Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[#1467] Add multi-user support in Auth basic plugin with dynamic user-password handling and update AUTH_BASIC_LOCATION regex to be more open

Browse source
This commit is contained in:
Théophile Diot 2024-12-31 18:28:49 +00:00
parent 5c21ecb9dc
commit 5e5130c398
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
3 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -13,6 +13,7 @@
- [FEATURE] Add country tracking to bans data
- [FEATURE] Refactored the way the database migrations are handled to make it more reliable and faster using alembic
- [FEATURE] Add configurable limit for SecRequestBodyNoFilesLimit in ModSecurity via the `MODSECURITY_REQ_BODY_NO_FILES_LIMIT` setting
- [FEATURE] Add multi-user support in `Auth basic` plugin
- [DEPRECATION] Remove `X-XSS-Protection` header from the `header` plugin as it is deprecated
- [DEPS] Updated coreruleset-v4 version to v4.10.0

12
src/common/core/authbasic/confs/server-http/htpasswd
View file

@ -1,4 +1,12 @@
{%- if USE_AUTH_BASIC == "yes" -%}
{%- set passlib_hash = import('passlib.hash') -%}
{{ AUTH_BASIC_USER }}:{{ passlib_hash.sha512_crypt.hash(AUTH_BASIC_PASSWORD) }}
{%- endif %}
{% for k, v in all.items() %}
{% if k.startswith("AUTH_BASIC_USER") and v != "" -%}
{% set user = v %}
{% set password = all[k.replace("USER", "PASSWORD")] if k.replace("USER", "PASSWORD") in all else "" %}
{% if password != "" %}
{{ user }}:{{ passlib_hash.sha512_crypt.hash(password) }}
{% endif %}
{% endif %}
{% endfor %}
{% endif %}

8
src/common/core/authbasic/plugin.json
View file

@ -20,7 +20,7 @@
"help": "URL of the protected resource or sitewide value.",
"id": "auth-basic-location",
"label": "Auth basic Location",
"regex": "^(sitewide|/[a-zA-Z0-9.\\/\\-]*)$",
"regex": "^.*$",
"type": "text"
},
"AUTH_BASIC_USER": {
@ -30,7 +30,8 @@
"id": "auth-basic-user",
"label": "Auth basic Username",
"regex": "^[\\w\\-]+",
"type": "text"
"type": "text",
"multiple": "auth-basic-credentials"
},
"AUTH_BASIC_PASSWORD": {
"context": "multisite",
@ -39,7 +40,8 @@
"id": "auth-basic-password",
"label": "Password",
"regex": "^.+",
"type": "password"
"type": "password",
"multiple": "auth-basic-credentials"
},
"AUTH_BASIC_TEXT": {
"context": "multisite",