mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-01-13 13:09:58 -06:00
Code Issues Packages Projects Releases Wiki Activity
4,438 Commits 17 Branches 227 Tags
345feb910dce7ab28998b248d94deefedbf23037
Commit Graph

34 Commits

Author SHA1 Message Date
bergware
345feb910d Translation support updates + csrf correction 2021-05-31 09:48:54 +02:00
Tom Mortensen
bba1d930a4 Force creation of root password 2021-05-30 14:57:08 -07:00
Tom Mortensen
8d842af3f1 login: implement max 3 failed login attempts per 15 mimute interval 2021-04-07 14:05:59 -07:00
Tom Mortensen
8c9d08f9a6 correct login from wrong default case icon displayed 2020-11-04 13:49:59 -08:00
Eric Schultz
68de48b1b3 Revert "store WAN IP in the login session" 
This reverts commit 30a006eab0.
 2020-07-15 15:37:55 -05:00
Eric Schultz
30a006eab0 store WAN IP in the login session 2020-07-09 21:48:04 -05:00
realies
4cfd4e955a turn off username autocomplete 2020-04-01 02:12:29 +01:00
Larry Meaney
1f0dde19e7 Block referrals to 3rd Party Sites 2020-02-08 16:03:17 -08:00
Squidly271
cd4ed0062f Fix link for Password Recovery on login screen 2020-01-26 10:51:35 -05:00
Eric Schultz
7a76a7c736 login page favicon now matches the green/yellow/red icon from the other webgui pages 2020-01-17 04:47:20 -06:00
Eric Schultz
23c7c420ee Revert "remove cache-busters from login page" 
This reverts commit 78aa59a317.
 2020-01-16 15:03:57 -06:00
bergware
76323ecc5c Login: trim trailing spaces 2020-01-12 22:31:09 +01:00
bergware
7bc3ddfded login: autocapitalize="none" 2020-01-12 22:26:45 +01:00
bergware
7805001f1f Select username field when login page is loaded 2020-01-12 10:06:56 +01:00
Eric Schultz
78aa59a317 remove cache-busters from login page 2020-01-10 14:35:55 -06:00
Larry Meaney
11475152e8 clear session variables 
need to clear session variables, session_destroy() doesn't take care of that
 2019-10-19 08:55:05 -07:00
Larry Meaney
0e3f8bdd0f Only create session when user successfully logs in 
Also, enable session.use_strict_mode to prevent session fixation attacks
 2019-10-18 22:53:06 -07:00
Eric Schultz
cddb1b4946 logger tag rename WebUI --> webGUI 2019-10-10 16:43:32 -05:00
Squidly271
7215d08a31 Include WebUI Tag 2019-10-10 09:18:12 -04:00
Squidly271
5dd7dd67d6 Log webUI login attempts 
Maybe I'm just paranoid, but with ports open, a reverse proxy thru unraid.net, I wouldn't mind seeing any and all login attempts to the server
 2019-10-10 09:11:48 -04:00
Larry Meaney
a4b3da30df Add robots metatag and CSP to login page too 2019-09-28 17:48:18 -07:00
Eric Schultz
0f03ad6f98 remove csrf token from login page 2019-09-20 14:57:36 -05:00
Eric Schultz
655b3ed883 Use samesite=strict for the login session cookie 2019-09-16 03:00:34 -05:00
Eric Schultz
01bd18b46f remove leading dot in login cookie domain 2019-09-08 16:45:57 -05:00
Eric Schultz
0b765531fe logon session uses a unique name now 2019-09-07 01:42:06 -05:00
Eric Schultz
facb1fbe86 only secure cookies when using https 2019-09-06 13:37:03 -05:00
Eric Schultz
c6b1b4a61b strip port number from cookie domain 2019-09-04 19:31:09 -05:00
Eric Schultz
4769995968 regenerate session id upon logout 2019-09-04 00:12:09 -05:00
Eric Schultz
464a187d42 use a valid shortcut icon for the login page 2019-09-03 23:15:50 -05:00
Eric Schultz
b0f8f47c24 regenerate session id upon login 2019-09-03 23:05:18 -05:00
Eric Schultz
c148ed30f7 improve security on session cookie 2019-09-03 23:00:54 -05:00
Eric Schultz
ad988f5b99 show warning on login page when browser cookies are disabled 2019-08-30 14:54:21 -05:00
Eric Schultz
63053a8d1f remove 'admin' alias for login page 2019-08-30 14:30:42 -05:00
Tom Mortensen
4c6c950042 Support forms-based authentication for login/logout. 
Username 'admin' is alias for 'root'.
 2019-08-17 13:08:41 -07:00