diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2025-02-23 22:10:30 +1100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-23 22:10:30 +1100 |
| commit | 5e40d974e9a8ef6ff0fce09873d2c03720e7ca45 (patch) | |
| tree | 12481ce7d722fab08512bae48858f7921e87e346 /docs | |
| parent | 3dad392ea455d9a63dd79ad788a9aebfc02fca3e (diff) | |
feat(regulation): ip bans and unbanning (#7230)
This adds several new features to the regulation functionality including IP banning and the ability to unban users.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Diffstat (limited to 'docs')
13 files changed, 679 insertions, 7 deletions
diff --git a/docs/content/configuration/security/regulation.md b/docs/content/configuration/security/regulation.md index 6a977c6db..6d22e0bbf 100644 --- a/docs/content/configuration/security/regulation.md +++ b/docs/content/configuration/security/regulation.md @@ -26,6 +26,9 @@ authentication attempts. This helps prevent brute-force attacks. ```yaml {title="configuration.yml"} regulation: + modes: + - 'user' + - 'ip' max_retries: 3 find_time: '2m' ban_time: '5m' @@ -35,6 +38,20 @@ regulation: This section describes the individual configuration options. +### mode + +{{< confkey type="list(string)" default="['user']" required="no" >}} + +The mode for regulation. The table below describes each option. The recommended mode is `ip`. It should be noted that, +regardless of the ban mode, if bans exist in the database, the user or IP will be denied access. See the +[authelia storage bans](../../reference/cli/authelia/authelia_storage_bans.md) command for information on managing +ban entries. + +| Mode | Description | +|:----:|:-------------------------------------------------------------------:| +| user | The user account is the subject of any automatic bans | +| ip | The remote ip is the subject of any automatic bans | + ### max_retries {{< confkey type="integer" default="3" required="no" >}} diff --git a/docs/content/reference/cli/authelia/authelia_storage.md b/docs/content/reference/cli/authelia/authelia_storage.md index d96f82a3b..434e0c503 100644 --- a/docs/content/reference/cli/authelia/authelia_storage.md +++ b/docs/content/reference/cli/authelia/authelia_storage.md @@ -65,6 +65,7 @@ authelia storage --help ### SEE ALSO * [authelia](authelia.md) - authelia untagged-unknown-dirty (master, unknown) +* [authelia storage bans](authelia_storage_bans.md) - Manages user and ip bans * [authelia storage cache](authelia_storage_cache.md) - Manage storage cache * [authelia storage encryption](authelia_storage_encryption.md) - Manage storage encryption * [authelia storage migrate](authelia_storage_migrate.md) - Perform or list migrations diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans.md b/docs/content/reference/cli/authelia/authelia_storage_bans.md new file mode 100644 index 000000000..89ed9379d --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans.md @@ -0,0 +1,68 @@ +--- +title: "authelia storage bans" +description: "Reference for the authelia storage bans command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans + +Manages user and ip bans + +### Synopsis + +Manages user and ip bans. + +This subcommand allows listing, creating, and revoking user and ip bans from the regulation system. + +### Examples + +``` +authelia storage bans --help +``` + +### Options + +``` + -h, --help help for bans +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage](authelia_storage.md) - Manage the Authelia storage +* [authelia storage bans ip](authelia_storage_bans_ip.md) - Manages ip bans +* [authelia storage bans user](authelia_storage_bans_user.md) - Manages user bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_ip.md b/docs/content/reference/cli/authelia/authelia_storage_bans_ip.md new file mode 100644 index 000000000..b1fd9a31e --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_ip.md @@ -0,0 +1,69 @@ +--- +title: "authelia storage bans ip" +description: "Reference for the authelia storage bans ip command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans ip + +Manages ip bans + +### Synopsis + +Manages ip bans. + +This subcommand allows listing, creating, and revoking ip bans from the regulation system. + +### Examples + +``` +authelia storage bans ip --help +``` + +### Options + +``` + -h, --help help for ip +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans](authelia_storage_bans.md) - Manages user and ip bans +* [authelia storage bans ip add](authelia_storage_bans_ip_add.md) - Adds ip bans +* [authelia storage bans ip list](authelia_storage_bans_ip_list.md) - Lists ip bans +* [authelia storage bans ip revoke](authelia_storage_bans_ip_revoke.md) - Revokes ip bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_ip_add.md b/docs/content/reference/cli/authelia/authelia_storage_bans_ip_add.md new file mode 100644 index 000000000..3fa175dfa --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_ip_add.md @@ -0,0 +1,73 @@ +--- +title: "authelia storage bans ip add" +description: "Reference for the authelia storage bans ip add command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans ip add + +Adds ip bans + +### Synopsis + +Adds ip bans. + +This subcommand allows adding ip bans to the regulation system. + +``` +authelia storage bans ip add <ip> [flags] +``` + +### Examples + +``` +authelia storage bans ip add --help +``` + +### Options + +``` + -d, --duration string the duration for the ban (default "1 day") + -h, --help help for add + -p, --permanent makes the ban effectively permanent + -r, --reason string includes a reason for the ban +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans ip](authelia_storage_bans_ip.md) - Manages ip bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_ip_list.md b/docs/content/reference/cli/authelia/authelia_storage_bans_ip_list.md new file mode 100644 index 000000000..d18e9baf6 --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_ip_list.md @@ -0,0 +1,70 @@ +--- +title: "authelia storage bans ip list" +description: "Reference for the authelia storage bans ip list command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans ip list + +Lists ip bans + +### Synopsis + +Lists ip bans. + +This subcommand allows listing ip bans from the regulation system. + +``` +authelia storage bans ip list [flags] +``` + +### Examples + +``` +authelia storage bans ip --help +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans ip](authelia_storage_bans_ip.md) - Manages ip bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_ip_revoke.md b/docs/content/reference/cli/authelia/authelia_storage_bans_ip_revoke.md new file mode 100644 index 000000000..1362fe996 --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_ip_revoke.md @@ -0,0 +1,71 @@ +--- +title: "authelia storage bans ip revoke" +description: "Reference for the authelia storage bans ip revoke command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans ip revoke + +Revokes ip bans + +### Synopsis + +Revokes ip bans. + +This subcommand allows revoking ip bans in the regulation system. + +``` +authelia storage bans ip revoke [ip] [flags] +``` + +### Examples + +``` +authelia storage bans ip revoke --help +``` + +### Options + +``` + -h, --help help for revoke + -i, --id int revokes the ban with the given id instead of the ip value +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans ip](authelia_storage_bans_ip.md) - Manages ip bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_user.md b/docs/content/reference/cli/authelia/authelia_storage_bans_user.md new file mode 100644 index 000000000..10f36843d --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_user.md @@ -0,0 +1,69 @@ +--- +title: "authelia storage bans user" +description: "Reference for the authelia storage bans user command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans user + +Manages user bans + +### Synopsis + +Manages user bans. + +This subcommand allows listing, creating, and revoking user bans from the regulation system. + +### Examples + +``` +authelia storage bans user --help +``` + +### Options + +``` + -h, --help help for user +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans](authelia_storage_bans.md) - Manages user and ip bans +* [authelia storage bans user add](authelia_storage_bans_user_add.md) - Adds user bans +* [authelia storage bans user list](authelia_storage_bans_user_list.md) - Lists user bans +* [authelia storage bans user revoke](authelia_storage_bans_user_revoke.md) - Revokes user bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_user_add.md b/docs/content/reference/cli/authelia/authelia_storage_bans_user_add.md new file mode 100644 index 000000000..733ab7822 --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_user_add.md @@ -0,0 +1,73 @@ +--- +title: "authelia storage bans user add" +description: "Reference for the authelia storage bans user add command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans user add + +Adds user bans + +### Synopsis + +Adds user bans. + +This subcommand allows adding user bans to the regulation system. + +``` +authelia storage bans user add <user> [flags] +``` + +### Examples + +``` +authelia storage bans user add --help +``` + +### Options + +``` + -d, --duration string the duration for the ban (default "1 day") + -h, --help help for add + -p, --permanent makes the ban effectively permanent + -r, --reason string includes a reason for the ban +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans user](authelia_storage_bans_user.md) - Manages user bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_user_list.md b/docs/content/reference/cli/authelia/authelia_storage_bans_user_list.md new file mode 100644 index 000000000..97ec92b32 --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_user_list.md @@ -0,0 +1,70 @@ +--- +title: "authelia storage bans user list" +description: "Reference for the authelia storage bans user list command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans user list + +Lists user bans + +### Synopsis + +Lists user bans. + +This subcommand allows listing user bans from the regulation system. + +``` +authelia storage bans user list [flags] +``` + +### Examples + +``` +authelia storage bans user --help +``` + +### Options + +``` + -h, --help help for list +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans user](authelia_storage_bans_user.md) - Manages user bans + diff --git a/docs/content/reference/cli/authelia/authelia_storage_bans_user_revoke.md b/docs/content/reference/cli/authelia/authelia_storage_bans_user_revoke.md new file mode 100644 index 000000000..d4c26ab6d --- /dev/null +++ b/docs/content/reference/cli/authelia/authelia_storage_bans_user_revoke.md @@ -0,0 +1,71 @@ +--- +title: "authelia storage bans user revoke" +description: "Reference for the authelia storage bans user revoke command." +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +weight: 905 +toc: true +seo: + title: "" # custom title (optional) + description: "" # custom description (recommended) + canonical: "" # custom canonical URL (optional) + noindex: false # false (default) or true +--- + +## authelia storage bans user revoke + +Revokes user bans + +### Synopsis + +Revokes user bans. + +This subcommand allows revoking user bans in the regulation system. + +``` +authelia storage bans user revoke [user] [flags] +``` + +### Examples + +``` +authelia storage bans user revoke --help +``` + +### Options + +``` + -h, --help help for revoke + -i, --id int revokes the ban with the given id instead of the user value +``` + +### Options inherited from parent commands + +``` + -c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml]) + --config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters' + --encryption-key string the storage encryption key to use + --mysql.database string the MySQL database name (default "authelia") + --mysql.host string the MySQL hostname + --mysql.password string the MySQL password + --mysql.port int the MySQL port (default 3306) + --mysql.username string the MySQL username (default "authelia") + --postgres.database string the PostgreSQL database name (default "authelia") + --postgres.host string the PostgreSQL hostname + --postgres.password string the PostgreSQL password + --postgres.port int the PostgreSQL port (default 5432) + --postgres.schema string the PostgreSQL schema name (default "public") + --postgres.ssl.certificate string the PostgreSQL ssl certificate file location + --postgres.ssl.key string the PostgreSQL ssl key file location + --postgres.ssl.mode string the PostgreSQL ssl mode (default "disable") + --postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location + --postgres.username string the PostgreSQL username (default "authelia") + --sqlite.path string the SQLite database path +``` + +### SEE ALSO + +* [authelia storage bans user](authelia_storage_bans_user.md) - Manages user bans + diff --git a/docs/data/configkeys.json b/docs/data/configkeys.json index 19ff5d878..dd621ea17 100644 --- a/docs/data/configkeys.json +++ b/docs/data/configkeys.json @@ -765,6 +765,11 @@ "env": "AUTHELIA_REGULATION_MAX_RETRIES" }, { + "path": "regulation.modes", + "secret": false, + "env": "AUTHELIA_REGULATION_MODES" + }, + { "path": "server.address", "secret": false, "env": "AUTHELIA_SERVER_ADDRESS" diff --git a/docs/static/schemas/v4.39/json-schema/configuration.json b/docs/static/schemas/v4.39/json-schema/configuration.json index 2e72ef96c..532545a9a 100644 --- a/docs/static/schemas/v4.39/json-schema/configuration.json +++ b/docs/static/schemas/v4.39/json-schema/configuration.json @@ -770,7 +770,7 @@ "filter", "memberof" ], - "title": "Groups Search Mode", + "title": "Groups Search Modes", "description": "The LDAP group search mode used to search for group objects.", "default": "filter" }, @@ -1597,8 +1597,8 @@ "explicit", "implicit" ], - "title": "Requested Audience Mode", - "description": "The Requested Audience Mode used for this client." + "title": "Requested Audience Modes", + "description": "The Requested Audience Modes used for this client." }, "consent_mode": { "type": "string", @@ -1608,8 +1608,8 @@ "implicit", "pre-configured" ], - "title": "Consent Mode", - "description": "The Consent Mode used for this client." + "title": "Consent Modes", + "description": "The Consent Modes used for this client." }, "pre_configured_consent_duration": { "oneOf": [ @@ -1623,7 +1623,7 @@ } ], "title": "Pre-Configured Consent Duration", - "description": "The Pre-Configured Consent Duration when using Consent Mode pre-configured for this client." + "description": "The Pre-Configured Consent Duration when using Consent Modes pre-configured for this client." }, "require_pushed_authorization_requests": { "type": "boolean", @@ -2435,7 +2435,7 @@ } ], "title": "JARM", - "description": "Allows tuning the token lifespan for the JWT Secured Authorization Response Mode (JARM)." + "description": "Allows tuning the token lifespan for the JWT Secured Authorization Response Modes (JARM)." }, "custom": { "patternProperties": { @@ -3057,6 +3057,21 @@ }, "Regulation": { "properties": { + "modes": { + "items": { + "type": "string", + "enum": [ + "user", + "ip" + ] + }, + "type": "array", + "title": "Regulation Modes", + "description": "The modes to use for regulation.", + "default": [ + "user" + ] + }, "max_retries": { "type": "integer", "title": "Maximum Retries", |