barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-28 12:45:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
290 Commits 35 Branches 89 Tags
318f00993e8fe30396052b1fc1630cccde204d19
Commit Graph

112 Commits

Author SHA1 Message Date
Stavros
318f00993e Feat/new UI (#153) 
* wip

* feat: make forms functional

* feat: finalize pages

* chore: remove unused translations

* feat: app context

* feat: user context

* feat: finalize username login

* fix: use correct tab order in login form

* feat: add oauth logic

* chore: update readme and assets

* chore: rename docs back to assets

* feat: favicons

* feat: custom background image config option

* chore: add acknowledgements for background image

* feat: sanitize redirect URL

* feat: sanitize redirect URL on check

* chore: fix dependabot config

* refactor: bot suggestions

* fix: correctly redirect to app and check for untrusted redirects

* fix: run oauth auto redirect only when there is a redirect URI

* refactor: change select color

* fix: fix dockerfiles

* fix: fix hook rendering

* chore: remove translations cdn

* chore: formatting

* feat: validate api response against zod schema

* fix: use axios error instead of generic error in login page
 2025-05-20 17:17:12 +03:00
Stavros
91e3bbc9d9 refactor: store version in constants 2025-05-20 16:39:27 +03:00
Stavros
ff48fa320e feat: nightly release workflow 2025-05-15 16:41:26 +03:00
Stavros
5a601277ab refactor: remove www authenticate header 2025-05-06 17:01:46 +03:00
Stavros
58588d6663 fix: allow docker api negotiation 2025-05-03 16:37:37 +00:00
Stavros
2db7795eb7 fix: use email in oauth whitelist check 2025-05-02 15:16:57 +03:00
Stavros
a98a91a394 fix: only use groups in OAuth 2025-05-01 22:01:08 +03:00
Stavros
773942dc3b feat: add support for auto redirecting to oauth providers 2025-05-01 14:18:26 +03:00
Stavros
83483d6374 fix: disable basic auth on totp users 2025-05-01 13:05:48 +03:00
Stavros
a9e8bf89a9 feat: map info from OIDC claims to headers (#122) 
* refactor: return all values from body in the providers

* refactor: only accept claims following the OIDC spec

* feat: map info from OIDC claims to headers

* feat: add support for required oauth groups

* fix: bot suggestions

* feat: get claims from github and google

* fix: close body correctly
 2025-04-30 19:57:49 +03:00
Stavros
1c738b718a refactor: log actual errors when an error takes place 2025-04-25 17:03:12 +03:00
Stavros
3436466cff chore: bump version 2025-04-23 18:56:00 +03:00
Stavros
84f550023a tests: fix api tests 2025-04-23 15:12:38 +03:00
Stavros
9923eb9b8f tests: add new var in tests 2025-04-23 14:33:17 +03:00
Stavros
db43f1cb7a feat: add custom forgot password message 2025-04-23 14:31:38 +03:00
Stavros
85ad0d19c7 feat: add regex support to oauth whitelist 2025-04-18 19:36:50 +03:00
Stavros
dc731cff10 feat: add regex support in user and oauth whitelist 2025-04-18 19:15:59 +03:00
Stavros
e11d14fda0 feat: add trusted URLs 2025-04-15 13:44:23 +03:00
Stavros
02faabf688 feat: add CSRF cookie protection 2025-04-14 20:00:58 +03:00
Stavros
eb36b2211b chore: cleanup redirect cookie 2025-04-14 19:45:50 +03:00
Stavros
0761c2f5c1 refactor: remove redirect URL from session cookie 2025-04-14 19:42:52 +03:00
Stavros
525f4f3041 chore: bump version 2025-04-10 15:35:43 +03:00
Stavros
8a21345706 fix: handle new lines and spaces in the secret files 2025-04-10 15:34:46 +03:00
Stavros
1169c633cc refactor: remove tailscale oauth 2025-04-10 15:14:01 +03:00
Stavros
a579cf37ce fix: allow user if users label is empty 2025-04-09 17:44:59 +03:00
Stavros
38c5cd7b32 fix: tinyauth should allow the user to access a resource if a whitelist is not setup 2025-04-08 16:24:25 +03:00
Stavros
8e84e59c2f refactor: simplify the get cookie data handling 2025-04-06 20:53:24 +03:00
Stavros
bd7e160e10 refactor: store redirect URI in tinyauth session cookie 2025-04-06 20:37:02 +03:00
Stavros
df849d5a5c refactor: remove dependency on gin sessions 2025-04-06 19:13:09 +03:00
Stavros
5cf4e208c6 refactor: use centralized config in auth service 2025-04-06 18:55:24 +03:00
Alexander
07ddd4f917 feat: add brute force protection (#59) 
* feat: add brute force protection

* fix: bind flags to env

---------

Co-authored-by: Stavros <steveiliop56@gmail.com>
 2025-04-06 18:28:20 +03:00
Stavros
2ed90dfa34 chore: bump version 2025-03-30 15:07:19 +03:00
Stavros
14ce8ecf98 feat: add ability to set custom headers 2025-03-26 18:05:43 +02:00
Stavros
fd32e737a3 feat: add i18n 2025-03-19 19:36:48 +02:00
Stavros
3ccc831a1f refactor: make error handling simpler (#55) 2025-03-19 16:41:19 +02:00
Stavros
f3471880ee refactor/handlers (#51) 
* wip

* refactor: use prefix instead of patern in docker meta

* tests: fix tests
 2025-03-19 15:48:16 +02:00
Stavros
52f189563b refactor: split app context and user context (#48) 
* refactor: split app context and user context

* tests: fix api tests

* chore: rename dockerfiles

* fix: use correct forwardauth address
 2025-03-14 20:38:09 +02:00
Stavros
ec67ea3807 refactor: detect if using browser or headless client for better responses 2025-03-10 17:02:23 +02:00
Stavros
3649d0d84e fix: allow oauth resource when oauth whitelist is empty 2025-03-10 16:22:32 +02:00
Stavros
8cc0f8b31b chore: bump version 2025-03-09 18:44:45 +02:00
Stavros
631059be69 refactor: rename x-tinyauth-user to remote-user 2025-03-09 18:41:20 +02:00
Stavros
5188089673 Feat/totp (#45) 
* wip

* feat: finalize totp gen code

* refactor: split login screen and forms

* feat: add totp logic and ui

* refactor: make totp pending expiry time fixed

* refactor: skip all checks when disable continue is enabled

* fix: fix cli not exiting on invalid input
 2025-03-09 18:39:25 +02:00
Stavros
33904f7f86 refactor: rename remote user to x tinyauth user 2025-03-04 16:00:28 +02:00
WilliamB78
7e0bc84b0f feat: add Remote-User header 2025-03-04 09:59:42 +01:00
Stavros
fc3f8b5036 refactor: rename the run function to runCheck in the docker helper 2025-02-26 19:31:37 +02:00
Stavros
3030fc5fcf refactor: change error to 500 when there is an error 2025-02-26 19:27:43 +02:00
Stavros
e4379cf3ed feat: allowed paths label 2025-02-26 19:25:54 +02:00
Stavros
30aab17f06 feat: allow custom app and generic oauth title 2025-02-23 20:51:56 +02:00
Stavros
7ee0b645e6 chore: bump version 2025-02-19 17:41:23 +02:00
Stavros
d1c6ae1ba1 fix: redirect to frontend when no redirect uri is present in oauth callback 2025-02-16 22:48:04 +02:00