AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,987 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

121 Commits

Author SHA1 Message Date
Marcus Hill d94b9ce7bb Login related tidying 
- Feature: Show users their remember-me tokens and allow them to be revoked
- Log when a user generates a remember-me token during sign in
- General refactoring and tidying up
 2024-03-30 23:19:50 +00:00
Marcus Hill 6432ee0486 BUGFIX: Login with and actually decrypt the master encryption key 2024-02-23 21:20:03 +00:00
o-psi 5d620d041a Fix user role and other definitions 2024-02-22 12:15:15 -06:00
o-psi c2cf0bb448 Change remember me tokens to a many:many table to allow for multiple devices to be remembered. 2024-02-22 17:45:09 +00:00
johnnyq 14cb4bb09a set the remember me token from 14 Days to 2 Days or 48 Hours 2024-02-19 15:00:32 -05:00
johnnyq 01b717615e Added favicon condition everywhere 2024-02-03 13:18:20 -05:00
johnnyq 9ce280d80d Fix Redirect to non-existent page after login when force MFA is enabled 2024-01-24 15:46:30 -05:00
johnnyq 92ccd7de14 Update/Fix Mail Functions in POST/contact.php and event.php - sanitize POST vars instead the whole mail subject and body which prevents having a mixed of confusing redundant escaped and unescaped vars also fixed scheduling calendar events was not working to send an email out 2024-01-20 19:08:51 -05:00
johnnyq e8a53cbd6a Update new mail queue function to use the proper mail from name and mail from email 2023-12-21 01:37:21 -05:00
o-psi 98f731b4d4 Remove any "Send Single Email" declarations except in mail queue. 
All emails go through the mail queue, using the addToMailQueue() function.
 2023-12-19 23:02:05 +00:00
johnnyq 41ba04b881 Spacing Tidy 2023-11-21 17:37:30 -05:00
johnnyq 90bb9499d5 Moved Remember Me to the Enter MFA Screen Only 2023-11-21 17:36:45 -05:00
johnnyq f18bb340bf Keep the Remember Me checkbox selected upon inital submit 2023-11-20 21:18:35 -05:00
johnnyq 0d6c58f1d0 Added Remember Me option by checking this you wont have to enter your MFA for up to 14 days on the device 2023-11-20 20:49:33 -05:00
johnnyq 3781026c79 Commented Out Remember me as it is not feature complete yet 2023-11-17 14:21:41 -05:00
johnnyq 3f2f405596 Allow Manual Input of Trip Destination or select from client locations, Added Remember me checkbox for future implementation 2023-11-06 19:37:48 -05:00
o-psi 53c11edc8c Update constructs to not have parenthesis. 2023-10-20 15:25:52 -05:00
johnnyq 1ccaa936ac Removed number type on 2FA input field replaced with text and inputmode='numeric' pattern='[0-9]*' 2023-09-22 12:43:18 -04:00
johnnyq 0bc10a30e8 Fix issue with login being restricted if HTTPS_ONLY is True and SSL is terminated at a proxy and then forwarded to ITFlow App as HTTP 2023-09-21 12:00:46 -04:00
johnnyq d31127c137 set current code to an intval since its a number only 2023-09-20 14:58:05 -04:00
johnnyq 40d34bb71d Set 2FA Field on login to a number field so it only shows the numbers on a mobile phone 2023-09-20 14:53:07 -04:00
johnnyq 5938925a35 Added an error if accessing ITFlow by HTTP:// and is set to true 2023-09-20 14:51:29 -04:00
johnnyq 747b7de143 Feature: Force MFA Part 3 - Enforce MFA by redirecting users to their user_profile to setup MFA if Force MFA is checked, next up is to lock them there until 2FA is set 2023-09-06 00:08:21 -04:00
johnnyq 1ed4eeaafc Remove extra bottom margin below error msg on client login 2023-08-20 15:43:39 -04:00
johnnyq 1d0e2ad758 Removed some of the right and left padding to allow for larger login messages 2023-08-20 15:27:43 -04:00
johnnyq 0d497163fe Feature: Login Message now complete can be set in settings > security 2023-08-18 15:35:31 -04:00
johnnyq fda0d203ed Feature: Added Start Page functionality 2023-08-16 13:23:30 -04:00
Marcus Hill a966bf0282 Adjust content security policy 2023-06-17 16:13:02 +01:00
Marcus Hill 95cd0ebdc8 Adjust CSP 2023-06-17 16:01:15 +01:00
Marcus Hill 57dab27169 Login page enhancements 
- Default to secure cookies (in case var is not defined in config.php)
- Enable content security policy
- Return HTTP 401 response code for invalid username/password combinations
 2023-06-17 15:09:01 +01:00
johnnyq 25f85486d4 Client Portal can now be enabled or disabled in settings > Modules > Enable Client Portal, it is enabled by default 2023-06-14 19:07:39 -04:00
Marcus Hill 1175cc4ade Enable login key code (see #680) 2023-06-03 21:04:43 +01:00
Marcus Hill 5d6d7e389e Add database structure for 'login key' protection concept 2023-05-13 21:49:09 +01:00
johnnyq 37fb696e63 Replace the remaining php files with nullable_htmlentites() 2023-05-11 18:27:48 -04:00
johnnyq 48fe49cf77 BREAKING CHANGES - MAKE FULL BACKUP BEFORE PROCEEDING - Requires Manual Intervention on files see Forum Post Make sure you run the Database update directly after update. This Removes Multi-Company Functionality. Fixes issues with Reponsive tables and bunch of other UI and small Fixes 2023-03-11 16:16:46 -05:00
johnnyq f7552cd25a Finished up santizeInput Conv and UI updates 2023-02-23 16:09:37 -05:00
johnnyq 8a91ae0e46 More updating with new sanitize function and more logging and alerting cont 2023-02-16 22:26:38 -05:00
Marcus Hill 5bb4296f14 Adjust core files to 4 spaces 2023-02-12 14:40:10 +00:00
Marcus Hill c219324bb8 General cleanup/formatting 2023-02-09 11:42:57 +00:00
Marcus Hill b36719eb99 General cleanup/tidying 2023-02-09 11:32:40 +00:00
Marcus Hill e8c9e63a7b Add X-Frame-Options to login pages & client portal 2023-02-05 18:43:50 +00:00
Marcus Hill d2124b92f1 Hide the username and password field (via CSS) when prompting for 2FA code 2023-01-30 18:55:30 +00:00
Johnny 4fd6d752c6
Merge pull request #580 from wrongecho/function-standardise 
Convert custom function names to camelCase
 2023-01-26 18:20:33 -05:00
Marcus Hill 531bd25f27 Convert custom function names to camelCase 2023-01-26 22:03:31 +00:00
Marcus Hill 10362f86ef Convert custom function names to camelCase 2023-01-26 21:58:27 +00:00
Marcus Hill 23e3a2e8fc - Create custom function (randomString()) for generating cryptographically (and URL) safe strings. 
- Replace usages of keygen and bin2hex(random_bytes()) with this function.
 2023-01-26 21:35:06 +00:00
Marcus Hill cffde0fbbd Tidy 2023-01-25 23:07:37 +00:00
Marcus Hill 0f3b6b5d23 Add alt-text to logo 2023-01-25 23:04:45 +00:00
Marcus Hill 67e1fb7021 Show the 'default' company logo (if configured) on the client login page instead of the ITFlow/company name text 2023-01-25 23:04:45 +00:00
Marcus Hill 95aa46cd52 Show the 'default' company logo (if configured) on the agent login page instead of the ITFlow text 2023-01-25 23:04:45 +00:00