external-repos/ivatar
1
0
Fork 0
mirror of https://git.linux-kernel.at/oliver/ivatar.git synced 2025-11-11 10:46:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,179 Commits 13 Branches 2 Tags
master
Commit Graph

35 Commits

Author SHA1 Message Date
Oliver Falk
9cf1cb4745 Enhance performance tests 2025-10-24 13:51:45 +02:00
Oliver Falk
6db3450b20 Enhance the version endpoint and fix OTEL deployment 2025-10-17 14:49:10 +02:00
Oliver Falk
780dc18fa4 File upload security (iteration 1), security enhancements and OpenTelemetry (OTEL) implementation (sending data disabled by default) 2025-10-17 11:16:48 +02:00
Oliver Falk
368aa5bf27 feat: enhance security with improved password hashing and logging 
- Add Argon2PasswordHasher with high security settings as primary hasher
- Implement fallback to PBKDF2PasswordHasher for CentOS 7/Python 3.6 compatibility
- Add argon2-cffi dependency to requirements.txt
- Replace all print statements with proper logging calls across codebase
- Implement comprehensive logging configuration with multiple handlers:
  * ivatar.log - General application logs (INFO level)
  * ivatar_debug.log - Detailed debug logs (DEBUG level)
  * security.log - Security events (WARNING level)
- Add configurable LOGS_DIR setting with local config override support
- Create config_local.py.example with logging configuration examples
- Fix code quality issues (flake8, black formatting, import conflicts)
- Maintain backward compatibility with existing password hashes

Security improvements:
- New passwords use Argon2 (memory-hard, ASIC-resistant)
- Enhanced PBKDF2 iterations for fallback scenarios
- Structured logging for security monitoring and debugging
- Production-ready configuration with flexible log locations

Tests: 85/113 passing (failures due to external DNS/API dependencies)
Code quality: All pre-commit hooks passing
 2025-10-15 15:13:09 +02:00
Oliver Falk
9caee65b8e Enhance the StatsView 2025-09-24 17:44:41 +02:00
Oliver Falk
184f3eb7f7 Use latest version from GIT, as it contains some fixes (by us) 2025-04-16 08:57:54 +02:00
Oliver Falk
c948f515e0 Remove mysqlclient - we highly recommend using PostgreSQL anyway and for dev, SQLite should be sufficient for most cases 2025-02-27 15:21:21 +01:00
Oliver Falk
b12b5df17a Reduce version requirement. Tested with 4.2.16 - still works fine 2025-02-07 15:44:15 +01:00
Oliver Falk
dc30267ff4 Don't use Argon2, as it doesn't work in old Python envs 2025-01-23 13:45:27 +01:00
Oliver Falk
3fad7497a1 Add argon2 to reqs; Fixes pipeline build as well 
Signed-off-by: Oliver Falk <oliver@linux-kernel.at>
 2025-01-23 13:33:49 +01:00
Oliver Falk
6c25f6ea12 Pin Django to > 5.1, as older version may not work properly any more 2025-01-21 19:44:04 +01:00
Oliver Falk
1a859af31f Use older dnspython version - something changed that is incompatible with libravatar (client) libs 2023-12-28 15:40:49 +01:00
Oliver Falk
e945ae2b4d Add missing pymemcache dep and remove old one 2022-11-22 19:48:42 +01:00
Oliver Falk
9565ccc54e Changes required for Django > 4 2022-11-22 19:38:08 +01:00
Oliver Falk
66bf945770 Need to use non-release version, since use_2to3 doesn't work with newer python any more + resort 2022-11-17 12:00:26 +01:00
Oliver Falk
0c3686beef First preparations for Django >= 4.x 
- Slight reformatting in some parts; Non-functional changes
- ugettext(_lazy) no longer available in Django > 4, changing to
  gettext(_lazy)
- Since django-openid-auth doesn't work with Django > 4 yet, we need to
  pin this project to Django < 4 until that issue is solved
 2021-12-10 09:21:49 +01:00
Oliver Falk
52e5673834 Reuse username as email if it looks like a valid email address 
* Automatically add it as UnconfirmedEmail and trigger confirmation mail
* Clean up views with black
 2021-09-14 15:48:28 +02:00
Oliver Falk
dcb3627179 Fix reqs that ended up in master only 2021-05-31 07:51:03 +00:00
Oliver Falk
635951ff4d Make pylint happier, enhance a few tests and add missing schemas 2020-11-13 13:36:16 +01:00
Oliver Falk
da731425bc Avoid building psycopg from source 2019-04-19 13:28:38 +02:00
Oliver Falk
2d62e658e4 Implement the pagan lib (for fun) 2019-02-28 17:02:15 +01:00
Oliver Falk
5bb3bac161 First install Pillow and afterwards the rest 2019-02-28 12:56:24 +01:00
Oliver Falk
a70a453f43 The usual PIL vs. Pillow issues, therefore use my fork for this 2019-02-28 12:34:40 +01:00
Oliver Falk
f7f573e99d Identicons are now generated by ivatar and switch retro to a more modern version - but only does 5x5 (like GitHub) 2019-02-28 12:21:02 +01:00
Oliver Falk
a19a837e82 Enable memcache caching 2019-02-18 16:40:44 +01:00
Oliver Falk
a3213de61f Use my (fixed) version of robohash until upstream is fixed 2018-12-03 18:49:49 +01:00
Oliver Falk
3f04e183d4 Regression from 7c1b821820, switch back to latest official version, since build breaks with UnicodeDecodeError 2018-12-03 16:27:10 +01:00
Oliver Falk
7c1b821820 Use latest master tree on GitHub for robohash and allow to choose the set with robohash= (set1-3) 2018-12-03 16:17:33 +01:00
Oliver Falk
64f804b876 Fix some lint warnings, add Robohash (First shot, Issue #13) and make OpenId work again 2018-12-03 16:01:20 +01:00
Oliver Falk
3badfd8dc1 Add notsetuptools as dep for monsterid and add monsterid and pydenticon 2018-10-09 19:20:31 +02:00
clime
80c74543d0 add missing psycopg2 requirement 2018-07-10 10:25:53 +02:00
Oliver Falk
47d65253eb OpenShift online ready 2018-06-13 10:57:31 +02:00
Oliver Falk
e37699b822 Gearman no longer required 2018-05-25 11:05:48 +02:00
Oliver Falk
4b644e1c80 For testing, we need pyLibravatar 2018-05-25 11:01:10 +02:00
Oliver Falk
9ff9159f8b Initial commit 2018-05-07 15:00:03 +02:00