Amir Zarrinkafsh

> @james-d-elliott It was working in the way I described a long time ago(forgot when). And it would make sense since the policy is deny without any subjects. If there...

``` time="2021-02-09T23:31:28+01:00" level=info msg="Access to https://yt.mydomain.com/results?search_query=authelia&quality=dash&autoplay=1 is not authorized to user , sending 401 response" method=GET path=/api/verify remote_ip=192.168.180.4 time="2021-02-09T23:31:46+01:00" level=info msg="Access to https://yt.mydomain.com/results?search_query=authelia&quality=dash&autoplay=1 is not authorized to user , sending...

You only need one of either X-Original-URL or the set of X-Forwarded-* headers. Except if you use X-Original-URL you also need X-Forwarded-Method if performing method filtering.

Thanks for filing the issue. Looking at the code we can confirm the scenario you suggested, so this is indeed a bug. We'll refactor this to fix the issue and...

Great write up, my only concern really is around around token revocation day 1. If we're expecting Phase 2 to be followed quite quickly then that concern is partially allayed....

@Ornias1993 yes I believe that is the case. I personally haven't tested the branch but last I recall @clems4ever was working on the frontend elements to finalise the PR. I'm...

Thanks for the report @bfd69 I'm struggling to understand what this feature request is looking to actually achieve. Are you looking to regulate when users are allowed to access specific...

@bfd69 what LDAP implementation are you using? #2182 will provide the ability to achieve your outcome however from my research this isn't natively available in OpenLDAP. We avoid the creation...

> Hey thanks for your contributions! This one looks awesome. Just a small note the scope should be a single scope, I'd recommend handlers, but it's really which ever scope...

So I've just had a play with this PR and noticed that I'll never saw the `Update Password` button. This is because based on your current changes only users which...