db911a41c3
refactor(db): cleanup sqlc-wrapper gen
2026-05-10 07:59:32 +12:00
ef8bbd8c9f
feat(db): add memory storage driver
...
removes the sqlite dependency for tests, also brings back the option for
users to run zero persistence instances of tinyauth.
adds new mapErr fn for sqlc wrapper gen to prevent sql errors from
leaking out of the store implementation.
2026-05-10 07:59:32 +12:00
9566105245
feat(db): add code gen to build sqlc-compatible wrappers
2026-05-10 07:50:33 +12:00
1382ab41e7
refactor: rework user context handling throughout tinyauth ( #829 )
...
* wip
* fix: fix util imports
* fix: fix bootstrap import issues
* fix: fix cli imports
* fix: context controller
* fix: use new context in user controller
* fix: fix imports and context in proxy controller
* fix: fix oauth and oidc controller imports and context
* feat: finalize context functionality
* refactor: simplify acls checking logic by passing the entire acl struct
* chore: rename get basic auth to encode basic auth for clarity
* fix: fix controller tests
* tests: fix service tests
* tests: fix utils tests
* tests: move to testify for testing in utils
* fix: fix config reference generator
* tests: add tests for context parsing
* tests: add tests for context middleware
* tests: remove error wrapper from context tests
* tests: fix log wrapper tests
* fix: fix verion setting in cd and dockerfiles
* fix: review comments batch 1
* fix: review comments batch 2
* fix: review comments batch 3
* fix: delete totp pending session cookie on totp success
* tests: fix user controller tests
* fix: don't audit login too early
* fix: own comments
2026-05-07 15:41:07 +03:00
f3186571cc
Organisation update, steveiliop56 to tinyauthapp ( #793 )
...
* infrastructure and docs
* code
* fix issue templates
* chore: fix scoreboard url
* chore: remove migration warning
* chore: fix readme docs link
---------
Co-authored-by: Stavros <steveiliop56@gmail.com >
2026-04-26 17:13:53 +03:00
061d28f5e3
refactor: use tinyauthapp/paerser instead of traefik/paerser ( #781 )
...
* refactor: use own paerser library instead of traefik
* chore: remove submodules from release images and workflows
2026-04-10 17:36:13 +03:00
08e6b84615
fix: use int for status in healthcheck cmd
2026-04-01 16:12:11 +03:00
7bfee6efc2
chore(deps): bump github.com/charmbracelet/huh from 0.8.0 to 1.0.0 ( #708 )
...
* chore(deps): bump github.com/charmbracelet/huh from 0.8.0 to 1.0.0
Bumps [github.com/charmbracelet/huh](https://github.com/charmbracelet/huh ) from 0.8.0 to 1.0.0.
- [Release notes](https://github.com/charmbracelet/huh/releases )
- [Commits](https://github.com/charmbracelet/huh/compare/v0.8.0...v1.0.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/huh
dependency-version: 1.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore: breaking changes for huh form
* chore: bump go version everywhere
* chore: go mod tidy
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stavros <steveiliop56@gmail.com >
2026-03-30 19:15:30 +03:00
f80be1ca61
fix: update healthcheck to use server address and port individually ( #698 )
2026-03-08 11:17:55 +02:00
dea8d72f01
feat: add configuration guide in create oidc client command
2026-02-27 20:04:02 +02:00
4a1889c20b
feat: oidc client create command ( #672 )
...
* feat: add oidc client create command
* refactor: use own utility for creating random strings (more flexible
than stdlib)
* feat: validate client name to avoid config errors
* refactor: limit to only alphanumeric characters and hyphens
* refactor: remove the need of the logger in the create oidc client cmd
2026-02-26 17:28:58 +02:00
6112f977ea
feat: auto generate example env file ( #647 )
...
* feat: auto generate example env file
* refactor: simplify build paths func and better slice handling
* chore: forgot to stage everything
* chore: review comments
* refactor: remove square brackets because they mess up the syntax
highlighting
* refactor: use lowercase name to mark dynamic values
2026-02-16 23:39:05 +02:00
bea680edec
fix: healthcheck should not use public app url
2026-02-07 12:57:10 +02:00
f24595b24e
fix: add more config loaders in the healthcheck command
2026-02-02 16:25:49 +02:00
671343f677
feat: oidc ( #605 )
...
* chore: add oidc base config
* wip: authorize page
* feat: implement basic oidc functionality
* refactor: implement oidc following tinyauth patterns
* feat: adapt frontend to oidc flow
* fix: review comments
* fix: oidc review comments
* feat: refresh token grant type support
* feat: cleanup expired oidc sessions
* feat: frontend i18n
* fix: fix typo in error screen
* tests: add basic testing
* fix: more review comments
* refactor: rework oidc error messages
* feat: openid discovery endpoint
* feat: jwk endpoint
* i18n: fix typo
* fix: more rabbit nitpicks
* fix: final review comments
* i18n: authorize page error messages
2026-02-01 19:00:59 +02:00
6431afb7d1
refactor: handle subcommands properly
2026-01-29 15:54:29 +02:00
4926e53409
feat: ldap group acls ( #590 )
...
* wip
* refactor: remove useless session struct abstraction
* feat: retrieve and store groups from ldap provider
* chore: fix merge issue
* refactor: rework ldap group fetching logic
* feat: store ldap group results in cache
* fix: review nitpicks
* fix: review feedback
2026-01-17 20:03:29 +02:00
53bd413046
feat: configurable component-level logging ( #575 )
...
* Refactor logging to use centralized logger utility
- Removed direct usage of zerolog in multiple files and replaced it with a centralized logging utility in the `utils` package.
- Introduced `Loggers` struct to manage different loggers (Audit, HTTP, App) with configurable levels and outputs.
- Updated all relevant files to utilize the new logging structure, ensuring consistent logging practices across the application.
- Enhanced error handling and logging messages for better traceability and debugging.
* refactor: update logging implementation to use new logger structure
* Refactor logging to use tlog package
- Replaced instances of utils logging with tlog in various controllers, services, and middleware.
- Introduced audit logging for login success, login failure, and logout events.
- Created tlog package with structured logging capabilities using zerolog.
- Added tests for the new tlog logger functionality.
* refactor: update logging configuration in environment files
* fix: adding coderabbit suggestions
* fix: ensure correct audit caller
* fix: include reason in audit login failure logs
2026-01-15 15:57:19 +02:00
e7bd64d7a3
feat: add session max lifetime and fix refresh logic ( #559 )
...
* feat: allow any HTTP method for /api/auth/envoy and restrict methods for non-envoy proxies
* feat: add Allow header for invalid methods in proxyHandler
* feat: add session max lifetime and fix refresh logic
* fix: set default value for created_at column and improve session expiration logic
---------
Co-authored-by: Stavros <steveiliop56@gmail.com >
2026-01-07 13:37:23 +02:00
b159f44729
fix: add missing ldap search filter
2025-12-29 19:46:33 +02:00
a1c3e416b6
refactor: use proper module name ( #542 )
...
* chore: reorganize go mod
* refactor: use proper module name
2025-12-26 17:53:24 +02:00
03ed18343e
feat: unified config ( #533 )
...
* chore: add yaml config ref
* feat: add initial implementation of a traefik like cli
* refactor: remove dependency on traefik
* chore: update example env
* refactor: update build
* chore: remove unused code
* fix: fix translations not loading
* feat: add experimental config file support
* chore: mod tidy
* fix: review comments
* refactor: move tinyauth to separate package
* chore: add quotes to all env variables
* chore: resolve go mod and sum conflicts
* chore: go mod tidy
* fix: review comments
2025-12-22 22:13:40 +02:00
3961589f1e
feat: auto-create database directory if missing ( #510 )
2025-12-11 14:43:57 +02:00
6c90046343
feat: add option to disable ui warnings
2025-11-21 17:37:08 +02:00
60dada86a6
feat: add support for listening on unix sockets
2025-11-04 18:42:04 +02:00
e23f4f1371
chore: disable env acls
2025-11-04 17:48:45 +02:00
9b76a84ee2
feat: add trace logging
2025-10-11 15:27:01 +03:00
bbf8112995
refactor: touch up loggin in healthcheck command
2025-10-07 15:41:39 +03:00
1ee0cee171
feat: distroless image
2025-10-07 15:03:53 +03:00
720f387908
refactor: rework cli healthcheck logic
2025-10-07 14:30:09 +03:00
f0a48cc91c
feat: add health check command
2025-10-06 21:45:23 +03:00
2f8fa39a9b
refactor: make cli modular ( #390 )
...
* refactor: make cli modular
* chore: apply suggestion from @Rycochet
Co-authored-by: Ryc O'Chet <Rycochet@users.noreply.github.com >
* chore: apply review suggestions
* refactor: no need to handle user escaping in verify cmd
---------
Co-authored-by: Ryc O'Chet <Rycochet@users.noreply.github.com >
2025-10-06 21:27:51 +03:00
f8047a6c2e
feat: add option to disable resources server
2025-09-22 15:52:43 +03:00
e114bf0943
Update verify.go ( #364 )
2025-09-21 09:52:41 +03:00
50105e4e9d
feat: version info analytics ( #363 )
...
* feat: version info analytics
* refactor: don't create new client everytime
2025-09-19 14:44:22 +03:00
5c866bad1a
feat: multiple oauth providers ( #355 )
...
* feat: add flag decoder (candidate)
* refactor: finalize flags decoder
* feat: add env decoder
* feat: add oauth config parsing logic
* feat: implement backend logic for multiple oauth providers
* feat: implement multiple oauth providers in the frontend
* feat: add some default icons
* chore: add credits for parser
* feat: style oauth auto redirect screen
* fix: bot suggestions
* refactor: rework decoders using simpler and more efficient pattern
* refactor: rework oauth name database migration
2025-09-16 13:28:28 +03:00
773cd6d171
feat: add trusted proxies config value
2025-09-03 12:14:13 +03:00
b9e35716ac
feat: invalid domain warning ( #332 )
...
* wip
* refactor: update domain warning layout
* i18n: add domain warning translations
* refactor: rework hooks usage
* feat: clear timeouts
* fix: use useeffect to cleanup timeout
* refactor: rework redirects and history storage
* refactor: rename domain to root domain
2025-09-01 18:22:42 +03:00
03d06cb0a7
feat: add sqlite database for storing sessions ( #326 )
...
* feat: add sqlite database for storing sessions
* refactor: use db instance instead of service in auth service
* fix: coderabbit suggestions
2025-08-29 12:35:11 +03:00
504a3b87b4
refactor: rework file structure ( #325 )
...
* wip: add middlewares
* refactor: use context fom middleware in handlers
* refactor: use controller approach in handlers
* refactor: move oauth providers into services (non-working)
* feat: create oauth broker service
* refactor: use a boostrap service to bootstrap the app
* refactor: split utils into smaller files
* refactor: use more clear name for frontend assets
* feat: allow customizability of resources dir
* fix: fix typo in ui middleware
* fix: validate resource file paths in ui middleware
* refactor: move resource handling to a controller
* feat: add some logging
* fix: configure middlewares before groups
* fix: use correct api path in login mutation
* fix: coderabbit suggestions
* fix: further coderabbit suggestions
2025-08-26 15:05:03 +03:00
88d918d608
fix: don't fail app if LDAP is not configured
2025-07-15 02:24:09 +03:00
8ebed0ac9a
chore: remove meaningless comments
2025-07-12 13:17:06 +03:00
f73eb9571f
fix: fix password reset message translations
2025-07-11 16:16:49 +03:00
6ec8c9766c
feat: add ldap support ( #232 )
...
* feat: add ldap support
* feat: add insecure option for self-signed certificates
* fix: recognize ldap as a username provider
* test: fix tests
* feat: add configurable search filter
* fix: fix error message in ldap search result
* refactor: bot suggestions
2025-07-05 18:17:39 +03:00
1941de1125
refactor: remove init functions from methods ( #228 )
2025-07-04 02:35:09 +03:00
c10bff55de
fix: encrypt the cookie in sessions ( #225 )
...
* fix: encrypt the cookie in sessions
* tests: use new auth config in tests
* fix: coderabbit suggestions
2025-07-04 01:43:36 +03:00
fc73e25d51
feat: allow generic provider to use untrusted SSL certificates ( #164 )
...
* feat: allow generic provider to use untrusted SSL certificates
* chore: fix typo
* chore: bot suggestion
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
2025-05-27 16:42:20 +03:00
3a7b71ae3e
feat: generate a unique id for the cookie names based on the domain ( #161 )
...
* feat: generate a unique id for the cookie names based on the domain
* tests: fix tests
2025-05-25 12:38:21 +03:00
318f00993e
Feat/new UI ( #153 )
...
* wip
* feat: make forms functional
* feat: finalize pages
* chore: remove unused translations
* feat: app context
* feat: user context
* feat: finalize username login
* fix: use correct tab order in login form
* feat: add oauth logic
* chore: update readme and assets
* chore: rename docs back to assets
* feat: favicons
* feat: custom background image config option
* chore: add acknowledgements for background image
* feat: sanitize redirect URL
* feat: sanitize redirect URL on check
* chore: fix dependabot config
* refactor: bot suggestions
* fix: correctly redirect to app and check for untrusted redirects
* fix: run oauth auto redirect only when there is a redirect URI
* refactor: change select color
* fix: fix dockerfiles
* fix: fix hook rendering
* chore: remove translations cdn
* chore: formatting
* feat: validate api response against zod schema
* fix: use axios error instead of generic error in login page
2025-05-20 17:17:12 +03:00
91e3bbc9d9
refactor: store version in constants
2025-05-20 16:39:27 +03:00
Scott McKendry