secubox-openwrt

gandalf/secubox-openwrt

Fork 0

Commit Graph

Author	SHA1	Message	Date
CyberMind-FR	629c21a75c	feat(portal): Add password change feature for authenticated users - New RPC method `change_password` in luci.secubox-users - Verifies current password before allowing change - Syncs new password to all enabled services (email, jabber, nextcloud) - Matrix/PeerTube require manual password update (noted in response) - Portal UI updates: - New "Account" section with "Change Password" card - Password change modal with current/new/confirm fields - "My Services" card showing enabled services - ACL updated to include new authentication methods Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-25 12:05:29 +01:00
CyberMind-FR	e7b6039c96	feat(portal): Add SSO authentication with SecuBox core users Portal login now authenticates against SecuBox users (UCI config) instead of hardcoded credentials. New RPCD methods in luci.secubox-users: - authenticate: Verify username/password, return session token - recover: Send password reset email - reset_password: Set new password with recovery token Portal pages: - login.html: Login form with password recovery link - reset.html: Password reset form (from email link) Features: - SHA256 password hashing - Session tokens stored in /tmp/secubox-sessions/ - Email-based password recovery via mailctl - Public ACL access (no LuCI login required) - Passwords synced to services if sync_passwords=1 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-21 12:58:38 +01:00
CyberMind-FR	b6747c197e	feat(security): Add instant ban feature and user management - Add enhanced instant ban for critical threats (SQL injection, CVE exploits, RCE) - CrowdSec trigger scenario for single-hit bans on severity=critical - Instant ban daemon (10s polling) for rapid response - UCI options: instant_ban_enabled, instant_ban_duration (48h default) - WAF addon updated to route critical threats to instant-ban.log - Add centralized user management (secubox-core-users, luci-app-secubox-users) - CLI tool: secubox-users add/del/passwd/list/sync/status - LuCI dashboard under System > SecuBox Users - Unified user provisioning across Nextcloud, PeerTube, Matrix, Jabber, Email - Add Matrix/Conduit integration (secubox-app-matrix, luci-app-matrix) - LXC-based Conduit homeserver deployment - Full RPCD handler with user/room management - HAProxy integration for federation - Add provision-users.sh script for bulk user creation - Update secubox-feed with new IPKs Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-19 20:17:28 +01:00

Author

SHA1

Message

Date

CyberMind-FR

629c21a75c

feat(portal): Add password change feature for authenticated users

- New RPC method `change_password` in luci.secubox-users
  - Verifies current password before allowing change
  - Syncs new password to all enabled services (email, jabber, nextcloud)
  - Matrix/PeerTube require manual password update (noted in response)
- Portal UI updates:
  - New "Account" section with "Change Password" card
  - Password change modal with current/new/confirm fields
  - "My Services" card showing enabled services
- ACL updated to include new authentication methods

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-25 12:05:29 +01:00

CyberMind-FR

e7b6039c96

feat(portal): Add SSO authentication with SecuBox core users

Portal login now authenticates against SecuBox users (UCI config)
instead of hardcoded credentials.

New RPCD methods in luci.secubox-users:
- authenticate: Verify username/password, return session token
- recover: Send password reset email
- reset_password: Set new password with recovery token

Portal pages:
- login.html: Login form with password recovery link
- reset.html: Password reset form (from email link)

Features:
- SHA256 password hashing
- Session tokens stored in /tmp/secubox-sessions/
- Email-based password recovery via mailctl
- Public ACL access (no LuCI login required)
- Passwords synced to services if sync_passwords=1

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-21 12:58:38 +01:00

CyberMind-FR

b6747c197e

feat(security): Add instant ban feature and user management

- Add enhanced instant ban for critical threats (SQL injection, CVE exploits, RCE)
  - CrowdSec trigger scenario for single-hit bans on severity=critical
  - Instant ban daemon (10s polling) for rapid response
  - UCI options: instant_ban_enabled, instant_ban_duration (48h default)
  - WAF addon updated to route critical threats to instant-ban.log

- Add centralized user management (secubox-core-users, luci-app-secubox-users)
  - CLI tool: secubox-users add/del/passwd/list/sync/status
  - LuCI dashboard under System > SecuBox Users
  - Unified user provisioning across Nextcloud, PeerTube, Matrix, Jabber, Email

- Add Matrix/Conduit integration (secubox-app-matrix, luci-app-matrix)
  - LXC-based Conduit homeserver deployment
  - Full RPCD handler with user/room management
  - HAProxy integration for federation

- Add provision-users.sh script for bulk user creation
- Update secubox-feed with new IPKs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-19 20:17:28 +01:00

3 Commits