wireguard-ui

mirror of https://github.com/ngoduykhanh/wireguard-ui.git synced 2025-04-20 20:03:39 +03:00

Author	SHA1	Message	Date
0xCA	9f527d18ac	Rename last_update to updated_at	2024-01-03 17:56:01 +05:00
0xCA	99ac9b176e	panic if model.User is gob-incompatible	2024-01-02 20:12:47 +05:00
0xCA	845f438087	CRC an actual dbuser struct Per-field method left as a fallback	2023-12-30 14:14:32 +05:00
0xCA	38e4f5cbec	GetCookiePath util function	2023-12-29 15:08:50 +05:00
0xCA	bee5c54127	Further session protections and fixes Use MaxAge instead of Expires Verify if the cookie is not too old and not from the future Verify if the user exists and unchanged Refresh not sooner than 24h Do not refresh temporary sessions Delete cookies on logout	2023-12-29 15:08:50 +05:00
0xCA	91427427f2	Auth + Encryption for cookies, based on SessionSecret via SHA512	2023-12-29 15:08:50 +05:00
0xCA	6292424591	v1 Fixed session duration Use HttpOnly and SameSite Added cookie refresh on all pages	2023-12-29 15:08:50 +05:00
Khanh Ngo	45849a2aee	chore: code adjustment (#512 )	2023-12-29 10:56:37 +01:00
Khanh Ngo	8cfe9a3d5b	Resolve conflict	2023-12-29 10:13:30 +01:00
Khanh Ngo	4ffd7319f8	Upgrade dependencies (#511 ) - Upgrade GitHub Actions - Upgrade Go version - Upgrade Alpine image	2023-12-29 09:54:51 +01:00
0xCA	41bf0bc92c	Telegram support (#488 )	2023-12-29 09:22:12 +01:00
0xCA	841db62347	Fixed tag input being too small and unable to fit a CIDR (#509 ) Co-authored-by: 0xCA <undefined>	2023-12-28 08:37:26 +01:00
Alexandra Stone	37f459c535	Minor readme tweak.	2023-12-27 14:47:15 -07:00
Alexandra Stone	a8e96f5457	Correct flag to helo and make shorter	2023-12-27 14:42:31 -07:00
kevin	867aa1305d	Fix logic error and make some settings optional in wg.conf template. (#506 )	2023-12-27 20:50:30 +01:00
Daniel Tilă	c2a6ced991	Describe the fact you can expose other port than WGUI_SERVER_LISTEN_PORT (#507 )	2023-12-27 10:10:23 +01:00
Khanh Ngo	cb118f4dea	Create CONTRIBUTING.md	2023-12-27 10:08:00 +01:00
0xCA	a9be53899c	Subnet range selector, interface fixes (#481 )	2023-12-27 09:08:55 +01:00
Vahid	e73047b14f	Feature: Unix domain socket support (#492 ) Co-authored-by: Khanh Ngo <k@ndk.name>	2023-12-25 20:31:11 +01:00
0xCA	47fac2b49b	Fixed tag input being too small and unable to fit a CIDR (#483 ) Co-authored-by: 0xCA <undefined>	2023-12-25 20:25:38 +01:00
nebulosa2007	c8623082fe	Make Interface PreDown setting. (#480 )	2023-12-25 20:23:51 +01:00
Michael Walter	af7742bfb3	Update routes.go (#475 ) use config file download mime type "txt/conf" to prevent downloaded configs being saved as <filename>.txt, instead of wanted <filename>.conf. Tested on Android Firefox and Chrome	2023-12-25 20:22:42 +01:00
Gabriel Soares	e2e1159ef4	add endpoint field to client (#470 )	2023-12-25 20:21:37 +01:00
Cameron	585b55c2ee	fix: handle os.chmod errors (#457 )	2023-12-25 20:17:31 +01:00
Marcus Wichelmann	13a4c05ff5	fix: add basic server-side input validation (#435 ) This mitigates possible path traversal attacks by using e.g. "../user" as a user name.	2023-12-25 20:07:47 +01:00
Marcus Wichelmann	a06bce88e0	fix: add content-type check to user management routes to mitigate CSRF (#427 )	2023-12-25 20:03:29 +01:00
Cameron	3024d36d76	env variable file support (#391 )	2023-12-25 19:58:31 +01:00
Alexandra Stone	aac9ba8b50	Added variable to readme	2023-10-27 11:59:55 -06:00
Alexandra Stone	ece1c76aec	implement hello hostname to resolve smtp-relay issue	2023-10-27 11:33:04 -06:00
Alexandra Stone	d2b67277e3	Add hello hostname to config	2023-10-27 11:32:26 -06:00
Alexandra Stone	393f896616	Add hello hostname flag	2023-10-27 11:32:02 -06:00
Khanh Ngo	b55543f424	fix: set random session secret if not set (#417 )	2023-08-11 11:48:51 +02:00
Paul Dee	364a43e3dc	Implement updating a client Pub+PSK when editing a client (#401 ) This covers the normal use-case where clients generate keys locally on their device and notify the server of their new/updated keys. The server verifies Preshared and Public keys independently of each other. Should a client generate a new tunnel which lacks a PSK and send only a Public key to the server (admin) where the earlier server created profile has a Preshared key, the server admin/user must determine the course of action: keep or remove the PSK.	2023-08-11 10:34:11 +02:00
Cameron	7488f283c4	secure jsondb user perms (#404 )	2023-08-11 10:25:56 +02:00
Hoang Nguyen	6bbe230fe8	[Vulnerability] Cross site scripting (XSS) and Open Redirect on the login page (#396 )	2023-06-23 09:42:39 +02:00
Gabriel Klavans	28f3e820f0	Remove duplicate env var entry (#392 )	2023-06-22 21:51:38 +02:00
A A R I X	b9e5ddf194	Added BIND_ADDRESS environment variable to the project README (#384 )	2023-06-06 21:11:43 +02:00
Khanh Ngo	39324c5cf9	Add .gitattributes	2023-06-06 21:09:12 +02:00
Khanh Ngo	346e3bd3b8	chore: remove healthcheck from Dockerfile (#382 )	2023-06-03 10:40:24 +02:00
Khanh Ngo	8ac33a0278	GHA fixes	2023-05-24 21:21:44 +02:00
Khanh Ngo	5183bb5093	GHA fixes	2023-05-24 18:07:50 +02:00
Khanh Ngo	745141c752	GHA fixes	2023-05-24 18:00:48 +02:00
Khanh Ngo	19527ef1e0	GHA fixes	2023-05-24 17:58:20 +02:00
Khanh Ngo	86e52c5868	Add docker build workflow	2023-05-24 17:51:44 +02:00
Khanh Ngo	f3ed766bc4	Update stale.yml	2023-05-24 12:08:12 +02:00
andycandy-de	e9357d83e2	Added Table to global settings (#308 )	2023-05-24 12:06:05 +02:00
djarbz	59133327de	Healthcheck: account for custom bind port (#295 )	2023-05-24 12:05:27 +02:00
ByteDream	ec757286c5	Hide user settings if login is disabled (#356 ) (#361 )	2023-05-24 12:04:02 +02:00
Paul Dee	cfbdae7abb	Follow-up fix for fwmark `101b5564c2` (#372 ) Remove all FwMark settings from client configs (illegal) and QRcode (also illegal).	2023-05-24 12:02:07 +02:00
Khanh Ngo	ac99317ba3	Update README.md	2023-03-17 09:53:57 +01:00

1 2 3 4 5

240 commits