Commit Graph

593 Commits (a46cffb0a5795a26fbdf68f15ac562a2f14618be)

Author SHA1 Message Date
Steve Clement a46cffb0a5
Merge pull request #155 from SteveClement/master 2021-03-30 13:19:35 +09:00
Steve Clement 461c8af2d7
chg: [installer] Added centos, added note on slow MaxMind keygen 2021-03-30 13:18:18 +09:00
Steve Clement 67d7d06af2
Merge pull request #147 from SteveClement/maxmind
fix: [maxmind] catch 401 not authorized
2020-04-27 18:50:57 +09:00
Steve Clement fdcc13d9d7
fix: [maxmind] catch 401 not authorized 2020-04-27 18:49:51 +09:00
Alexandre Dulaunoy c201d9e3b8
Merge pull request #145 from automationator/master
Fixes MaxMind SHA256 installer bug
2020-03-24 07:23:58 +01:00
Matthew Wilson 109ffaa13d
Fixes MaxMind SHA256 installer bug
The command used to edit the sha256 MaxMind file caused it to be replaced with a null file. This properly edits the file in place.
2020-03-23 12:36:07 -04:00
Steve Clement f6e62aaf49
Merge pull request #144 from SteveClement/maxmind-fix
fix: [GeoIP] MaxMind now requires a free account
2020-02-20 15:02:55 +08:00
Steve Clement 1b585d8ff2
chg: [GeoIP] Properly clean all files 2020-02-20 14:48:26 +08:00
Steve Clement 8d28c5128d
fix: [GeoIP] Small refactor 2020-02-20 14:45:03 +08:00
Steve Clement 4de261ee62
fix: [GeoIP] MaxMind now requires a free account 2020-02-20 14:39:57 +08:00
mokaddem 6510e6dca1 chg: [diagnostic] Added new catches to better handle errors 2020-02-10 07:44:20 +01:00
Alexandre Dulaunoy d0b9e05fe8
Merge pull request #140 from VVX7/master
chg: [auth] conditionally send debug token
2019-12-20 21:54:58 +01:00
VVX7 ed7e5d03bf chg: [auth] only send debug token when MISP is running in debug mode. 2019-12-20 15:16:17 -05:00
VVX7 ad1e776906 chg: [misp_login] remove debug field 2019-11-20 15:49:32 -05:00
Alexandre Dulaunoy 28200e4862
Merge pull request #139 from cudeso/master
SSL for Flask server
2019-11-13 20:46:34 +01:00
Koen Van Impe c5644f52f0 SSL for Flask server 2019-11-13 19:05:54 +01:00
Sami Mokaddem 8a49904235
chg: [README] Added Authentication section 2019-10-30 15:06:25 +01:00
Sami Mokaddem 5967a9d34a
Merge pull request #135 from mokaddem/improvements-login-diagnostic
Improvements on login and diagnostic
2019-10-29 16:40:05 +01:00
mokaddem f1c5c76ec5 chg: [login/diagnostic] Added catch if a secure cookie can't be set 2019-10-29 15:42:58 +01:00
mokaddem ad041c5f77 fix: [login/diagnostic] Return data with the expected format 2019-10-29 15:12:43 +01:00
mokaddem ce4aa82c0a chg: [login/diagnostic] Improved login errors feedback and adjusted
diagnostic
2019-10-29 14:52:10 +01:00
Sami Mokaddem d390a169b5
Merge pull request #130 from MISP/authImprovements
Few authentication improvements
2019-10-11 09:59:27 +02:00
Sami Mokaddem 47c4c2e529
Merge pull request #129 from VVX7/master
new: [authentication] Flask-login authentication via MISP.
2019-10-11 09:51:52 +02:00
mokaddem 1b4df61591 chg: [auth] Simplified condition 2019-10-11 09:45:54 +02:00
mokaddem 8da3d509cd chg: [diagnostic] Fixed to support auth 2019-10-11 09:35:03 +02:00
mokaddem eaf3ad30d1 chg: [auth] Check if can access the dashboard 2019-10-11 08:57:55 +02:00
mokaddem 2ecc4a8fad chg: [login] Fixed web dependencies and added auth error message 2019-10-11 08:38:33 +02:00
mokaddem 21dedd37ed chg: [auth] Takes into account MISP baseurl for redirections 2019-10-11 08:37:46 +02:00
VVX7 4d5ee49357 chg: [Authentication] User authentication can be disabled in config. If disabled, users are automatically logged in with a randomly generated account name and redirected to /index. 2019-10-03 17:26:58 -04:00
VVX7 b313b7cc74 chg: [authentication] add logout endpoint to dashboard dropdown 2019-10-02 20:15:34 -04:00
VVX7 3b0ebe8c72 chg: [authentication] session_cookie_sametime is str 2019-10-02 19:35:58 -04:00
VVX7 07f68cb33f chg: [authentication] configure misp-dashboard cookie policy 2019-10-02 19:32:39 -04:00
VVX7 bd5984faad chg: [authentication] set session protection to kill session when session identifier does not match 2019-10-02 19:10:35 -04:00
VVX7 9c028e697f chg: [authentication] require authorization on hidden endpoints. 2019-10-02 18:20:11 -04:00
VVX7 88cc920bd3 chg: [authentication] add unauthorized_handler to redirect unauthorized user to login page. 2019-10-02 18:12:52 -04:00
VVX7 708addaa34 chg: [authentication] add required login to dashboard views 2019-10-02 18:01:27 -04:00
VVX7 71780003d0 chg: [authentication] turn off password autocomplete 2019-10-02 17:25:00 -04:00
VVX7 83df3e4f74 chg: [authentication] increased password field length to 255. minor changes to login page. 2019-10-02 17:14:22 -04:00
VVX7 a0ccff71ef chg: [authentication] added flask session secret 2019-10-02 16:34:27 -04:00
VVX7 e18728e8b1 chg: [authentication] enforce session ssl 2019-10-02 13:35:12 -04:00
VVX7 b7c8f6b577 chg: [authentication] enforce session ssl 2019-10-02 12:46:37 -04:00
VVX7 e44f7e2c4b chg: [authentication] added misp logo 2019-10-02 12:35:21 -04:00
VVX7 2b99e13110 chg: [authentication] added login page 2019-10-02 12:34:08 -04:00
VVX7 1356e0003e chg: [authentication] removed auth required on endpoints 2019-10-02 11:17:08 -04:00
VVX7 2be101fdfc new: [authentication] Flask-login authentication via MISP instance. 2019-10-01 21:06:29 -04:00
Sami Mokaddem 60ce6ce5cd
Update README.md 2019-09-27 10:46:02 +02:00
mokaddem dd218f4cf4 fix: [security] prevent XSS injection in livelog table 2019-09-16 20:58:13 +02:00
Sami Mokaddem 0ac7e7cf84
Merge pull request #121 from mokaddem/fewFixes2
Various fixes and improvements
2019-08-30 13:16:47 +02:00
mokaddem 8fd474712b chg: [livelog] Scrolling Logs when fullscreen is on - Fix #118 2019-08-30 12:15:43 +02:00
mokaddem fba754b2e5 chg: [livelog] Fix z-index and fullscreen log panel z-index 2019-08-30 11:59:50 +02:00