Commit Graph

1107 Commits

Author SHA1 Message Date
Tom Hodder 1336c03f97 WIP: Add pagination to frames.php in classic (#2618)
* add pagination to the frames.php results

* remove commented code, fix view all paging

* removing debugging logging statements

* default frames paging to on
2019-06-16 12:02:00 -04:00
Pliable Pixels 98bf7800b0 remove a password log, corrected PHP version in log (#2627)
* remove a password log, corrected PHP version in log

* PHP version correction
2019-06-16 11:59:48 -04:00
Isaac Connor 08cc4e0383 add null value to set() function 2019-06-05 10:22:20 -04:00
Isaac Connor 5346f82de9 Fix unable to login when ZM_AUTH_RELAY != hashed and fix setting the password in session when ZM_AUTH_RELAY==plain 2019-06-05 09:23:34 -04:00
Isaac Connor 4b9b2015cb write a note why regnerateAuthHash doesn't work when saving config 2019-06-04 16:30:57 -04:00
Isaac Connor cc269378cf regenerate auth_hash in session because we might have changed an auth hash setting 2019-06-04 16:27:25 -04:00
Isaac Connor 168aa35461 force regeneration of auth_hash on login. Fix failed auth_hash verification not logging you out by returning null instead of false. Update session with new auth_hash when forcing regeneration 2019-06-04 16:26:29 -04:00
Isaac Connor eaa1939f6b comment out debug lines 2019-05-31 10:35:54 -04:00
Isaac Connor 274737d1b1 Fix moocord to mocord. 2019-05-31 10:35:18 -04:00
Isaac Connor b0869a0b13 spaces and quotes 2019-05-31 10:34:53 -04:00
Isaac Connor 75ec4818a6 WHen saving a monitor, only start zmc and zma if appropriate 2019-05-31 10:15:02 -04:00
Isaac Connor ba96f0709c fix saving user using password_hash 2019-05-30 09:58:54 -04:00
Isaac Connor 628760d5b9 Spacing and braces cleanup from asker's code 2019-05-29 10:29:03 -04:00
Isaac Connor c4d76f03c9 Introduce ZM_PATH_SHUTDOWN to cmake config 2019-05-27 12:09:32 -04:00
Isaac Connor 4765b9d936 Don't generate php errors when returned row doesn't have the specified column 2019-05-24 14:52:04 -04:00
Isaac Connor 1ddd5b1f74 Merge branch 'master' of github.com:ZoneMinder/zoneminder 2019-05-24 13:56:30 -04:00
Isaac Connor 34400419e8
Add shutdown capability (#2575)
* Add Config for showing a system shutdown/restart option

* Add a translation for Shutdown

* add a shutdown power button to the navbar

* but the shutdown icon in a navbar-txt

* set width and height of shutdown window

* Add instructions for enabling the web user to run shutdown

* add the shutdown view and actions
2019-05-24 13:53:24 -04:00
Pliable Pixels fc27393a96 Replace MySQL Password() with bcrypt, allow for alternate JWT tokens (#2598)
* added sha1 and bcrypt submodules

* added bcrypt and sha to src build process

* added test sha1 and bcrypt code to validate working

* bcrypt auth migration in PHP land

* added include path

* add sha source

* added bcrypt to others

* put link_dir ahead of add_executable

* fixed typo

* try add_library instead

* absolute path

* absolute path

* build bcrypt as static

* move to wrapper

* move to fork

* logs tweak

* added lib-ssl/dev for JWT signing

* Moved to openSSL SHA1, initial JWT plugin

* removed vog

* fixed SHA1 algo

* typo

* use php-jwt, use proper way to add PHP modules, via composer

* fixed module path

* first attempt to fix cast error

* own fork

* own fork

* add composer vendor directory

* go back to jwt-cpp as PR merged

* moved to jwt-cpp after PR merge

* New token= query for JWT

* Add JWT token creation, move old code to a different function for future deprecation, simplified code for ZM_XX parameter reading

* JWT integration, validate JWT token via validateToken

* added token validation to zms/zmu/zmuser

* add token to command line for zmu

* move decode inside try/catch

* exception handling for try/catch

* fix db read, forgot to exec query

* remove allowing auth_hash_ip for token

* support refresh tokens as well for increased security

* remove auth_hash_ip

* Error out if used did not create an AUTH_HASH_SECRET

* fixed type conversion

* make sure refresh token login doesn't generate another refresh token

* fix absolute path

* move JWT/Bcrypt inside zm_crypt

* move sha headers out

* move out sha header

* handle case when supplied password is hashed, fix wrong params in AppController

* initial baby step for api tab

* initial plumbing to introduce token expiry and API bans per user

* remove M typo

* display user table in api

* added revoke all tokens code, removed test code

* use strtoul for conversion

* use strtoul for conversion

* use strtoul for conversion

* more fixes

* more fixes

* add mintokenexpiry to DB seek

* typo

* add ability to revoke tokens and enable/disable APIs per user

* moved API enable back to system

* comma

* enable API options only if API enabled

* move user creation to bcrypt

* added password_compat for PHP >=5.3 <5.5

* add Password back so User object indexes don't change

* move token index after adding password

* demote logs

* make old API auth optional, on by default

* make old API auth mechanism optional

* removed stale code

* forgot to checkin update file

* bulk overlay hash mysql encoded passwords

* add back ssl_dev, got deleted

* fix update script

* added token support to index.php

* reworked API document for new changes in 2.0

* Migrate from libdigest to crypt-eks-blowfish due to notice

* merge typo

* css classess for text that disappear

* fixed html typo

* added deps to ubuntu control files

* spaces

* removed extra line

* when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist

* add libssl1.0.0 for ubuntu 16/12

* small API fixes

* clean up of API, remove redundant sections

* moved to ZM fork for bcrypt

* whitespace and google code style

* regenerate auth hash if doing password migration

* dont need AUTH HASH LOGIN to be on

* Add auth hash verification to the user logged in already case

* fix missing ]

* reject requests if per user API disabled
2019-05-24 13:48:40 -04:00
Isaac Connor 729dee5dda Merge branch 'master' into storageareas 2019-05-24 10:06:14 -04:00
Isaac Connor db9ba7eeab Add StartDateTime and EndDateTime as Sort options. Fixes #2614 2019-05-24 10:02:15 -04:00
Isaac Connor f9004443cf Merge branch 'master' into storageareas 2019-05-24 09:37:03 -04:00
Isaac Connor 843a9a6630 Merge branch 'pliablepixels-crypt-replacement3' into storageareas 2019-05-24 09:36:54 -04:00
Isaac Connor 2fc7b3cf4d Don't allow deleting of in-progress recording 2019-05-24 09:31:48 -04:00
Isaac Connor aa1264f4d2 fix missing ] 2019-05-23 16:26:40 -04:00
Isaac Connor 4466ef13fd Merge branch 'pliablepixels-crypt-replacement3' into storageareas 2019-05-23 15:21:58 -04:00
Isaac Connor 7559c975e3 Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement3 2019-05-23 15:15:52 -04:00
Isaac Connor 883688a72d Add auth hash verification to the user logged in already case 2019-05-23 15:15:37 -04:00
Pliable Pixels 57708c016c dont need AUTH HASH LOGIN to be on 2019-05-23 14:59:21 -04:00
Isaac Connor d5120f7506 regenerate auth hash if doing password migration 2019-05-23 14:30:45 -04:00
Isaac Connor bc9116dd94 whitespace and google code style 2019-05-23 14:27:17 -04:00
Isaac Connor 2ce2381269 Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement 2019-05-19 08:45:42 -04:00
Pliable Pixels 8e1037458a when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist 2019-05-18 11:23:16 -04:00
Isaac Connor 93aeceecfc Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement 2019-05-17 10:18:15 -04:00
Pliable Pixels 95460a945a added token support to index.php 2019-05-14 19:22:49 -04:00
Pliable Pixels e9f843f297 bulk overlay hash mysql encoded passwords 2019-05-13 14:29:24 -04:00
Pliable Pixels adb01c4d0e added password_compat for PHP >=5.3 <5.5 2019-05-12 13:57:25 -04:00
Pliable Pixels d7dbaf52d4 move user creation to bcrypt 2019-05-12 13:01:29 -04:00
Pliable Pixels a9d601e5ae add ability to revoke tokens and enable/disable APIs per user 2019-05-12 10:56:17 -04:00
Pliable Pixels ae14be916c initial plumbing to introduce token expiry and API bans per user 2019-05-11 13:39:40 -04:00
Pliable Pixels 95b448abdd handle case when supplied password is hashed, fix wrong params in AppController 2019-05-10 11:25:55 -04:00
Pliable Pixels f9730bb46b remove auth_hash_ip 2019-05-08 14:07:48 -04:00
Pliable Pixels bc050fe330 support refresh tokens as well for increased security 2019-05-08 13:38:42 -04:00
Pliable Pixels b293592e4c added token validation to zms/zmu/zmuser 2019-05-08 10:55:32 -04:00
Pliable Pixels e8f79f3254 JWT integration, validate JWT token via validateToken 2019-05-07 15:04:51 -04:00
Isaac Connor 5fe565b99d spacing 2019-05-06 10:49:18 -04:00
Pliable Pixels ca3f65deef go back to jwt-cpp as PR merged 2019-05-05 14:32:09 -04:00
Pliable Pixels a55a11dad1 first attempt to fix cast error 2019-05-05 11:24:55 -04:00
Pliable Pixels 8d62c61b7a fixed module path 2019-05-05 07:50:52 -04:00
Pliable Pixels 725c3c50ed use php-jwt, use proper way to add PHP modules, via composer 2019-05-05 07:08:25 -04:00
Pliable Pixels 887912e7ad bcrypt auth migration in PHP land 2019-05-01 13:22:24 -04:00