mirror of
https://github.com/goauthentik/authentik
synced 2026-05-13 18:36:56 +02:00
899994027d
* core: add hash_password command and password_hash bootstrap support * core: prevent hash format exposure in validation error * core: remove redundant password length check * core: remove extra blank lines from hash_password command * core: add password_hash serializer tests, refine validation and imports * core: add null password fields test, add hash warning to docs * core: move hash validation to User.set_password_from_hash method * core: emit password_changed signal in set_password_from_hash * website: remove redundant hash security warning * core: wrap conflict error message for translation * core: wrap invalid hash error message for translation * web, core: add set_password_hash API endpoint and admin UI * core: simplify password_hash check to None comparison * core: use None check for password conflict validation * website: clarify Docker Compose $ escaping for .env vs compose.yml * website: lint * web: lint * core: add nosec comment for empty password string in signal * core: lint * web: Fix Password Hash help text * sources/kerberos,ldap: Gergo's review * add testing for ^^ and type fix * more general signal tests; not provider specific * only used in tests * add warning * we can do this * signals fix???? * core, web, website: review fixes * style(docs): format automated install guide * web: restore modal invoker import after rebase Co-authored-by: Codex <codex@openai.com> * fix generated clients * core: trim hash password command tests * core: add password hash permission * core: cover service account password hashes * web: remove password hash form * core: regenerate password hash migration * core: reuse password serializer for hashes * docs: clarify hashed password imports * Regenerate * core: deduplicate user serializer writes * core: deduplicate password update actions * core: deduplicate password change signaling * tests: reuse password hash API helper * tests: reuse SSF credential assertions * docs: centralize hashed password caveat * core: name password hash signal source * core: centralize password hash validation * core: deduplicate serializer password saves * docs: link source writeback caveats * api: clarify password hash request field * tests: deduplicate password hash API assertions * web: reuse user display-name helper * web: use existing user display formatter * core: reuse reset password permission for hash endpoint * core: keep separate password hash serializer * tests: remove redundant password hash permission test * 21745 Co-authored-by: Gergo <gergo@goauthentik.io> * core: preserve empty password handling in user serializer * core: inline blueprint user serializer fields * Use password hash constant * Simplify user serializer flow * Inline password update handling * Apply serializer cleanup * Clean blueprint password handling * Drop extra returns * Split password hash signal * Align hash signal receivers * Remove stale password guards * Inline password signal --------- Co-authored-by: Codex <codex@openai.com> Co-authored-by: Gergo <gergo@goauthentik.io>