barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-28 20:55:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
499 Commits 35 Branches 89 Tags
v4.0.1
Commit Graph

77 Commits

Author SHA1 Message Date
Stavros
9b76a84ee2 feat: add trace logging 2025-10-11 15:27:01 +03:00
Stavros
1ee0cee171 feat: distroless image 2025-10-07 15:03:53 +03:00
Stavros
f0a48cc91c feat: add health check command 2025-10-06 21:45:23 +03:00
Stavros
2f8fa39a9b refactor: make cli modular (#390) 
* refactor: make cli modular

* chore: apply suggestion from @Rycochet

Co-authored-by: Ryc O'Chet <Rycochet@users.noreply.github.com>

* chore: apply review suggestions

* refactor: no need to handle user escaping in verify cmd

---------

Co-authored-by: Ryc O'Chet <Rycochet@users.noreply.github.com>
 2025-10-06 21:27:51 +03:00
Stavros
f8047a6c2e feat: add option to disable resources server 2025-09-22 15:52:43 +03:00
Stavros
50105e4e9d feat: version info analytics (#363) 
* feat: version info analytics

* refactor: don't create new client everytime
 2025-09-19 14:44:22 +03:00
Stavros
5c866bad1a feat: multiple oauth providers (#355) 
* feat: add flag decoder (candidate)

* refactor: finalize flags decoder

* feat: add env decoder

* feat: add oauth config parsing logic

* feat: implement backend logic for multiple oauth providers

* feat: implement multiple oauth providers in the frontend

* feat: add some default icons

* chore: add credits for parser

* feat: style oauth auto redirect screen

* fix: bot suggestions

* refactor: rework decoders using simpler and more efficient pattern

* refactor: rework oauth name database migration
 2025-09-16 13:28:28 +03:00
Stavros
773cd6d171 feat: add trusted proxies config value 2025-09-03 12:14:13 +03:00
Stavros
b9e35716ac feat: invalid domain warning (#332) 
* wip

* refactor: update domain warning layout

* i18n: add domain warning translations

* refactor: rework hooks usage

* feat: clear timeouts

* fix: use useeffect to cleanup timeout

* refactor: rework redirects and history storage

* refactor: rename domain to root domain
 2025-09-01 18:22:42 +03:00
Stavros
03d06cb0a7 feat: add sqlite database for storing sessions (#326) 
* feat: add sqlite database for storing sessions

* refactor: use db instance instead of service in auth service

* fix: coderabbit suggestions
 2025-08-29 12:35:11 +03:00
Stavros
504a3b87b4 refactor: rework file structure (#325) 
* wip: add middlewares

* refactor: use context fom middleware in handlers

* refactor: use controller approach in handlers

* refactor: move oauth providers into services (non-working)

* feat: create oauth broker service

* refactor: use a boostrap service to bootstrap the app

* refactor: split utils into smaller files

* refactor: use more clear name for frontend assets

* feat: allow customizability of resources dir

* fix: fix typo in ui middleware

* fix: validate resource file paths in ui middleware

* refactor: move resource handling to a controller

* feat: add some logging

* fix: configure middlewares before groups

* fix: use correct api path in login mutation

* fix: coderabbit suggestions

* fix: further coderabbit suggestions
 2025-08-26 15:05:03 +03:00
Stavros
88d918d608 fix: don't fail app if LDAP is not configured 2025-07-15 02:24:09 +03:00
Stavros
8ebed0ac9a chore: remove meaningless comments 2025-07-12 13:17:06 +03:00
Stavros
f73eb9571f fix: fix password reset message translations 2025-07-11 16:16:49 +03:00
Stavros
6ec8c9766c feat: add ldap support (#232) 
* feat: add ldap support

* feat: add insecure option for self-signed certificates

* fix: recognize ldap as a username provider

* test: fix tests

* feat: add configurable search filter

* fix: fix error message in ldap search result

* refactor: bot suggestions
 2025-07-05 18:17:39 +03:00
Stavros
1941de1125 refactor: remove init functions from methods (#228) 2025-07-04 02:35:09 +03:00
Stavros
c10bff55de fix: encrypt the cookie in sessions (#225) 
* fix: encrypt the cookie in sessions

* tests: use new auth config in tests

* fix: coderabbit suggestions
 2025-07-04 01:43:36 +03:00
Stavros
fc73e25d51 feat: allow generic provider to use untrusted SSL certificates (#164) 
* feat: allow generic provider to use untrusted SSL certificates

* chore: fix typo

* chore: bot suggestion

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
 2025-05-27 16:42:20 +03:00
Stavros
3a7b71ae3e feat: generate a unique id for the cookie names based on the domain (#161) 
* feat: generate a unique id for the cookie names based on the domain

* tests: fix tests
 2025-05-25 12:38:21 +03:00
Stavros
318f00993e Feat/new UI (#153) 
* wip

* feat: make forms functional

* feat: finalize pages

* chore: remove unused translations

* feat: app context

* feat: user context

* feat: finalize username login

* fix: use correct tab order in login form

* feat: add oauth logic

* chore: update readme and assets

* chore: rename docs back to assets

* feat: favicons

* feat: custom background image config option

* chore: add acknowledgements for background image

* feat: sanitize redirect URL

* feat: sanitize redirect URL on check

* chore: fix dependabot config

* refactor: bot suggestions

* fix: correctly redirect to app and check for untrusted redirects

* fix: run oauth auto redirect only when there is a redirect URI

* refactor: change select color

* fix: fix dockerfiles

* fix: fix hook rendering

* chore: remove translations cdn

* chore: formatting

* feat: validate api response against zod schema

* fix: use axios error instead of generic error in login page
 2025-05-20 17:17:12 +03:00
Stavros
91e3bbc9d9 refactor: store version in constants 2025-05-20 16:39:27 +03:00
Stavros
ff48fa320e feat: nightly release workflow 2025-05-15 16:41:26 +03:00
Stavros
773942dc3b feat: add support for auto redirecting to oauth providers 2025-05-01 14:18:26 +03:00
Stavros
a9e8bf89a9 feat: map info from OIDC claims to headers (#122) 
* refactor: return all values from body in the providers

* refactor: only accept claims following the OIDC spec

* feat: map info from OIDC claims to headers

* feat: add support for required oauth groups

* fix: bot suggestions

* feat: get claims from github and google

* fix: close body correctly
 2025-04-30 19:57:49 +03:00
Stavros
4dc6bc0c98 refactor: change generic name to other 2025-04-25 14:01:09 +03:00
Stavros
db43f1cb7a feat: add custom forgot password message 2025-04-23 14:31:38 +03:00
Stavros
85ad0d19c7 feat: add regex support to oauth whitelist 2025-04-18 19:36:50 +03:00
Stavros
0761c2f5c1 refactor: remove redirect URL from session cookie 2025-04-14 19:42:52 +03:00
Stavros
1169c633cc refactor: remove tailscale oauth 2025-04-10 15:14:01 +03:00
Stavros
bd7e160e10 refactor: store redirect URI in tinyauth session cookie 2025-04-06 20:37:02 +03:00
Stavros
df849d5a5c refactor: remove dependency on gin sessions 2025-04-06 19:13:09 +03:00
Stavros
5cf4e208c6 refactor: use centralized config in auth service 2025-04-06 18:55:24 +03:00
Alexander
07ddd4f917 feat: add brute force protection (#59) 
* feat: add brute force protection

* fix: bind flags to env

---------

Co-authored-by: Stavros <steveiliop56@gmail.com>
 2025-04-06 18:28:20 +03:00
Stavros
14ce8ecf98 feat: add ability to set custom headers 2025-03-26 18:05:43 +02:00
Stavros
3ccc831a1f refactor: make error handling simpler (#55) 2025-03-19 16:41:19 +02:00
Stavros
f3471880ee refactor/handlers (#51) 
* wip

* refactor: use prefix instead of patern in docker meta

* tests: fix tests
 2025-03-19 15:48:16 +02:00
Stavros
5188089673 Feat/totp (#45) 
* wip

* feat: finalize totp gen code

* refactor: split login screen and forms

* feat: add totp logic and ui

* refactor: make totp pending expiry time fixed

* refactor: skip all checks when disable continue is enabled

* fix: fix cli not exiting on invalid input
 2025-03-09 18:39:25 +02:00
Stavros
30aab17f06 feat: allow custom app and generic oauth title 2025-02-23 20:51:56 +02:00
Stavros
f9ab9a6406 fix: filter oauth whitelist to remove empty strings 2025-02-15 17:23:24 +02:00
Stavros
7a3a463489 chore: add comments to code 2025-02-08 12:33:58 +02:00
Stavros
e09f241364 fix: handle user parse errors correctly 2025-02-07 20:11:16 +02:00
Stavros
87393d3c64 feat: add session expiry inside cookie (breaking) 2025-02-05 19:08:23 +02:00
Stavros
6e5f882e0b feat: tailscale oauth 2025-02-01 16:28:39 +02:00
Stavros
29f0a94faf feat: finalize logic 2025-01-30 17:11:31 +02:00
Stavros
6602e8140b wip 2025-01-29 22:06:52 +02:00
Stavros
3efcb26db1 refactor: remove sensitive info logging even in debug mode 2025-01-28 17:36:06 +02:00
Stavros
0cf0aafc14 fix: configure secrets before config validation 2025-01-26 21:13:26 +02:00
Stavros
f19f40f9fc feat: add secret file 2025-01-26 20:47:08 +02:00
Stavros
a243f22ac8 refactor: users are not a requirement when using oauth 2025-01-26 20:45:34 +02:00
Stavros
08d382c981 feat: add debug log level 2025-01-26 20:23:09 +02:00