Skip to content

Releases: openwisp/openwisp-radius

1.1.0 [2024-11-21]

21 Nov 21:02
1.1.0
Compare
Choose a tag to compare

Features

Changes

Backward incompatible changes

Deprecation warnings

  • Using the default key in OPENWISP_RADIUS_PASSWORD_RESET_URLS is deprecated. Use __all__ instead.
  • Using organization slugs for key in OPENWISP_RADIUS_CALLED_STATION_IDS are deprecated. Use organization IDs instead.
  • In delete_old_radiusbatch_users management command, the --older-than-months option is deprecated. Use --older-than-days instead.

Dependencies

  • Bumped weasyprint~=59.0.
  • Bumped pydyf~=0.10.0.
  • Bumped dj-rest-auth~=6.0.0.
  • Bumped openwisp-utils[rest,celery]~=1.1.1.
  • Bumped openwisp-users~=1.1.0.
  • Bumped django-private-storage~=3.1.0.
  • Bumped django-ipware~=5.0.0.
  • Bumped djangosaml2~=1.9.2.
  • Added support for Django 4.1.x and 4.2.x.
  • Added support for Python 3.10.
  • Dropped support for Python 3.7.
  • Dropped support for Django 3.0.x and 3.1.x.

Other changes

  • The cleanup_stale_radacct management command now uses the session's update_time to determine staleness, falling back to start_time if update_time is unavailable.
  • Stopped sending login email notifications when accounting framed protocol is PPP.
  • Send login emails only to users with verified email addresses.
  • Grouped SMS features in the organization admin.
  • Allowed counter's check method to return None to prevent adding a reply to the response.
  • The email received from the IdP in SAML registration will be flagged as verified.

Bugfixes

  • Fixed validation for organization's password reset URLs.
  • Fixed saving RadiusCheck / RadiusReply objects without an organization returning a 500 HTTP response.
  • Fixed handling of accounting stop requests with empty octets.
  • Prevented user registration with landline numbers.
  • Ignored [IntegrityError]{.title-ref} on duplicate accounting start requests.
  • Removed default values from fallback fields.
  • User need to have required model permissions to perform admin actions.

1.0.2 [2022-12-05]

05 Dec 13:32
1.0.2
Compare
Choose a tag to compare

Bugfixes

  • Made private storage backend configurable
  • Updated API views to use filterset_class instead of filter_class (required by django-filter==22.1)
  • Fixed organization cache bug in SAML ACS view: A forceful update of the user's organization cache is done before performing post-login operations to avoid issues occurring due to outdated cache.
  • Added missing Furlan translation for sesame link validity
  • Use storage backend method for deleting RadiusBatch.csvfile: The previous implementation used the os module for deleting resisdual csv files. This causes issues when the project uses a file storage backend other than based on file system.
  • Added error handling in RadiusBatch admin change view: Accessing admin change view of a non-existent RadiusBatch object resulted in Server Error 500 because the DoesNotExist conditioned was not handled.
  • Load image using static() in RegisteredUserInline.get_is_verified
  • Use path URL kwarg in "serve_private_file" URL pattern
  • Honor DISPOSABLE_RADIUS_USER_TOKEN in accounting stop API view: The accounting stop REST API operation was not taking into account the OPENWISP_RADIUS_DISPOSABLE_RADIUS_USER_TOKEN setting when disabling the auth capability of the radius token.

1.0.1 [2022-05-10]

10 May 22:28
1.0.1
Compare
Choose a tag to compare
  • Fixed a bug in the organization radius settings form which was causing it
    to not display some default values correctly
  • Fixed a bug in allowed mobile prefix implementation:
    the implementation was joining the globally allowed prefixes
    and the prefixes allowed at org level, with the result
    that disabling a prefix at org level was not possible
  • Called-station-ID command: log with warning instead of warn or error:
    • warn > warning (warn is deprecated)
    • use warning instead of errors for more temporary connection issues cases

1.0.0 [2022-04-18]

18 Apr 20:36
1.0.0
Compare
Choose a tag to compare

Version 1.0.0 [2022-04-18]

Features

Changes

Backward incompatible changes

  • Updated prefixes of REST API URLs:
    • API endpoints dedicated to FreeRADIUS have moved to
      /api/v1/freeradius/
    • the rest of the API endpoints have moved to /api/v1/radius/
  • Allowed username and phone_number in password reset API, the
    endpoint now accepts the "input" parameter instead of "email"
  • Removed customizations for checks and password hashing because they
    are unmaintained, any user needing these customizations is advised
    to implement them as a third party app
  • Improved REST API to change password: inherited PasswordChangeView
    of openwisp-users to add support for the current-password field in
    password change view

Dependencies

  • Added support for Django 3.2 and 4.0
  • Dropped support for Django 2.2
  • Upgraded celery to 5.2.x
  • Updated and tested Django REST Framework to 3.13.0
  • Added support for Python 3.8, 3.9
  • Removed support for Python 3.6

Other changes

  • Moved AccountingView to freeradius endpoints
  • Relaxed default values for the SMS token settings
  • Switched to new navigation menu and new OpenWISP theme
  • Allowed users to sign up to multiple organizations
  • Update username when phone number is changed if username is equal to
    the phone number
  • Update stop time and termination to None if status_type is
    Interim-Update
  • Send password reset emails using HTML theme: leverage the new
    openwisp-utils send_email function to send an HTML version of
    the reset password email based on the configurable email HTML theme
    of OpenWISP
  • Save the user preferred language in obtain and validate token views
  • Added validation check to prevent invalid username in batch user
    creation
  • Allowed to set the Password Reset URL setting via the admin
    interface
  • Added soft limits to celery tasks for background operations
  • Generalized the implementation of the fallback model fields which
    allow overriding general settings for each organization

Bugfixes

  • Fixed login template of openwisp-admin-theme
  • Fixed swagger API docs collision with openwisp-users
  • Ensured each user can be member of a group only once
  • Radius check and reply should check for organization membership
  • ValidateAuthTokenView: show phone_number as null if None
  • Freeradius API: properly handle interaction between multiple orgs:
    an user trying to authorize using the authorization data of an org
    for which they are not member of must be rejected
  • Fixed radius user group creation with multiple orgs
  • Added validation of phone number uniqueness in the registration API
  • Fixed issues with translatable strings:
    • we don't translate log lines anymore because these won't be
      shown to end users
    • gettext does not work with fstrings, therefore the use of
      str.format() has been restored
    • improved some user facing strings
  • Fixed Accounting-On and Accounting-Of accounting requests with blank
    usernames
  • Delete any cached radius token key on phone number change
  • Fixed handling of interim-updates for closed sessions: added
    handling of "Interim-Updates" for RadiusAccounting sessions that are
    closed by OpenWISP when user logs into another organization
  • Flag user as verified in batch user creation
  • Added validation which prevents the creation of duplicated
    check/reply attributes

0.2.1 [2020-12-14]

14 Dec 18:37
0.2.1
Compare
Choose a tag to compare
  • Increased openwisp-users and openwisp-utils versions to be consistent with the OpenWISP 2020-12 release
  • Increased dj-rest-auth to 2.1.2 and weasyprint to 52

0.2.0 [2020-12-11]

11 Dec 21:13
0.2.0
Compare
Choose a tag to compare

Features

  • Changing the phone number via the API now keeps track of previous phone numbers used by the user to comply with ISP legal requirements

Changes

  • Obtain Auth Token View API endpoint: added is_active attribute to response
  • Obtain Auth Token View API endpoint: if the user attempting to authenticate is inactive, the API will return HTTP status code 401 along with the auth token and is_active attribute
  • Validate Auth Token View API endpoint: added is_active, phone_number and email to response data
  • When changing phone number, user is flagged as inactive only after the phone token is created and sent successfully
  • All API endpoints related to phone token and SMS sending are now disabled (return 403 HTTP response) if SMS verification not enabled at organization level

Bugfixes

  • Removed static() call from media assets
  • Fixed password reset for inactive users
  • Fixed default password reset URL value and added docs
  • Documentation: fixed several broken internal links

0.1.0 [2020-09-10]

09 Sep 23:38
0.1.0
Compare
Choose a tag to compare
  • administration web interface
  • support for freeradius 3.0
  • multi-tenancy
  • REST API
  • integration with rlm_rest module of freeradius
  • possibility of registering new users via API
  • social login support
  • mobile phone verification via SMS tokens
  • possibility to import users from CSV files
  • possibility to generate users for events
  • management commands and/or celery tasks to perform clean up operations and periodic tasks
  • possibility to extend the base classes and swap models to add custom functionality without changing the core code