Commit Graph

596 Commits (e852c477ade065ef414a143661400b2863d761d8)

Author SHA1 Message Date
Lucas Magalhães e852c477ad Fix filters
To compare for "not equal" values you should invert the match, not directly compare with the string prepended with "!".
2021-12-21 00:20:30 +00:00
Lucas Magalhães 100948b4df Fix redis GEOADD
Redis python interface only accepts two arguments, the keyname to store in redis and a value-list with the coordinates and content to which the coordinates refer, in groups of three.
2021-12-14 23:46:18 +00:00
Steve Clement c093363e99
chg: [doc] updated (c) 2021-03-31 10:40:54 +09:00
Steve Clement a46cffb0a5
Merge pull request #155 from SteveClement/master 2021-03-30 13:19:35 +09:00
Steve Clement 461c8af2d7
chg: [installer] Added centos, added note on slow MaxMind keygen 2021-03-30 13:18:18 +09:00
Steve Clement 67d7d06af2
Merge pull request #147 from SteveClement/maxmind
fix: [maxmind] catch 401 not authorized
2020-04-27 18:50:57 +09:00
Steve Clement fdcc13d9d7
fix: [maxmind] catch 401 not authorized 2020-04-27 18:49:51 +09:00
Alexandre Dulaunoy c201d9e3b8
Merge pull request #145 from automationator/master
Fixes MaxMind SHA256 installer bug
2020-03-24 07:23:58 +01:00
Matthew Wilson 109ffaa13d
Fixes MaxMind SHA256 installer bug
The command used to edit the sha256 MaxMind file caused it to be replaced with a null file. This properly edits the file in place.
2020-03-23 12:36:07 -04:00
Steve Clement f6e62aaf49
Merge pull request #144 from SteveClement/maxmind-fix
fix: [GeoIP] MaxMind now requires a free account
2020-02-20 15:02:55 +08:00
Steve Clement 1b585d8ff2
chg: [GeoIP] Properly clean all files 2020-02-20 14:48:26 +08:00
Steve Clement 8d28c5128d
fix: [GeoIP] Small refactor 2020-02-20 14:45:03 +08:00
Steve Clement 4de261ee62
fix: [GeoIP] MaxMind now requires a free account 2020-02-20 14:39:57 +08:00
mokaddem 6510e6dca1 chg: [diagnostic] Added new catches to better handle errors 2020-02-10 07:44:20 +01:00
Alexandre Dulaunoy d0b9e05fe8
Merge pull request #140 from VVX7/master
chg: [auth] conditionally send debug token
2019-12-20 21:54:58 +01:00
VVX7 ed7e5d03bf chg: [auth] only send debug token when MISP is running in debug mode. 2019-12-20 15:16:17 -05:00
VVX7 ad1e776906 chg: [misp_login] remove debug field 2019-11-20 15:49:32 -05:00
Alexandre Dulaunoy 28200e4862
Merge pull request #139 from cudeso/master
SSL for Flask server
2019-11-13 20:46:34 +01:00
Koen Van Impe c5644f52f0 SSL for Flask server 2019-11-13 19:05:54 +01:00
Sami Mokaddem 8a49904235
chg: [README] Added Authentication section 2019-10-30 15:06:25 +01:00
Sami Mokaddem 5967a9d34a
Merge pull request #135 from mokaddem/improvements-login-diagnostic
Improvements on login and diagnostic
2019-10-29 16:40:05 +01:00
mokaddem f1c5c76ec5 chg: [login/diagnostic] Added catch if a secure cookie can't be set 2019-10-29 15:42:58 +01:00
mokaddem ad041c5f77 fix: [login/diagnostic] Return data with the expected format 2019-10-29 15:12:43 +01:00
mokaddem ce4aa82c0a chg: [login/diagnostic] Improved login errors feedback and adjusted
diagnostic
2019-10-29 14:52:10 +01:00
Sami Mokaddem d390a169b5
Merge pull request #130 from MISP/authImprovements
Few authentication improvements
2019-10-11 09:59:27 +02:00
Sami Mokaddem 47c4c2e529
Merge pull request #129 from VVX7/master
new: [authentication] Flask-login authentication via MISP.
2019-10-11 09:51:52 +02:00
mokaddem 1b4df61591 chg: [auth] Simplified condition 2019-10-11 09:45:54 +02:00
mokaddem 8da3d509cd chg: [diagnostic] Fixed to support auth 2019-10-11 09:35:03 +02:00
mokaddem eaf3ad30d1 chg: [auth] Check if can access the dashboard 2019-10-11 08:57:55 +02:00
mokaddem 2ecc4a8fad chg: [login] Fixed web dependencies and added auth error message 2019-10-11 08:38:33 +02:00
mokaddem 21dedd37ed chg: [auth] Takes into account MISP baseurl for redirections 2019-10-11 08:37:46 +02:00
VVX7 4d5ee49357 chg: [Authentication] User authentication can be disabled in config. If disabled, users are automatically logged in with a randomly generated account name and redirected to /index. 2019-10-03 17:26:58 -04:00
VVX7 b313b7cc74 chg: [authentication] add logout endpoint to dashboard dropdown 2019-10-02 20:15:34 -04:00
VVX7 3b0ebe8c72 chg: [authentication] session_cookie_sametime is str 2019-10-02 19:35:58 -04:00
VVX7 07f68cb33f chg: [authentication] configure misp-dashboard cookie policy 2019-10-02 19:32:39 -04:00
VVX7 bd5984faad chg: [authentication] set session protection to kill session when session identifier does not match 2019-10-02 19:10:35 -04:00
VVX7 9c028e697f chg: [authentication] require authorization on hidden endpoints. 2019-10-02 18:20:11 -04:00
VVX7 88cc920bd3 chg: [authentication] add unauthorized_handler to redirect unauthorized user to login page. 2019-10-02 18:12:52 -04:00
VVX7 708addaa34 chg: [authentication] add required login to dashboard views 2019-10-02 18:01:27 -04:00
VVX7 71780003d0 chg: [authentication] turn off password autocomplete 2019-10-02 17:25:00 -04:00
VVX7 83df3e4f74 chg: [authentication] increased password field length to 255. minor changes to login page. 2019-10-02 17:14:22 -04:00
VVX7 a0ccff71ef chg: [authentication] added flask session secret 2019-10-02 16:34:27 -04:00
VVX7 e18728e8b1 chg: [authentication] enforce session ssl 2019-10-02 13:35:12 -04:00
VVX7 b7c8f6b577 chg: [authentication] enforce session ssl 2019-10-02 12:46:37 -04:00
VVX7 e44f7e2c4b chg: [authentication] added misp logo 2019-10-02 12:35:21 -04:00
VVX7 2b99e13110 chg: [authentication] added login page 2019-10-02 12:34:08 -04:00
VVX7 1356e0003e chg: [authentication] removed auth required on endpoints 2019-10-02 11:17:08 -04:00
VVX7 2be101fdfc new: [authentication] Flask-login authentication via MISP instance. 2019-10-01 21:06:29 -04:00
Sami Mokaddem 60ce6ce5cd
Update README.md 2019-09-27 10:46:02 +02:00
mokaddem dd218f4cf4 fix: [security] prevent XSS injection in livelog table 2019-09-16 20:58:13 +02:00