v1.5.0 Fixes & Features#243
Merged
Merged
Conversation
fork update
jaredhendrickson13
added
needs testing
…get_pfsense_if_id for create and update requests
…get_pfsense_if_id for create and update requests
Fix validate interface for firewall rule creation to support interface groups
Member
Author
Development Build 0pfSense 2.5: pfSense 2.6: pfSense Plus 22.01: pfSense-2.5-pkg-API-1.5_0dev_0.zip |
…nVPN client DELETE endpoint
adds api documentation for the newly added initiate field on /api/v1/services/ipsec/apply
Member
Author
Build 41f1934Build InstallationpfSense-pkg-API-0.0_0dev_41f193446ae215d9df3a4b4fbda6013b9d147127.zip |
only allow pfsense 2.6.0+/22.05+ to use the initiate field on /api/v1/services/ipsec/apply as the necessary function is only available on these versions and pfsense 2.5.x is nearing eol.
adds the update_available field to the GET /api/v1/system/package endpoint
Member
Author
Build 8edd42eBuild InstallationpfSense-pkg-API-0.0_0dev_8edd42e88aff6f893ddda7cfb813ca9d2b5d55de.zip |
fixes an issue where it was possible to obtain a jwt before the server key was created
jaredhendrickson13
removed
the
work in progress
Member
Author
Build e33d64cBuild InstallationpfSense-pkg-API-0.0_0dev_e33d64c09f33706fe2ac0f2b6e950f166ca24594.zip |
jaredhendrickson13
added
the
work in progress
* feat: implement login protection adds the enable_login_protection field to the api ui page and /api/v1/system/api. this field toggles enabling login protection for api authentication. this will help prevent brute force attacks against api endpoints * fix: check if enable_login_protection is empty on the api ui page, we were evaluating a base variable which erroneously set or unset the variable * fix: default auth logs username login protection requires the username to be set in order to work. this sets the default username to 'unknown' if no username could be found * chore: enable login protection by default * tests: added login protection test * lint: fixed import order for tests * tests: just expect login protection timeout before the test_login_protection test expected requests to start failing at a specific point, but this does not work with all login protection configs and situations. it now just expects the requests to start to timeout after many failed auth attempts
* feat: generate api tokens via api allows clients to generate new api tokens from the /api/v1/access_token endpoint * docs: updated auth docs updates readme and openapi docs to state api tokens can now be updated via api endpoint. also adds section outlining the purpose of login protection and how to disable it if needed * chore: adjust login protection verbage in ui clarifies that disabling API login protection will not disble api protection system-wide, only within the api * tests: added api token auth tests * tests: fixed order of imports in token tests * docs: fixed formatting in openapi.yml the login protection section was missing a trailing newline that bolded the entire section
* feat: added /api/v1/system/version/upgrade this endpoint allows clients to check for available pfsense upgrades but does not apply them. * fix: add use_cache to query excludes * tests: test version upgrade resp times * docs: add new priv to system version adds priv page-system-update-settings to allow /api/v1/system/version calls
specifies which versions support the 'initiate' field on /api/v1/services/ipsec/apply. currently 2.5.x does not support this field because the function to do so did not exist
jaredhendrickson13
removed
the
work in progress
Member
Author
Build v1.5.0-rc0Build Installation |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
pkgoutput.installedandupdate_availablefields to /api/v1/system/package to show whether a package is currently installed and has updates available.auth_modeis set totoken(How to generate a API token by command line or api? #281)