* fix(ldap): pass through LDAP mail attribute instead of crafting email
TinyAuth was constructing LDAP user emails as username@CookieDomain
instead of using the mail attribute stored in the directory. This caused
OIDC clients like Grafana to receive a synthetic email rather than the
real one.
Rename GetUserDN to GetUserInfo and extend it to also fetch the mail
attribute in the same LDAP query. Thread the result through UserSearch
and use it in both the login flow and the basic auth middleware, falling
back to the crafted email only when LDAP returns no mail value.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* chore: add ldap email logic back after main merge
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Stavros <steveiliop56@gmail.com>
* feat: add new logger
* refactor: use one struct for context handling and cancellation
* refactor: rework logging and config in controllers
* refactor: rework logging and config in middlewares
* refactor: rework logging and cancellation in services
* refactor: rework cli logging
* fix: improve logging in routines
* feat: use sync groups for better cancellation
* refactor: simplify middleware, controller and service init
* tests: fix controller tests
* tests: use require instead of assert where previous step is required
* tests: fix middleware tests
* tests: fix service tests
* tests: fix context tests
* fix: fix typos
* feat: add option to enable or disable concurrent listeners
* fix: assign public key correctly in oidc server
* tests: fix don't try to test logger with char size
* fix: coderabbit comments
* tests: use filepath join instead of path join
* fix: ensure unix socket shutdown doesn't run twice
* chore: remove temp lint file
* Refactor logging to use centralized logger utility
- Removed direct usage of zerolog in multiple files and replaced it with a centralized logging utility in the `utils` package.
- Introduced `Loggers` struct to manage different loggers (Audit, HTTP, App) with configurable levels and outputs.
- Updated all relevant files to utilize the new logging structure, ensuring consistent logging practices across the application.
- Enhanced error handling and logging messages for better traceability and debugging.
* refactor: update logging implementation to use new logger structure
* Refactor logging to use tlog package
- Replaced instances of utils logging with tlog in various controllers, services, and middleware.
- Introduced audit logging for login success, login failure, and logout events.
- Created tlog package with structured logging capabilities using zerolog.
- Added tests for the new tlog logger functionality.
* refactor: update logging configuration in environment files
* fix: adding coderabbit suggestions
* fix: ensure correct audit caller
* fix: include reason in audit login failure logs
* ldap: Add mTLS authentication support to LDAP backend
* ldap: Reuse BindService() for initial bind attempt
* ldap: Make LdapService.config private
Now that we have ldap.BindService(), we don't need to access any
members of LdapService.config externally.
* ldap: Add TODO note about STARTTLS/SASL authentication
* ldap: Add TODO note about mTLS and extra CA certificates
* chore: fix typo
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---------
Co-authored-by: Stavros <steveiliop56@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* wip: add middlewares
* refactor: use context fom middleware in handlers
* refactor: use controller approach in handlers
* refactor: move oauth providers into services (non-working)
* feat: create oauth broker service
* refactor: use a boostrap service to bootstrap the app
* refactor: split utils into smaller files
* refactor: use more clear name for frontend assets
* feat: allow customizability of resources dir
* fix: fix typo in ui middleware
* fix: validate resource file paths in ui middleware
* refactor: move resource handling to a controller
* feat: add some logging
* fix: configure middlewares before groups
* fix: use correct api path in login mutation
* fix: coderabbit suggestions
* fix: further coderabbit suggestions
Ilyas