barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-05-08 13:28:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
781 Commits 27 Branches 125 Tags
5aeb88652370513f73c1c8e874c342faac1e6426
Commit Graph

20 Commits

Author SHA1 Message Date
Stavros 5aeb886523 Merge branch 'main' into single-cookie-domain 2026-05-07 15:50:55 +03:00
Stavros 1382ab41e7 refactor: rework user context handling throughout tinyauth (#829) 
* wip

* fix: fix util imports

* fix: fix bootstrap import issues

* fix: fix cli imports

* fix: context controller

* fix: use new context in user controller

* fix: fix imports and context in proxy controller

* fix: fix oauth and oidc controller imports and context

* feat: finalize context functionality

* refactor: simplify acls checking logic by passing the entire acl struct

* chore: rename get basic auth to encode basic auth for clarity

* fix: fix controller tests

* tests: fix service tests

* tests: fix utils tests

* tests: move to testify for testing in utils

* fix: fix config reference generator

* tests: add tests for context parsing

* tests: add tests for context middleware

* tests: remove error wrapper from context tests

* tests: fix log wrapper tests

* fix: fix verion setting in cd and dockerfiles

* fix: review comments batch 1

* fix: review comments batch 2

* fix: review comments batch 3

* fix: delete totp pending session cookie on totp success

* tests: fix user controller tests

* fix: don't audit login too early

* fix: own comments
 2026-05-07 15:41:07 +03:00
Stavros 4c0181c5e2 Merge branch 'main' into single-cookie-domain 2026-04-29 15:50:52 +03:00
Ryc O'Chet f3186571cc Organisation update, steveiliop56 to tinyauthapp (#793) 
* infrastructure and docs

* code

* fix issue templates

* chore: fix scoreboard url

* chore: remove migration warning

* chore: fix readme docs link

---------

Co-authored-by: Stavros <steveiliop56@gmail.com>
 2026-04-26 17:13:53 +03:00
Jacek Kowalski d90e3d652d Add TINYAUTH_AUTH_SUBDOMAINSENABLED option 
Setting it to false allows to use Tinyauth on top-level domain only,
but forbids automatic cross-app authentication using Traefik/Nginx.
 2026-04-19 22:17:10 +02:00
Stavros f65df872f0 refactor: allow root domain app urls for testing 2026-03-29 20:27:09 +03:00
Stavros d67c3ab8a4 fix: ensure safe redirect check only accepts actual domains 2026-01-17 20:36:42 +02:00
Stavros a1c3e416b6 refactor: use proper module name (#542) 
* chore: reorganize go mod

* refactor: use proper module name
 2025-12-26 17:53:24 +02:00
Stavros 03ed18343e feat: unified config (#533) 
* chore: add yaml config ref

* feat: add initial implementation of a traefik like cli

* refactor: remove dependency on traefik

* chore: update example env

* refactor: update build

* chore: remove unused code

* fix: fix translations not loading

* feat: add experimental config file support

* chore: mod tidy

* fix: review comments

* refactor: move tinyauth to separate package

* chore: add quotes to all env variables

* chore: resolve go mod and sum conflicts

* chore: go mod tidy

* fix: review comments
 2025-12-22 22:13:40 +02:00
Stavros 8453c48d9e feat: add log in json option 2025-11-06 18:11:43 +02:00
Stavros bb1ecd4183 fix: allow for all subdomains to be considered safe for redirection 2025-11-04 17:58:56 +02:00
Stavros 0227af6d2b refactor: rework decoders logic for cleaner code (#431) 
* refactor: rework decoders logic for cleaner code

* refactor: use strcase lib to handle text case conversions
 2025-10-26 12:01:19 +02:00
Scott McKendry f628d1f0b3 fix(redirect): allow root cookie domain host redirects (#409) 
Previously IsRedirectSafe rejected redirects to the exact cookie domain
when AppURL had multiple subdomain levels, because it stripped the first
label twice.
 2025-10-13 11:55:43 +03:00
Stavros adffb4ac0a fix: names in oauth broker 2025-10-08 15:15:30 +03:00
Stavros 085f6257c5 fix: fix oauth group provider check 2025-09-25 22:35:44 +03:00
Stavros 5c866bad1a feat: multiple oauth providers (#355) 
* feat: add flag decoder (candidate)

* refactor: finalize flags decoder

* feat: add env decoder

* feat: add oauth config parsing logic

* feat: implement backend logic for multiple oauth providers

* feat: implement multiple oauth providers in the frontend

* feat: add some default icons

* chore: add credits for parser

* feat: style oauth auto redirect screen

* fix: bot suggestions

* refactor: rework decoders using simpler and more efficient pattern

* refactor: rework oauth name database migration
 2025-09-16 13:28:28 +03:00
Stavros e03eaf4f08 feat: add psl check in cookie domain 2025-09-10 13:43:08 +03:00
Stavros 74cb8067a8 tests: add util tests 2025-09-03 17:52:51 +03:00
Stavros b9e35716ac feat: invalid domain warning (#332) 
* wip

* refactor: update domain warning layout

* i18n: add domain warning translations

* refactor: rework hooks usage

* feat: clear timeouts

* fix: use useeffect to cleanup timeout

* refactor: rework redirects and history storage

* refactor: rename domain to root domain
 2025-09-01 18:22:42 +03:00
Stavros 504a3b87b4 refactor: rework file structure (#325) 
* wip: add middlewares

* refactor: use context fom middleware in handlers

* refactor: use controller approach in handlers

* refactor: move oauth providers into services (non-working)

* feat: create oauth broker service

* refactor: use a boostrap service to bootstrap the app

* refactor: split utils into smaller files

* refactor: use more clear name for frontend assets

* feat: allow customizability of resources dir

* fix: fix typo in ui middleware

* fix: validate resource file paths in ui middleware

* refactor: move resource handling to a controller

* feat: add some logging

* fix: configure middlewares before groups

* fix: use correct api path in login mutation

* fix: coderabbit suggestions

* fix: further coderabbit suggestions
 2025-08-26 15:05:03 +03:00