ltb-project/self-service-password v1.6.0

Version 1.6.0

on GitHub

ℹ️ Self Service Password

LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password if they lost it.

It works with any LDAP directory, including Active Directory.

📄 What's Changed

• Update tr.inc.php by @berkaycagir in #775
• Audit log by @coudot in #781
• Use login_hint to prefill user login by @coudot in #795
• Update phpunit by @coudot in #799
• translated the line $messages['tokensent_ifexists'] into german by @piang0 in #804
• First implementation of a page to set mail and phone attributes by @coudot in #808
• Use LTB LDAP common PHP lib by @coudot in #797
• Update tr.inc.php by @berkaycagir in #812
• Complete and fix pt-BR translation by @natanjunges in #815
• Filter allowed languages by @coudot in #829
• Error handling when using the signal-cli api for sms by @armfem in #833
• Update it.inc.php by @iotaka in #839
• Upgrade Bootstrap to 5.3 by @coudot in #837
• Fix pt-BR translation for pwned password policy by @campolargo in #841
• prevent multiple form submits (#844) by @davidcoutadeur in #845
• 830 entropy by @davidcoutadeur in #843
• remove useless show_policy function, now rendered by smarty template by @davidcoutadeur in #842
• Remove criteria depending on old password when unavailable (#855) by @davidcoutadeur in #856
• add docker image labels (#778) + update base image to php:8.2 + smarty to v4.4.1 by @davidcoutadeur in #866
• update bundled dependencies + mv them as composer managed dep (#849) by @davidcoutadeur in #859
• Spec cleanup (#846) by @davidcoutadeur in #847
• deb cleanup (#852) by @davidcoutadeur in #858
• Avoid host header poisoning by @coudot in #857
• Use a dedicated CSS class for ppolicy div by @coudot in #873
• Test crypt_tokens parameter if SMS feature is enabled by @coudot in #874
• Securisation of reset by SMS token feature by @armfem in #851
• use new ltb-ldap v0.2 and adapt method signatures (#878) by @davidcoutadeur in #879
• 878 use ltb ldap functions by @davidcoutadeur in #882
• Use POST instead of GET in check entropy module (#884) by @davidcoutadeur in #885
• compute pwd_diff_last_min_chars the same way than at backend side (#868) by @davidcoutadeur in #869
• reinject default configuration file into conf directory (#831) by @davidcoutadeur in #870
• fix warnings for uninitialized variables (#887) by @davidcoutadeur in #888
• ability to change custom password fields, developped by @markus-96 (#864) by @davidcoutadeur in #865
• Correction of max number of attempts for token sent by sms bug by @armfem in #890
• remove global variables in sendsms.php (#889) by @davidcoutadeur in #891
• Corrected error introduced when adding obscure notifications by @armfem in #892
• 674 notify by mail code factorization by @davidcoutadeur in #893
• Remove obscure_failure_messages option by @coudot in #899

Full Changelog: v1.5.4...v1.6.0

👥 Main Team

• @coudot (@Worteks)
• @davidcoutadeur (@Worteks)

🤝 New Contributors

• @piang0 made their first contribution in #804
• @natanjunges made their first contribution in #815
• @armfem made their first contribution in #833
• @iotaka made their first contribution in #839
• @campolargo made their first contribution in #841

⬇️ Download

Get tarball and packages on https://ltb-project.org/download.html

Use our apt and yum repositories to ease the installation:

• https://self-service-password.readthedocs.io/en/latest/installation.html#debian-ubuntu
• https://self-service-password.readthedocs.io/en/latest/installation.html#centos-redhat

You can also use our Docker image: https://hub.docker.com/r/ltbproject/self-service-password