refactor: ignore containers that failed to get inspected in docker

SECURITY.md

@@ -2,8 +2,8 @@
 
 ## Supported Versions
 
-It is recommended to use the [latest](https://github.com/steveiliop56/tinyauth/releases/latest) available version of tinyauth. This is because it includes security fixes, new features and dependency updates. Older versions, especially major ones, are not supported and won't receive security or patch updates.
+Please always use the latest available Tinyauth version which can be found [here](https://github.com/steveiliop56/tinyauth/releases/latest). Older versions (especially major) may contain security issues which I cannot go back and fix.
 
 ## Reporting a Vulnerability
 
-Due to the nature of this app, it needs to be secure. If you discover any security issues or vulnerabilities in the app please contact me as soon as possible at <steve@doesmycode.work>. Please do not use the issues section to report security issues as I won't be able to patch them in time and they may get exploited by malicious actors.
+Due to the nature of this app, it needs to be secure. If you find any security issues in the OAuth or login flow of the app please contact me at <steve@doesmycode.work> and include a concise description of the issue. Please do not use the issues section for reporting major security issues.

frontend/src/components/layout/layout.tsx

@@ -7,7 +7,7 @@ export const Layout = () => {
 
   return (
     <div
-      className="relative flex flex-col justify-center items-center min-h-dvh"
+      className="relative flex flex-col justify-center items-center min-h-svh"
       style={{
         backgroundImage: `url(${backgroundImage})`,
         backgroundSize: "cover",

internal/docker/docker.go

@@ -74,7 +74,7 @@ func (docker *Docker) DockerConnected() bool {
 	return err == nil
 }
 
-func (docker *Docker) GetLabels(id string, domain string) (types.Labels, error) {
+func (docker *Docker) GetLabels(appId string) (types.Labels, error) {
 	// Check if we have access to the Docker API
 	isConnected := docker.DockerConnected()
 
@@ -85,16 +85,15 @@ func (docker *Docker) GetLabels(id string, domain string) (types.Labels, error)
 	}
 
 	// Get the containers
-	log.Debug().Msg("Getting containers")
-
 	containers, err := docker.GetContainers()
 
 	// If there is an error, return false
 	if err != nil {
-		log.Error().Err(err).Msg("Error getting containers")
 		return types.Labels{}, err
 	}
 
+	log.Debug().Msg("Got containers")
+
 	// Loop through the containers
 	for _, container := range containers {
 		// Inspect the container
@@ -106,22 +105,28 @@ func (docker *Docker) GetLabels(id string, domain string) (types.Labels, error)
 			continue
 		}
 
-		// Get the labels
+		// Get the container name (for some reason it is /name)
-		log.Debug().Str("id", inspect.ID).Msg("Getting labels for container")
+		containerName := strings.TrimPrefix(inspect.Name, "/")
 
-		labels, err := utils.GetLabels(inspect.Config.Labels)
+		// There is a container with the same name as the app ID
+		if containerName == appId {
+			log.Debug().Str("container", containerName).Msg("Found container")
 
-		// Check if there was an error
+			// Get only the tinyauth labels in a struct
-		if err != nil {
+			labels, err := utils.GetLabels(inspect.Config.Labels)
-			log.Warn().Str("id", container.ID).Err(err).Msg("Error getting container labels, skipping")
-			continue
-		}
 
-		// Check if the labels match the id or the domain
+			// Check if there was an error
-		if strings.TrimPrefix(inspect.Name, "/") == id || labels.Domain == domain {
+			if err != nil {
-			log.Debug().Str("id", inspect.ID).Msg("Found matching container")
+				log.Error().Err(err).Msg("Error parsing labels")
+				return types.Labels{}, err
+			}
+
+			log.Debug().Msg("Got labels")
+
+			// Return labels
 			return labels, nil
 		}
+
 	}
 
 	log.Debug().Msg("No matching container found, returning empty labels")

internal/handlers/handlers.go

@@ -69,14 +69,11 @@ func (h *Handlers) AuthHandler(c *gin.Context) {
 	proto := c.Request.Header.Get("X-Forwarded-Proto")
 	host := c.Request.Header.Get("X-Forwarded-Host")
 
-	// Remove the port from the host if it exists
+	// Get the app id
-	hostPortless := strings.Split(host, ":")[0] // *lol*
+	appId := strings.Split(host, ".")[0]
-
-	// Get the id
-	id := strings.Split(hostPortless, ".")[0]
 
 	// Get the container labels
-	labels, err := h.Docker.GetLabels(id, hostPortless)
+	labels, err := h.Docker.GetLabels(appId)
 
 	log.Debug().Interface("labels", labels).Msg("Got labels")
 

internal/types/config.go

@@ -104,6 +104,5 @@ type Labels struct {
 	Users   string
 	Allowed string
 	Headers []string
-	Domain  string
 	OAuth   OAuthLabels
 }

internal/utils/utils.go

@@ -201,7 +201,7 @@ func GetLabels(labels map[string]string) (types.Labels, error) {
 	var labelsParsed types.Labels
 
 	// Decode the labels into the labels struct
-	err := parser.Decode(labels, &labelsParsed, "tinyauth", "tinyauth.users", "tinyauth.allowed", "tinyauth.headers", "tinyauth.domain", "tinyauth.oauth")
+	err := parser.Decode(labels, &labelsParsed, "tinyauth", "tinyauth.users", "tinyauth.allowed", "tinyauth.headers", "tinyauth.oauth")
 
 	// Check if there was an error
 	if err != nil {