docs: regenerate readme sponsors list

Bumps [globals](https://github.com/sindresorhus/globals) from 16.5.0 to 17.0.0.
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v16.5.0...v17.0.0)

---
updated-dependencies:
- dependency-name: globals
  dependency-version: 17.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

README.md

@@ -55,7 +55,7 @@ Tinyauth is licensed under the GNU General Public License v3.0. TL;DR — You ma
 
 A big thank you to the following people for providing me with more coffee:
 
-<!-- sponsors --><a href="https://github.com/erwinkramer"><img src="https:&#x2F;&#x2F;github.com&#x2F;erwinkramer.png" width="64px" alt="User avatar: erwinkramer" /></a>&nbsp;&nbsp;<a href="https://github.com/nicotsx"><img src="https:&#x2F;&#x2F;github.com&#x2F;nicotsx.png" width="64px" alt="User avatar: nicotsx" /></a>&nbsp;&nbsp;<a href="https://github.com/SimpleHomelab"><img src="https:&#x2F;&#x2F;github.com&#x2F;SimpleHomelab.png" width="64px" alt="User avatar: SimpleHomelab" /></a>&nbsp;&nbsp;<a href="https://github.com/jmadden91"><img src="https:&#x2F;&#x2F;github.com&#x2F;jmadden91.png" width="64px" alt="User avatar: jmadden91" /></a>&nbsp;&nbsp;<a href="https://github.com/tribor"><img src="https:&#x2F;&#x2F;github.com&#x2F;tribor.png" width="64px" alt="User avatar: tribor" /></a>&nbsp;&nbsp;<a href="https://github.com/eliasbenb"><img src="https:&#x2F;&#x2F;github.com&#x2F;eliasbenb.png" width="64px" alt="User avatar: eliasbenb" /></a>&nbsp;&nbsp;<a href="https://github.com/afunworm"><img src="https:&#x2F;&#x2F;github.com&#x2F;afunworm.png" width="64px" alt="User avatar: afunworm" /></a>&nbsp;&nbsp;<a href="https://github.com/chip-well"><img src="https:&#x2F;&#x2F;github.com&#x2F;chip-well.png" width="64px" alt="User avatar: chip-well" /></a>&nbsp;&nbsp;<a href="https://github.com/Lancelot-Enguerrand"><img src="https:&#x2F;&#x2F;github.com&#x2F;Lancelot-Enguerrand.png" width="64px" alt="User avatar: Lancelot-Enguerrand" /></a>&nbsp;&nbsp;<a href="https://github.com/allgoewer"><img src="https:&#x2F;&#x2F;github.com&#x2F;allgoewer.png" width="64px" alt="User avatar: allgoewer" /></a>&nbsp;&nbsp;<a href="https://github.com/NEANC"><img src="https:&#x2F;&#x2F;github.com&#x2F;NEANC.png" width="64px" alt="User avatar: NEANC" /></a>&nbsp;&nbsp;<!-- sponsors -->
+<!-- sponsors --><a href="https://github.com/erwinkramer"><img src="https:&#x2F;&#x2F;github.com&#x2F;erwinkramer.png" width="64px" alt="User avatar: erwinkramer" /></a>&nbsp;&nbsp;<a href="https://github.com/nicotsx"><img src="https:&#x2F;&#x2F;github.com&#x2F;nicotsx.png" width="64px" alt="User avatar: nicotsx" /></a>&nbsp;&nbsp;<a href="https://github.com/SimpleHomelab"><img src="https:&#x2F;&#x2F;github.com&#x2F;SimpleHomelab.png" width="64px" alt="User avatar: SimpleHomelab" /></a>&nbsp;&nbsp;<a href="https://github.com/jmadden91"><img src="https:&#x2F;&#x2F;github.com&#x2F;jmadden91.png" width="64px" alt="User avatar: jmadden91" /></a>&nbsp;&nbsp;<a href="https://github.com/tribor"><img src="https:&#x2F;&#x2F;github.com&#x2F;tribor.png" width="64px" alt="User avatar: tribor" /></a>&nbsp;&nbsp;<a href="https://github.com/eliasbenb"><img src="https:&#x2F;&#x2F;github.com&#x2F;eliasbenb.png" width="64px" alt="User avatar: eliasbenb" /></a>&nbsp;&nbsp;<a href="https://github.com/afunworm"><img src="https:&#x2F;&#x2F;github.com&#x2F;afunworm.png" width="64px" alt="User avatar: afunworm" /></a>&nbsp;&nbsp;<a href="https://github.com/chip-well"><img src="https:&#x2F;&#x2F;github.com&#x2F;chip-well.png" width="64px" alt="User avatar: chip-well" /></a>&nbsp;&nbsp;<a href="https://github.com/Lancelot-Enguerrand"><img src="https:&#x2F;&#x2F;github.com&#x2F;Lancelot-Enguerrand.png" width="64px" alt="User avatar: Lancelot-Enguerrand" /></a>&nbsp;&nbsp;<a href="https://github.com/allgoewer"><img src="https:&#x2F;&#x2F;github.com&#x2F;allgoewer.png" width="64px" alt="User avatar: allgoewer" /></a>&nbsp;&nbsp;<a href="https://github.com/NEANC"><img src="https:&#x2F;&#x2F;github.com&#x2F;NEANC.png" width="64px" alt="User avatar: NEANC" /></a>&nbsp;&nbsp;<a href="https://github.com/algorist-ahmad"><img src="https:&#x2F;&#x2F;github.com&#x2F;algorist-ahmad.png" width="64px" alt="User avatar: algorist-ahmad" /></a>&nbsp;&nbsp;<!-- sponsors -->
 
 ## Acknowledgements
 

frontend/bun.lock

@@ -16,7 +16,7 @@
         "axios": "^1.13.2",
         "class-variance-authority": "^0.7.1",
         "clsx": "^2.1.1",
-        "i18next": "^25.7.3",
+        "i18next": "^25.7.4",
         "i18next-browser-languagedetector": "^8.2.0",
         "i18next-resources-to-backend": "^1.2.1",
         "input-otp": "^1.4.2",
@@ -27,7 +27,7 @@
         "react-hook-form": "^7.70.0",
         "react-i18next": "^16.5.1",
         "react-markdown": "^10.1.0",
-        "react-router": "^7.11.0",
+        "react-router": "^7.12.0",
         "sonner": "^2.0.7",
         "tailwind-merge": "^3.4.0",
         "tailwindcss": "^4.1.18",
@@ -43,7 +43,7 @@
         "eslint": "^9.39.2",
         "eslint-plugin-react-hooks": "^7.0.1",
         "eslint-plugin-react-refresh": "^0.4.26",
-        "globals": "^16.5.0",
+        "globals": "^17.0.0",
         "prettier": "3.7.4",
         "tw-animate-css": "^1.4.0",
         "typescript": "~5.9.3",
@@ -563,7 +563,7 @@
 
     "glob-parent": ["glob-parent@6.0.2", "", { "dependencies": { "is-glob": "^4.0.3" } }, "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A=="],
 
-    "globals": ["globals@16.5.0", "", {}, "sha512-c/c15i26VrJ4IRt5Z89DnIzCGDn9EcebibhAOjw5ibqEHsE1wLUgkPn9RDmNcUKyU87GeaL633nyJ+pplFR2ZQ=="],
+    "globals": ["globals@17.0.0", "", {}, "sha512-gv5BeD2EssA793rlFWVPMMCqefTlpusw6/2TbAVMy0FzcG8wKJn4O+NqJ4+XWmmwrayJgw5TzrmWjFgmz1XPqw=="],
 
     "gopd": ["gopd@1.2.0", "", {}, "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg=="],
 
@@ -589,7 +589,7 @@
 
     "html-url-attributes": ["html-url-attributes@3.0.1", "", {}, "sha512-ol6UPyBWqsrO6EJySPz2O7ZSr856WDrEzM5zMqp+FJJLGMW35cLYmmZnl0vztAZxRUoNZJFTCohfjuIJ8I4QBQ=="],
 
-    "i18next": ["i18next@25.7.3", "", { "dependencies": { "@babel/runtime": "^7.28.4" }, "peerDependencies": { "typescript": "^5" }, "optionalPeers": ["typescript"] }, "sha512-2XaT+HpYGuc2uTExq9TVRhLsso+Dxym6PWaKpn36wfBmTI779OQ7iP/XaZHzrnGyzU4SHpFrTYLKfVyBfAhVNA=="],
+    "i18next": ["i18next@25.7.4", "", { "dependencies": { "@babel/runtime": "^7.28.4" }, "peerDependencies": { "typescript": "^5" }, "optionalPeers": ["typescript"] }, "sha512-hRkpEblXXcXSNbw8mBNq9042OEetgyB/ahc/X17uV/khPwzV+uB8RHceHh3qavyrkPJvmXFKXME2Sy1E0KjAfw=="],
 
     "i18next-browser-languagedetector": ["i18next-browser-languagedetector@8.2.0", "", { "dependencies": { "@babel/runtime": "^7.23.2" } }, "sha512-P+3zEKLnOF0qmiesW383vsLdtQVyKtCNA9cjSoKCppTKPQVfKd2W8hbVo5ZhNJKDqeM7BOcvNoKJOjpHh4Js9g=="],
 
@@ -807,7 +807,7 @@
 
     "react-remove-scroll-bar": ["react-remove-scroll-bar@2.3.8", "", { "dependencies": { "react-style-singleton": "^2.2.2", "tslib": "^2.0.0" }, "peerDependencies": { "@types/react": "*", "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0" }, "optionalPeers": ["@types/react"] }, "sha512-9r+yi9+mgU33AKcj6IbT9oRCO78WriSj6t/cF8DWBZJ9aOGPOTEDvdUDz1FwKim7QXWwmHqtdHnRJfhAxEG46Q=="],
 
-    "react-router": ["react-router@7.11.0", "", { "dependencies": { "cookie": "^1.0.1", "set-cookie-parser": "^2.6.0" }, "peerDependencies": { "react": ">=18", "react-dom": ">=18" }, "optionalPeers": ["react-dom"] }, "sha512-uI4JkMmjbWCZc01WVP2cH7ZfSzH91JAZUDd7/nIprDgWxBV1TkkmLToFh7EbMTcMak8URFRa2YoBL/W8GWnCTQ=="],
+    "react-router": ["react-router@7.12.0", "", { "dependencies": { "cookie": "^1.0.1", "set-cookie-parser": "^2.6.0" }, "peerDependencies": { "react": ">=18", "react-dom": ">=18" }, "optionalPeers": ["react-dom"] }, "sha512-kTPDYPFzDVGIIGNLS5VJykK0HfHLY5MF3b+xj0/tTyNYL1gF1qs7u67Z9jEhQk2sQ98SUaHxlG31g1JtF7IfVw=="],
 
     "react-style-singleton": ["react-style-singleton@2.2.3", "", { "dependencies": { "get-nonce": "^1.0.0", "tslib": "^2.0.0" }, "peerDependencies": { "@types/react": "*", "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc" }, "optionalPeers": ["@types/react"] }, "sha512-b6jSvxvVnyptAiLjbkWLE/lOnR4lfTtDAl+eUC7RZy+QQWc6wRzIV2CE6xBuMmDxc2qIihtDCZD5NPOFl7fRBQ=="],
 

frontend/package.json

@@ -22,7 +22,7 @@
     "axios": "^1.13.2",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
-    "i18next": "^25.7.3",
+    "i18next": "^25.7.4",
     "i18next-browser-languagedetector": "^8.2.0",
     "i18next-resources-to-backend": "^1.2.1",
     "input-otp": "^1.4.2",
@@ -33,7 +33,7 @@
     "react-hook-form": "^7.70.0",
     "react-i18next": "^16.5.1",
     "react-markdown": "^10.1.0",
-    "react-router": "^7.11.0",
+    "react-router": "^7.12.0",
     "sonner": "^2.0.7",
     "tailwind-merge": "^3.4.0",
     "tailwindcss": "^4.1.18",
@@ -49,7 +49,7 @@
     "eslint": "^9.39.2",
     "eslint-plugin-react-hooks": "^7.0.1",
     "eslint-plugin-react-refresh": "^0.4.26",
-    "globals": "^16.5.0",
+    "globals": "^17.0.0",
     "prettier": "3.7.4",
     "tw-animate-css": "^1.4.0",
     "typescript": "~5.9.3",

internal/bootstrap/router_bootstrap.go

@@ -2,7 +2,6 @@ package bootstrap
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/steveiliop56/tinyauth/internal/controller"
 	"github.com/steveiliop56/tinyauth/internal/middleware"
@@ -15,7 +14,7 @@ func (app *BootstrapApp) setupRouter() (*gin.Engine, error) {
 	engine.Use(gin.Recovery())
 
 	if len(app.config.Server.TrustedProxies) > 0 {
-		err := engine.SetTrustedProxies(strings.Split(app.config.Server.TrustedProxies, ","))
+		err := engine.SetTrustedProxies(app.config.Server.TrustedProxies)
 
 		if err != nil {
 			return nil, fmt.Errorf("failed to set trusted proxies: %w", err)

internal/bootstrap/service_bootstrap.go

@@ -67,7 +67,8 @@ func (app *BootstrapApp) initServices(queries *repository.Queries) (Services, er
 		LoginTimeout:       app.config.Auth.LoginTimeout,
 		LoginMaxRetries:    app.config.Auth.LoginMaxRetries,
 		SessionCookieName:  app.context.sessionCookieName,
-	}, dockerService, ldapService, queries)
+		IP:                 app.config.Auth.IP,
+	}, dockerService, services.ldapService, queries)
 
 	err = authService.Init()
 

internal/config/config.go

@@ -36,11 +36,12 @@ type ServerConfig struct {
 	Port           int      `description:"The port on which the server listens." yaml:"port"`
 	Address        string   `description:"The address on which the server listens." yaml:"address"`
 	SocketPath     string   `description:"The path to the Unix socket." yaml:"socketPath"`
-	TrustedProxies string `description:"Comma-separated list of trusted proxy addresses." yaml:"trustedProxies"`
+	TrustedProxies []string `description:"Comma-separated list of trusted proxy addresses." yaml:"trustedProxies"`
 }
 
 type AuthConfig struct {
-	Users              string `description:"Comma-separated list of users (username:hashed_password)." yaml:"users"`
+	IP                 IPConfig `description:"IP whitelisting config options." yaml:"ip"`
+	Users              []string `description:"Comma-separated list of users (username:hashed_password)." yaml:"users"`
 	UsersFile          string   `description:"Path to the users file." yaml:"usersFile"`
 	SecureCookie       bool     `description:"Enable secure cookies." yaml:"secureCookie"`
 	SessionExpiry      int      `description:"Session expiry time in seconds." yaml:"sessionExpiry"`
@@ -49,8 +50,13 @@ type AuthConfig struct {
 	LoginMaxRetries    int      `description:"Maximum login retries." yaml:"loginMaxRetries"`
 }
 
+type IPConfig struct {
+	Allow []string `description:"List of allowed IPs or CIDR ranges." yaml:"allow"`
+	Block []string `description:"List of blocked IPs or CIDR ranges." yaml:"block"`
+}
+
 type OAuthConfig struct {
-	Whitelist    string                        `description:"Comma-separated list of allowed OAuth domains." yaml:"whitelist"`
+	Whitelist    []string                      `description:"Comma-separated list of allowed OAuth domains." yaml:"whitelist"`
 	AutoRedirect string                        `description:"The OAuth provider to use for automatic redirection." yaml:"autoRedirect"`
 	Providers    map[string]OAuthServiceConfig `description:"OAuth providers configuration." yaml:"providers"`
 }

internal/controller/proxy_controller.go

@@ -179,9 +179,9 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
 	}
 
 	if userContext.IsLoggedIn {
-		appAllowed := controller.auth.IsResourceAllowed(c, userContext, acls)
+		userAllowed := controller.auth.IsUserAllowed(c, userContext, acls)
 
-		if !appAllowed {
+		if !userAllowed {
 			log.Warn().Str("user", userContext.Username).Str("resource", strings.Split(host, ".")[0]).Msg("User not allowed to access resource")
 
 			if req.Proxy == "nginx" || !isBrowser {

internal/controller/proxy_controller_test.go

@@ -57,7 +57,7 @@ func setupProxyController(t *testing.T, middlewares *[]gin.HandlerFunc) (*gin.En
 				Password: "$2a$10$ne6z693sTgzT3ePoQ05PgOecUHnBjM7sSNj6M.l5CLUP.f6NyCnt.", // test
 			},
 		},
-		OauthWhitelist:     "",
+		OauthWhitelist:     []string{},
 		SessionExpiry:      3600,
 		SessionMaxLifetime: 0,
 		SecureCookie:       false,

internal/controller/user_controller_test.go

@@ -60,7 +60,7 @@ func setupUserController(t *testing.T, middlewares *[]gin.HandlerFunc) (*gin.Eng
 				TotpSecret: totpSecret,
 			},
 		},
-		OauthWhitelist:     "",
+		OauthWhitelist:     []string{},
 		SessionExpiry:      3600,
 		SessionMaxLifetime: 0,
 		SecureCookie:       false,

internal/repository/queries.sql.go

@@ -1,7 +1,7 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
 //   sqlc v1.30.0
-// source: query.sql
+// source: queries.sql
 
 package repository
 

internal/service/auth_service.go

@@ -27,7 +27,7 @@ type LoginAttempt struct {
 
 type AuthServiceConfig struct {
 	Users              []config.User
-	OauthWhitelist     string
+	OauthWhitelist     []string
 	SessionExpiry      int
 	SessionMaxLifetime int
 	SecureCookie       bool
@@ -35,6 +35,7 @@ type AuthServiceConfig struct {
 	LoginTimeout       int
 	LoginMaxRetries    int
 	SessionCookieName  string
+	IP                 config.IPConfig
 }
 
 type AuthService struct {
@@ -186,7 +187,7 @@ func (auth *AuthService) RecordLoginAttempt(identifier string, success bool) {
 }
 
 func (auth *AuthService) IsEmailWhitelisted(email string) bool {
-	return utils.CheckFilter(auth.config.OauthWhitelist, email)
+	return utils.CheckFilter(strings.Join(auth.config.OauthWhitelist, ","), email)
 }
 
 func (auth *AuthService) CreateSessionCookie(c *gin.Context, data *config.SessionCookie) error {
@@ -352,7 +353,7 @@ func (auth *AuthService) UserAuthConfigured() bool {
 	return len(auth.config.Users) > 0 || auth.ldap != nil
 }
 
-func (auth *AuthService) IsResourceAllowed(c *gin.Context, context config.UserContext, acls config.App) bool {
+func (auth *AuthService) IsUserAllowed(c *gin.Context, context config.UserContext, acls config.App) bool {
 	if context.OAuth {
 		log.Debug().Msg("Checking OAuth whitelist")
 		return utils.CheckFilter(acls.OAuth.Whitelist, context.Email)
@@ -435,7 +436,11 @@ func (auth *AuthService) GetBasicAuth(c *gin.Context) *config.User {
 }
 
 func (auth *AuthService) CheckIP(acls config.AppIP, ip string) bool {
-	for _, blocked := range acls.Block {
+	// Merge the global and app IP filter
+	blockedIps := append(auth.config.IP.Block, acls.Block...)
+	allowedIPs := append(auth.config.IP.Allow, acls.Allow...)
+
+	for _, blocked := range blockedIps {
 		res, err := utils.FilterIP(blocked, ip)
 		if err != nil {
 			log.Warn().Err(err).Str("item", blocked).Msg("Invalid IP/CIDR in block list")
@@ -447,7 +452,7 @@ func (auth *AuthService) CheckIP(acls config.AppIP, ip string) bool {
 		}
 	}
 
-	for _, allowed := range acls.Allow {
+	for _, allowed := range allowedIPs {
 		res, err := utils.FilterIP(allowed, ip)
 		if err != nil {
 			log.Warn().Err(err).Str("item", allowed).Msg("Invalid IP/CIDR in allow list")
@@ -459,7 +464,7 @@ func (auth *AuthService) CheckIP(acls config.AppIP, ip string) bool {
 		}
 	}
 
-	if len(acls.Allow) > 0 {
+	if len(allowedIPs) > 0 {
 		log.Debug().Str("ip", ip).Msg("IP not in allow list, denying access")
 		return false
 	}

internal/utils/user_utils.go

@@ -7,22 +7,14 @@ import (
 	"github.com/steveiliop56/tinyauth/internal/config"
 )
 
-func ParseUsers(users string) ([]config.User, error) {
+func ParseUsers(usersStr []string) ([]config.User, error) {
-	var usersParsed []config.User
+	var users []config.User
 
-	users = strings.TrimSpace(users)
+	if len(usersStr) == 0 {
-
-	if users == "" {
 		return []config.User{}, nil
 	}
 
-	userList := strings.Split(users, ",")
+	for _, user := range usersStr {
-
-	if len(userList) == 0 {
-		return []config.User{}, errors.New("invalid user format")
-	}
-
-	for _, user := range userList {
 		if strings.TrimSpace(user) == "" {
 			continue
 		}
@@ -30,64 +22,71 @@ func ParseUsers(users string) ([]config.User, error) {
 		if err != nil {
 			return []config.User{}, err
 		}
-		usersParsed = append(usersParsed, parsed)
+		users = append(users, parsed)
 	}
 
-	return usersParsed, nil
+	return users, nil
 }
 
-func GetUsers(conf string, file string) ([]config.User, error) {
+func GetUsers(usersCfg []string, usersPath string) ([]config.User, error) {
-	var users string
+	var usersStr []string
 
-	if conf == "" && file == "" {
+	if len(usersCfg) == 0 && usersPath == "" {
 		return []config.User{}, nil
 	}
 
-	if conf != "" {
+	if len(usersCfg) > 0 {
-		users += conf
+		usersStr = append(usersStr, usersCfg...)
 	}
 
-	if file != "" {
+	if usersPath != "" {
-		contents, err := ReadFile(file)
+		contents, err := ReadFile(usersPath)
+
 		if err != nil {
 			return []config.User{}, err
 		}
-		if users != "" {
+
-			users += ","
+		lines := strings.SplitSeq(contents, "\n")
+
+		for line := range lines {
+			lineTrimmed := strings.TrimSpace(line)
+			if lineTrimmed == "" {
+				continue
+			}
+			usersStr = append(usersStr, lineTrimmed)
 		}
-		users += ParseFileToLine(contents)
 	}
 
-	return ParseUsers(users)
+	return ParseUsers(usersStr)
 }
 
-func ParseUser(user string) (config.User, error) {
+func ParseUser(userStr string) (config.User, error) {
-	if strings.Contains(user, "$$") {
+	if strings.Contains(userStr, "$$") {
-		user = strings.ReplaceAll(user, "$$", "$")
+		userStr = strings.ReplaceAll(userStr, "$$", "$")
 	}
 
-	userSplit := strings.Split(user, ":")
+	parts := strings.SplitN(userStr, ":", 4)
 
-	if len(userSplit) < 2 || len(userSplit) > 3 {
+	if len(parts) < 2 || len(parts) > 3 {
 		return config.User{}, errors.New("invalid user format")
 	}
 
-	for _, userPart := range userSplit {
+	for i, part := range parts {
-		if strings.TrimSpace(userPart) == "" {
+		trimmed := strings.TrimSpace(part)
+		if trimmed == "" {
 			return config.User{}, errors.New("invalid user format")
 		}
+		parts[i] = trimmed
 	}
 
-	if len(userSplit) == 2 {
+	user := config.User{
-		return config.User{
+		Username: parts[0],
-			Username: strings.TrimSpace(userSplit[0]),
+		Password: parts[1],
-			Password: strings.TrimSpace(userSplit[1]),
-		}, nil
 	}
 
-	return config.User{
+	if len(parts) == 3 {
-		Username:   strings.TrimSpace(userSplit[0]),
+		user.TotpSecret = parts[2]
-		Password:   strings.TrimSpace(userSplit[1]),
+	}
-		TotpSecret: strings.TrimSpace(userSplit[2]),
+
-	}, nil
+	return user, nil
 }

internal/utils/user_utils_test.go

@@ -22,7 +22,7 @@ func TestGetUsers(t *testing.T) {
 	defer os.Remove("/tmp/tinyauth_users_test.txt")
 
 	// Test file
-	users, err := utils.GetUsers("", "/tmp/tinyauth_users_test.txt")
+	users, err := utils.GetUsers([]string{}, "/tmp/tinyauth_users_test.txt")
 
 	assert.NilError(t, err)
 
@@ -34,7 +34,7 @@ func TestGetUsers(t *testing.T) {
 	assert.Equal(t, "$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G", users[1].Password)
 
 	// Test config
-	users, err = utils.GetUsers("user3:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G,user4:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G", "")
+	users, err = utils.GetUsers([]string{"user3:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G", "user4:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G"}, "")
 
 	assert.NilError(t, err)
 
@@ -46,7 +46,7 @@ func TestGetUsers(t *testing.T) {
 	assert.Equal(t, "$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G", users[1].Password)
 
 	// Test both
-	users, err = utils.GetUsers("user5:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G", "/tmp/tinyauth_users_test.txt")
+	users, err = utils.GetUsers([]string{"user5:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G"}, "/tmp/tinyauth_users_test.txt")
 
 	assert.NilError(t, err)
 
@@ -60,14 +60,14 @@ func TestGetUsers(t *testing.T) {
 	assert.Equal(t, "$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G", users[2].Password)
 
 	// Test empty
-	users, err = utils.GetUsers("", "")
+	users, err = utils.GetUsers([]string{}, "")
 
 	assert.NilError(t, err)
 
 	assert.Equal(t, 0, len(users))
 
 	// Test non-existent file
-	users, err = utils.GetUsers("", "/tmp/non_existent_file.txt")
+	users, err = utils.GetUsers([]string{}, "/tmp/non_existent_file.txt")
 
 	assert.ErrorContains(t, err, "no such file or directory")
 
@@ -76,7 +76,7 @@ func TestGetUsers(t *testing.T) {
 
 func TestParseUsers(t *testing.T) {
 	// Valid users
-	users, err := utils.ParseUsers("user1:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G,user2:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G:ABCDEF") // user2 has TOTP
+	users, err := utils.ParseUsers([]string{"user1:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G", "user2:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G:ABCDEF"}) // user2 has TOTP
 
 	assert.NilError(t, err)
 
@@ -90,7 +90,7 @@ func TestParseUsers(t *testing.T) {
 	assert.Equal(t, "ABCDEF", users[1].TotpSecret)
 
 	// Valid weirdly spaced users
-	users, err = utils.ParseUsers("      user1:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G        ,         user2:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G:ABCDEF                    ") // Spacing is on purpose
+	users, err = utils.ParseUsers([]string{"      user1:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G        ", "         user2:$2a$10$Mz5xhkfSJUtPWkzCd/TdaePh9CaXc5QcGII5wIMPLSR46eTwma30G:ABCDEF                    "}) // Spacing is on purpose
 	assert.NilError(t, err)
 
 	assert.Equal(t, 2, len(users))

sqlc.yml

@@ -1,8 +1,8 @@
 version: "2"
 sql:
   - engine: "sqlite"
-    queries: "query.sql"
+    queries: "sql/queries.sql"
-    schema: "schema.sql"
+    schema: "sql/schema.sql"
     gen:
       go:
         package: "repository"