zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-05-03 21:31:56 -05:00
Code Issues Packages Projects Releases Wiki Activity
18,497 Commits 35 Branches 71 Tags
4800b4455feb1958a78f9fd0977a249ef1863cea
Commit Graph

26 Commits

Author SHA1 Message Date
Ryan Petrello
af84b25726 prevent cross site request forgery in websockets w/ the CSRF token 
now that we have the CSRF middleware, we have a reliable token
available to us which we can use to verify individual ws_receive
payloads;  this is _simpler_ than making sure you've properly configured
trusted origins, and it's also more secure than Origin header checks

see: https://github.com/ansible/tower/issues/2661
 2018-07-25 09:47:53 -04:00
Ryan Petrello
c81d2f53c5 slightly refactor origin validity checks 2018-07-24 15:16:09 -04:00
Ryan Petrello
4b3ca080d4 improve robustness of host comparision for wss:// Origin headers 
see: https://github.com/ansible/tower/issues/2647
 2018-07-24 13:30:04 -04:00
Ryan Petrello
e7279f2fe2 reject ws:// connections w/ origin mismatches 
see: https://github.com/ansible/tower/issues/2647
 2018-07-23 21:56:31 -04:00
Aaron Tan
1c2621cd60 Implement session-based and OAuth 2 authentications 
Relates #21. Please see acceptance docs for feature details.

Signed-off-by: Aaron Tan <jangsutsr@gmail.com>
 2018-02-22 15:18:12 -05:00
Wayne Witzel III
a858093db8 Update to asgi_amqp 1.0.1 2017-11-27 19:41:30 +00:00
Wayne Witzel III
5b4dc9e7ee Disable group sending in consumer (Issue ansible/awx#615) 2017-11-13 10:19:14 -05:00
AlanCoding
f03b40aa50 enforce max line length of 160 characters 2017-10-11 12:38:39 -04:00
Ryan Petrello
45819f6b9a requeue websocket messages that don't (yet) have an established user 
There's a race between our `ws_connect` and `ws_receive` methods;
it's possible to fall into a scenario where we're handling a legitimate
message *before* django-channels is able to persist the `user_id` into
the channel session.  This results in a scenario where a user can open
a browser tab and never receive new websocket messages.  In this
scenario, we should just toss the message back into the queue and try
again later (up to a reasonable limit of retries).
 2017-02-28 11:12:59 -05:00
Wayne Witzel III
4d02ee9445 Make current_groups a set to easily avoid duplicates, update asgi-amqp requirement 2017-02-24 16:59:39 -05:00
Matthew Jones
819d8d1fb3 Show the data that would have been a problem sending payload 
for websocket
 2017-02-08 11:30:15 -05:00
Wayne Witzel III
70f8dfe8fe remove use of http_session, not needed with auth_token 2017-02-01 12:59:09 -05:00
Wayne Witzel III
9e7ae673b6 rework authentication to respect all possible backends using DRF auth_token 2017-02-01 00:21:18 -05:00
Wayne Witzel III
36c06020b4 Get users from the http_session, authorize job, workflow, and adhoc event access against RBAC 2017-01-31 20:19:45 -05:00
Wayne Witzel III
13798d352c use DjangoJSONEncoder 2016-12-14 12:49:50 -05:00
AlanCoding
7344a998b2 move formatter to logger file, settings reload on startup 2016-12-01 19:09:55 -05:00
AlanCoding
f3427d1359 Logging Integration, ELK docker-compose as update file 2016-11-29 13:09:47 -05:00
Aaron Tan
9e4655419e Fix flake8 E302 errors. 2016-11-15 20:59:39 -05:00
Wayne Witzel III
ced3c41df9 add auth_token verification to websocket 2016-10-24 19:42:53 -04:00
Wayne Witzel III
af82273948 don't double encode channel messages 2016-10-20 09:37:06 -04:00
Wayne Witzel III
39f337d933 added model for holding channel group information, updating asgi_amsqp req 2016-10-06 16:16:27 -04:00
Jared Tabor
3d979bb661 draft 1 of socket refactoring 2016-10-04 14:16:59 -07:00
Wayne Witzel III
ee09d881a4 only discard if groups have been created previously 2016-09-27 18:39:12 -04:00
Wayne Witzel III
850934c89d remove reply_channel from groups 2016-09-27 18:39:09 -04:00
Wayne Witzel III
4c8aaf1aed converting from socketio to channels websocket 2016-09-27 18:39:07 -04:00
Wayne Witzel III
62beb24d62 adding initial testing consumers/routes for channels 2016-09-27 18:38:59 -04:00