barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-27 20:25:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
504 Commits 35 Branches 89 Tags
main
Commit Graph

201 Commits

Author SHA1 Message Date
Stavros
0227af6d2b refactor: rework decoders logic for cleaner code (#431) 
* refactor: rework decoders logic for cleaner code

* refactor: use strcase lib to handle text case conversions
 2025-10-26 12:01:19 +02:00
Chris Ellrich
c5bb389258 feat: ACL labels from environment variables (#422) 
* feat: add LabelService to retrieve application labels from environment variables

* feat: allow usage of labels from docker and env variables simultaneously

Prioritize labels from environment variables over labels from docker
labels

* fix: handle error returned by label_serive.go/LoadLabels

see https://github.com/steveiliop56/tinyauth/pull/422#discussion_r2443443032

* refactor(label_service): use simple loop instead of slices.ContainsFunc to avoid experimental slices package
see https://github.com/steveiliop56/tinyauth/pull/422#pullrequestreview-3354632045

* refactor: merge acl logic into one service

---------

Co-authored-by: Stavros <steveiliop56@gmail.com>
 2025-10-21 16:02:31 +03:00
Stavros
6647c6cd78 refactor: use gorm generics api for database actions 2025-10-19 19:16:53 +03:00
Stavros
7231efcbc3 feat: add routine to cleanup expired sessions 2025-10-19 19:10:24 +03:00
Stavros
5482430907 refactor: generate a verifier on every oauth auth session 2025-10-19 19:03:38 +03:00
Scott McKendry
f628d1f0b3 fix(redirect): allow root cookie domain host redirects (#409) 
Previously IsRedirectSafe rejected redirects to the exact cookie domain
when AppURL had multiple subdomain levels, because it stripped the first
label twice.
 2025-10-13 11:55:43 +03:00
Stavros
64222b6d15 fix: don't use container name in label discovery 2025-10-12 11:29:31 +03:00
Stavros
1b87ed9b99 feat: add config dumps to trace log level 2025-10-12 11:29:31 +03:00
Stavros
9b76a84ee2 feat: add trace logging 2025-10-11 15:27:01 +03:00
Stavros
fc7e395e66 feat: sort configured providers based on name length 2025-10-10 17:16:22 +03:00
Stavros
b940d681c3 feat: use recovery gin middleware in engine 2025-10-10 16:42:19 +03:00
Stavros
a1ec4a69cf fix: remove spaces before checking oauth name and username 2025-10-10 16:28:52 +03:00
Stavros
5a4855c12c refactor: move docker connection check to start up 2025-10-10 15:45:04 +03:00
CzBiX
76f2014444 feat: add http cache for static files (#395) 
* feat: add http cache for static files

fix #392

* minor typo fix
 2025-10-08 18:58:22 +03:00
Stavros
c77da30d87 refactor: set gin mode using env 2025-10-08 16:24:14 +03:00
Stavros
287c6f975f fix: do not allow request if docker labels check fail 2025-10-08 15:44:34 +03:00
Stavros
adffb4ac0a fix: names in oauth broker 2025-10-08 15:15:30 +03:00
Stavros
f0a48cc91c feat: add health check command 2025-10-06 21:45:23 +03:00
Stavros
085f6257c5 fix: fix oauth group provider check 2025-09-25 22:35:44 +03:00
Stavros
c307f7eb2e fix: handle 201 status for heartbeat 2025-09-22 19:56:59 +03:00
Stavros
5dd8526833 fix: fix key normalization function handing more cases than it needs to 2025-09-22 19:29:55 +03:00
Stavros
e8558b89b4 fix: set gin mode correctly 2025-09-22 16:15:55 +03:00
Stavros
f8047a6c2e feat: add option to disable resources server 2025-09-22 15:52:43 +03:00
Stavros
c9867ccb76 chore: fix typo 2025-09-20 11:08:57 +03:00
Stavros
866933b3d6 fix: fix version handling in docker and cd 2025-09-19 15:38:32 +03:00
Stavros
d70cbea546 chore: handle trusted proxies config error 2025-09-19 14:53:10 +03:00
Stavros
50105e4e9d feat: version info analytics (#363) 
* feat: version info analytics

* refactor: don't create new client everytime
 2025-09-19 14:44:22 +03:00
Stavros
b62b2932fe fix: only set trusted proxies if config option is not empty 2025-09-16 15:14:42 +03:00
Stavros
5c866bad1a feat: multiple oauth providers (#355) 
* feat: add flag decoder (candidate)

* refactor: finalize flags decoder

* feat: add env decoder

* feat: add oauth config parsing logic

* feat: implement backend logic for multiple oauth providers

* feat: implement multiple oauth providers in the frontend

* feat: add some default icons

* chore: add credits for parser

* feat: style oauth auto redirect screen

* fix: bot suggestions

* refactor: rework decoders using simpler and more efficient pattern

* refactor: rework oauth name database migration
 2025-09-16 13:28:28 +03:00
Stavros
2d78e6b598 feat: add cookie domain back to context controller 2025-09-10 13:47:48 +03:00
Stavros
e03eaf4f08 feat: add psl check in cookie domain 2025-09-10 13:43:08 +03:00
Stavros
74cb8067a8 tests: add util tests 2025-09-03 17:52:51 +03:00
Stavros
ba46493a7b tests: add proxy controller tests 2025-09-03 15:30:24 +03:00
Stavros
bb0373758a tests: add resources controller test 2025-09-03 14:58:24 +03:00
Stavros
f8836fc964 tests: test user context handler with no context 2025-09-03 13:36:11 +03:00
Stavros
53856e0a70 tests: test invalid json in user controller 2025-09-03 13:31:45 +03:00
Stavros
9b7dcfd86f tests: add user controller tests 2025-09-03 13:28:27 +03:00
Stavros
7afea8b3fc tests: add tests for context controller 2025-09-03 12:45:23 +03:00
Stavros
f5ac7eff99 refactor: mode label decoder to separate package 2025-09-03 12:23:21 +03:00
Stavros
b024d5ffda feat: allow for dash substitute in ip filters for environments like kubernetes 2025-09-03 12:16:06 +03:00
Stavros
773cd6d171 feat: add trusted proxies config value 2025-09-03 12:14:13 +03:00
Stavros
f3eb7f69b4 Revert "feat: header based acls (#337)" (#340) 
This reverts commit f0d2da281a.
 2025-09-03 12:12:18 +03:00
Stavros
f0d2da281a feat: header based acls (#337) 
* feat: add header decoder

* feat: allow for dash substitute over slash for environments like kubernetes

* feat: use decoded headers in proxy controller

* refactor: simplify decode header to node function

* refactor: use stdlib prefix check in header decoder

* fix: lowercase key and filter before comparing
 2025-09-02 19:06:52 +03:00
Stavros
9ce16c9652 fix: expire csrf cookie if it's invalid 2025-09-02 18:38:11 +03:00
Stavros
ad4fc7ef5f refactor: don't export non-needed fields (#336) 
* refactor: don't export non-needed fields

* feat: coderabbit suggestions

* fix: avoid queries panic
 2025-09-02 01:27:55 +03:00
Stavros
5184c96e85 feat: add mutex to ldap service 2025-09-02 00:08:19 +03:00
Stavros
b9e35716ac feat: invalid domain warning (#332) 
* wip

* refactor: update domain warning layout

* i18n: add domain warning translations

* refactor: rework hooks usage

* feat: clear timeouts

* fix: use useeffect to cleanup timeout

* refactor: rework redirects and history storage

* refactor: rename domain to root domain
 2025-09-01 18:22:42 +03:00
Stavros
c7c3de4f78 refactor: unify labels (#329) 
* refactor: unify labels

* feat: implement path block and user block

Fixes #313

* fix: fix oauth group check logic

* chore: fix typo
 2025-08-29 17:04:34 +03:00
Stavros
03d06cb0a7 feat: add sqlite database for storing sessions (#326) 
* feat: add sqlite database for storing sessions

* refactor: use db instance instead of service in auth service

* fix: coderabbit suggestions
 2025-08-29 12:35:11 +03:00
Stavros
504a3b87b4 refactor: rework file structure (#325) 
* wip: add middlewares

* refactor: use context fom middleware in handlers

* refactor: use controller approach in handlers

* refactor: move oauth providers into services (non-working)

* feat: create oauth broker service

* refactor: use a boostrap service to bootstrap the app

* refactor: split utils into smaller files

* refactor: use more clear name for frontend assets

* feat: allow customizability of resources dir

* fix: fix typo in ui middleware

* fix: validate resource file paths in ui middleware

* refactor: move resource handling to a controller

* feat: add some logging

* fix: configure middlewares before groups

* fix: use correct api path in login mutation

* fix: coderabbit suggestions

* fix: further coderabbit suggestions
 2025-08-26 15:05:03 +03:00