4e760e8397
feat: add option to enable or disable concurrent listeners
2026-05-09 13:52:49 +03:00
02b48aa165
fix: fix typos
2026-05-09 13:42:44 +03:00
71ddfbbdba
feat: use sync groups for better cancellation
2026-05-08 18:08:27 +03:00
b73a9db061
fix: improve logging in routines
2026-05-08 17:43:20 +03:00
0958c3b864
refactor: rework cli logging
2026-05-08 17:22:21 +03:00
112a30f6b2
refactor: rework logging and config in controllers
2026-05-08 16:39:01 +03:00
592c221b2d
refactor: use one struct for context handling and cancellation
2026-05-07 22:31:51 +03:00
6602b52f85
feat: add support for oauth whitelist file ( #817 ) ( #826 )
...
* feat: add support for oauth whitelist file (#817 )
* Merge branch 'main' into feat/oauth-whitelist-file
* fix: fix conflicts
* tests: use testify for testing
---------
Co-authored-by: Stavros <steveiliop56@gmail.com >
2026-05-07 16:35:38 +03:00
ca6a7fa551
feat: add option to run tinyauth on a top-level domain ( #710 )
...
* Add TINYAUTH_AUTH_SUBDOMAINSENABLED option
Setting it to false allows to use Tinyauth on top-level domain only,
but forbids automatic cross-app authentication using Traefik/Nginx.
* fix: inform services and controllers if subdomain cookie domain is enabled
* chore: rabbit feedback
* fix: deny ip addresses for standalone domain
---------
Co-authored-by: Stavros <steveiliop56@gmail.com >
2026-05-07 16:12:24 +03:00
1382ab41e7
refactor: rework user context handling throughout tinyauth ( #829 )
...
* wip
* fix: fix util imports
* fix: fix bootstrap import issues
* fix: fix cli imports
* fix: context controller
* fix: use new context in user controller
* fix: fix imports and context in proxy controller
* fix: fix oauth and oidc controller imports and context
* feat: finalize context functionality
* refactor: simplify acls checking logic by passing the entire acl struct
* chore: rename get basic auth to encode basic auth for clarity
* fix: fix controller tests
* tests: fix service tests
* tests: fix utils tests
* tests: move to testify for testing in utils
* fix: fix config reference generator
* tests: add tests for context parsing
* tests: add tests for context middleware
* tests: remove error wrapper from context tests
* tests: fix log wrapper tests
* fix: fix verion setting in cd and dockerfiles
* fix: review comments batch 1
* fix: review comments batch 2
* fix: review comments batch 3
* fix: delete totp pending session cookie on totp success
* tests: fix user controller tests
* fix: don't audit login too early
* fix: own comments
2026-05-07 15:41:07 +03:00
5d95123dcb
feat(oidc): support for all in-spec attributes and scopes ( #777 )
...
* feat(oidc): support for all in-spec attributes and scopes
* add tests
* assert phone/email verified when either is set
* update tests
* add claims back to userinfo
* remove redundant column drop in migration
* fix duplicate migration id
* fix clobbered imports post-rebase
2026-04-27 19:25:52 +03:00
f3186571cc
Organisation update, steveiliop56 to tinyauthapp ( #793 )
...
* infrastructure and docs
* code
* fix issue templates
* chore: fix scoreboard url
* chore: remove migration warning
* chore: fix readme docs link
---------
Co-authored-by: Stavros <steveiliop56@gmail.com >
2026-04-26 17:13:53 +03:00
479f165781
fix: fail app on empty app url before parsing
2026-04-16 12:44:24 +03:00
f257d00648
fix: use fmt println to show warning regardless of log level
2026-04-14 13:43:24 +03:00
9f77816a1d
feat: add organization migration note
2026-04-14 13:26:55 +03:00
f26c217161
refactor: oauth flow ( #726 )
...
* wip
* feat: add oauth session impl in auth service
* feat: move oauth logic into auth service and handle multiple sessions
* tests: fix tests
* fix: review comments
* fix: prevent ddos attacks in oauth rate limit
2026-03-22 21:03:32 +02:00
cd410b6cdf
refactor: categorize leftover config options ( #682 )
...
* refactor: categorize leftover config options
* chore: update config description
2026-03-02 19:49:59 +02:00
fb671139cd
feat: auto generate redirect url if empty
2026-02-02 16:25:49 +02:00
671343f677
feat: oidc ( #605 )
...
* chore: add oidc base config
* wip: authorize page
* feat: implement basic oidc functionality
* refactor: implement oidc following tinyauth patterns
* feat: adapt frontend to oidc flow
* fix: review comments
* fix: oidc review comments
* feat: refresh token grant type support
* feat: cleanup expired oidc sessions
* feat: frontend i18n
* fix: fix typo in error screen
* tests: add basic testing
* fix: more review comments
* refactor: rework oidc error messages
* feat: openid discovery endpoint
* feat: jwk endpoint
* i18n: fix typo
* fix: more rabbit nitpicks
* fix: final review comments
* i18n: authorize page error messages
2026-02-01 19:00:59 +02:00
4926e53409
feat: ldap group acls ( #590 )
...
* wip
* refactor: remove useless session struct abstraction
* feat: retrieve and store groups from ldap provider
* chore: fix merge issue
* refactor: rework ldap group fetching logic
* feat: store ldap group results in cache
* fix: review nitpicks
* fix: review feedback
2026-01-17 20:03:29 +02:00
53bd413046
feat: configurable component-level logging ( #575 )
...
* Refactor logging to use centralized logger utility
- Removed direct usage of zerolog in multiple files and replaced it with a centralized logging utility in the `utils` package.
- Introduced `Loggers` struct to manage different loggers (Audit, HTTP, App) with configurable levels and outputs.
- Updated all relevant files to utilize the new logging structure, ensuring consistent logging practices across the application.
- Enhanced error handling and logging messages for better traceability and debugging.
* refactor: update logging implementation to use new logger structure
* Refactor logging to use tlog package
- Replaced instances of utils logging with tlog in various controllers, services, and middleware.
- Introduced audit logging for login success, login failure, and logout events.
- Created tlog package with structured logging capabilities using zerolog.
- Added tests for the new tlog logger functionality.
* refactor: update logging configuration in environment files
* fix: adding coderabbit suggestions
* fix: ensure correct audit caller
* fix: include reason in audit login failure logs
2026-01-15 15:57:19 +02:00
e7bd64d7a3
feat: add session max lifetime and fix refresh logic ( #559 )
...
* feat: allow any HTTP method for /api/auth/envoy and restrict methods for non-envoy proxies
* feat: add Allow header for invalid methods in proxyHandler
* feat: add session max lifetime and fix refresh logic
* fix: set default value for created_at column and improve session expiration logic
---------
Co-authored-by: Stavros <steveiliop56@gmail.com >
2026-01-07 13:37:23 +02:00
7e17a4ad86
refactor: replace gorm with vanilla sql and sqlc ( #541 )
...
* refactor: replace gorm with vanilla sql and sqlc
* chore: go mod tidy
* refactor: rebase for main
* tests: fix tests
* fix: review comments
2025-12-31 17:59:21 +02:00
a1c3e416b6
refactor: use proper module name ( #542 )
...
* chore: reorganize go mod
* refactor: use proper module name
2025-12-26 17:53:24 +02:00
03ed18343e
feat: unified config ( #533 )
...
* chore: add yaml config ref
* feat: add initial implementation of a traefik like cli
* refactor: remove dependency on traefik
* chore: update example env
* refactor: update build
* chore: remove unused code
* fix: fix translations not loading
* feat: add experimental config file support
* chore: mod tidy
* fix: review comments
* refactor: move tinyauth to separate package
* chore: add quotes to all env variables
* chore: resolve go mod and sum conflicts
* chore: go mod tidy
* fix: review comments
2025-12-22 22:13:40 +02:00
78f97c8550
refactor: split bootstrap to smaller files for better readability ( #518 )
...
* refactor: split bootstrap to smaller files for better readability
* chore: rename setup routes to setup router
* fix: assign configured providers to app context
2025-12-17 15:04:09 +02:00
6c90046343
feat: add option to disable ui warnings
2025-11-21 17:37:08 +02:00
6d663bb1e8
fix: use unix seconds in db cleanup
2025-11-15 11:45:19 +02:00
60dada86a6
feat: add support for listening on unix sockets
2025-11-04 18:42:04 +02:00
c5bb389258
feat: ACL labels from environment variables ( #422 )
...
* feat: add LabelService to retrieve application labels from environment variables
* feat: allow usage of labels from docker and env variables simultaneously
Prioritize labels from environment variables over labels from docker
labels
* fix: handle error returned by label_serive.go/LoadLabels
see https://github.com/steveiliop56/tinyauth/pull/422#discussion_r2443443032
* refactor(label_service): use simple loop instead of slices.ContainsFunc to avoid experimental slices package
see https://github.com/steveiliop56/tinyauth/pull/422#pullrequestreview-3354632045
* refactor: merge acl logic into one service
---------
Co-authored-by: Stavros <steveiliop56@gmail.com >
2025-10-21 16:02:31 +03:00
7231efcbc3
feat: add routine to cleanup expired sessions
2025-10-19 19:10:24 +03:00
1b87ed9b99
feat: add config dumps to trace log level
2025-10-12 11:29:31 +03:00
fc7e395e66
feat: sort configured providers based on name length
2025-10-10 17:16:22 +03:00
b940d681c3
feat: use recovery gin middleware in engine
2025-10-10 16:42:19 +03:00
c77da30d87
refactor: set gin mode using env
2025-10-08 16:24:14 +03:00
adffb4ac0a
fix: names in oauth broker
2025-10-08 15:15:30 +03:00
085f6257c5
fix: fix oauth group provider check
2025-09-25 22:35:44 +03:00
c307f7eb2e
fix: handle 201 status for heartbeat
2025-09-22 19:56:59 +03:00
e8558b89b4
fix: set gin mode correctly
2025-09-22 16:15:55 +03:00
f8047a6c2e
feat: add option to disable resources server
2025-09-22 15:52:43 +03:00
d70cbea546
chore: handle trusted proxies config error
2025-09-19 14:53:10 +03:00
50105e4e9d
feat: version info analytics ( #363 )
...
* feat: version info analytics
* refactor: don't create new client everytime
2025-09-19 14:44:22 +03:00
b62b2932fe
fix: only set trusted proxies if config option is not empty
2025-09-16 15:14:42 +03:00
5c866bad1a
feat: multiple oauth providers ( #355 )
...
* feat: add flag decoder (candidate)
* refactor: finalize flags decoder
* feat: add env decoder
* feat: add oauth config parsing logic
* feat: implement backend logic for multiple oauth providers
* feat: implement multiple oauth providers in the frontend
* feat: add some default icons
* chore: add credits for parser
* feat: style oauth auto redirect screen
* fix: bot suggestions
* refactor: rework decoders using simpler and more efficient pattern
* refactor: rework oauth name database migration
2025-09-16 13:28:28 +03:00
2d78e6b598
feat: add cookie domain back to context controller
2025-09-10 13:47:48 +03:00
e03eaf4f08
feat: add psl check in cookie domain
2025-09-10 13:43:08 +03:00
773cd6d171
feat: add trusted proxies config value
2025-09-03 12:14:13 +03:00
b9e35716ac
feat: invalid domain warning ( #332 )
...
* wip
* refactor: update domain warning layout
* i18n: add domain warning translations
* refactor: rework hooks usage
* feat: clear timeouts
* fix: use useeffect to cleanup timeout
* refactor: rework redirects and history storage
* refactor: rename domain to root domain
2025-09-01 18:22:42 +03:00
c7c3de4f78
refactor: unify labels ( #329 )
...
* refactor: unify labels
* feat: implement path block and user block
Fixes #313
* fix: fix oauth group check logic
* chore: fix typo
2025-08-29 17:04:34 +03:00
03d06cb0a7
feat: add sqlite database for storing sessions ( #326 )
...
* feat: add sqlite database for storing sessions
* refactor: use db instance instead of service in auth service
* fix: coderabbit suggestions
2025-08-29 12:35:11 +03:00
Stavros