fix: use axios error instead of generic error in login page

.env.example

@@ -30,4 +30,3 @@ APP_TITLE=Tinyauth SSO
 FORGOT_PASSWORD_MESSAGE=Some message about resetting the password
 OAUTH_AUTO_REDIRECT=none
 BACKGROUND_IMAGE=some_image_url
-GENERIC_SKIP_SSL=false

Dockerfile

@@ -52,4 +52,7 @@ COPY --from=builder /tinyauth/tinyauth ./
 
 EXPOSE 3000
 
+HEALTHCHECK --interval=10s --timeout=5s \
+    CMD curl -f http://localhost:3000/api/healthcheck || exit 1
+
 ENTRYPOINT ["./tinyauth"]

README.md

@@ -24,22 +24,18 @@ Tinyauth is a simple authentication middleware that adds simple username/passwor
 > [!NOTE]
 > Tinyauth is intended for homelab use only and it is not made for production use cases. If you are looking for something production ready please use [authentik](https://goauthentik.io) instead.
 
+## Discord
+
+I just made a Discord server for tinyauth! It is not only for tinyauth but general self-hosting and homelabbing. [See you there!](https://discord.gg/eHzVaCzRRd).
+
 ## Getting Started
 
 You can easily get started with tinyauth by following the guide in the [documentation](https://tinyauth.app/docs/getting-started.html). There is also an available [docker compose file](./docker-compose.example.yml) that has traefik, whoami and tinyauth to demonstrate its capabilities.
 
-## Demo
-
-If you are still not sure if tinyauth suits your needs you can try out the [demo](https://demo.tinyauth.app). The default username is `user` and the default password is `password`.
-
 ## Documentation
 
 You can find documentation and guides on all of the available configuration of tinyauth in the [website](https://tinyauth.app).
 
-## Discord
-
-I just made a Discord server for tinyauth! It is not only for tinyauth but general self-hosting and homelabbing. [See you there!](https://discord.gg/eHzVaCzRRd).
-
 ## Contributing
 
 All contributions to the codebase are welcome! If you have any recommendations on how to improve security or find a security issue in tinyauth please open an issue or pull request so it can be fixed as soon as possible!

cmd/root.go

@@ -79,7 +79,6 @@ var rootCmd = &cobra.Command{
 			GenericAuthURL:      config.GenericAuthURL,
 			GenericTokenURL:     config.GenericTokenURL,
 			GenericUserURL:      config.GenericUserURL,
-			GenericSkipSSL:      config.GenericSkipSSL,
 			AppURL:              config.AppURL,
 		}
 
@@ -198,7 +197,6 @@ func init() {
 	rootCmd.Flags().String("generic-token-url", "", "Generic OAuth token URL.")
 	rootCmd.Flags().String("generic-user-url", "", "Generic OAuth user info URL.")
 	rootCmd.Flags().String("generic-name", "Generic", "Generic OAuth provider name.")
-	rootCmd.Flags().Bool("generic-skip-ssl", false, "Skip SSL verification for the generic OAuth provider.")
 	rootCmd.Flags().Bool("disable-continue", false, "Disable continue screen and redirect to app directly.")
 	rootCmd.Flags().String("oauth-whitelist", "", "Comma separated list of email addresses to whitelist when using OAuth.")
 	rootCmd.Flags().String("oauth-auto-redirect", "none", "Auto redirect to the specified OAuth provider if configured. (available providers: github, google, generic)")
@@ -233,7 +231,6 @@ func init() {
 	viper.BindEnv("generic-token-url", "GENERIC_TOKEN_URL")
 	viper.BindEnv("generic-user-url", "GENERIC_USER_URL")
 	viper.BindEnv("generic-name", "GENERIC_NAME")
-	viper.BindEnv("generic-skip-ssl", "GENERIC_SKIP_SSL")
 	viper.BindEnv("disable-continue", "DISABLE_CONTINUE")
 	viper.BindEnv("oauth-whitelist", "OAUTH_WHITELIST")
 	viper.BindEnv("oauth-auto-redirect", "OAUTH_AUTO_REDIRECT")

frontend/src/pages/login-page.tsx

@@ -29,7 +29,7 @@ export const LoginPage = () => {
     return <Navigate to="/logout" />;
   }
 
-  const { configuredProviders, title, oauthAutoRedirect, genericName } = useAppContext();
+  const { configuredProviders, title, oauthAutoRedirect } = useAppContext();
   const { search } = useLocation();
   const { t } = useTranslation();
   const isMounted = useIsMounted();
@@ -138,7 +138,7 @@ export const LoginPage = () => {
             )}
             {configuredProviders.includes("generic") && (
               <OAuthButton
-                title={genericName}
+                title="Generic"
                 icon={<GenericIcon />}
                 className="w-full"
                 onClick={() => oauthMutation.mutate("generic")}

internal/oauth/oauth.go

@@ -3,48 +3,28 @@ package oauth
 import (
 	"context"
 	"crypto/rand"
-	"crypto/tls"
 	"encoding/base64"
 	"net/http"
 
 	"golang.org/x/oauth2"
 )
 
-func NewOAuth(config oauth2.Config, insecureSkipVerify bool) *OAuth {
+func NewOAuth(config oauth2.Config) *OAuth {
 	return &OAuth{
-		Config:             config,
+		Config: config,
-		InsecureSkipVerify: insecureSkipVerify,
 	}
 }
 
 type OAuth struct {
-	Config             oauth2.Config
+	Config   oauth2.Config
-	Context            context.Context
+	Context  context.Context
-	Token              *oauth2.Token
+	Token    *oauth2.Token
-	Verifier           string
+	Verifier string
-	InsecureSkipVerify bool
 }
 
 func (oauth *OAuth) Init() {
-	// Create transport with TLS
+	// Create a new context and verifier
-	transport := &http.Transport{
-		TLSClientConfig: &tls.Config{
-			InsecureSkipVerify: oauth.InsecureSkipVerify,
-			MinVersion:         tls.VersionTLS12,
-		},
-	}
-
-	// Create a new context
 	oauth.Context = context.Background()
-
-	// Create the HTTP client with the transport
-	httpClient := &http.Client{
-		Transport: transport,
-	}
-
-	// Set the HTTP client in the context
-	oauth.Context = context.WithValue(oauth.Context, oauth2.HTTPClient, httpClient)
-	// Create the verifier
 	oauth.Verifier = oauth2.GenerateVerifier()
 }
 

internal/providers/providers.go

@@ -36,7 +36,7 @@ func (providers *Providers) Init() {
 			RedirectURL:  fmt.Sprintf("%s/api/oauth/callback/github", providers.Config.AppURL),
 			Scopes:       GithubScopes(),
 			Endpoint:     endpoints.GitHub,
-		}, false)
+		})
 
 		// Initialize the oauth provider
 		providers.Github.Init()
@@ -53,7 +53,7 @@ func (providers *Providers) Init() {
 			RedirectURL:  fmt.Sprintf("%s/api/oauth/callback/google", providers.Config.AppURL),
 			Scopes:       GoogleScopes(),
 			Endpoint:     endpoints.Google,
-		}, false)
+		})
 
 		// Initialize the oauth provider
 		providers.Google.Init()
@@ -73,7 +73,7 @@ func (providers *Providers) Init() {
 				AuthURL:  providers.Config.GenericAuthURL,
 				TokenURL: providers.Config.GenericTokenURL,
 			},
-		}, providers.Config.GenericSkipSSL)
+		})
 
 		// Initialize the oauth provider
 		providers.Generic.Init()

internal/types/config.go

@@ -24,7 +24,6 @@ type Config struct {
 	GenericTokenURL         string `mapstructure:"generic-token-url"`
 	GenericUserURL          string `mapstructure:"generic-user-url"`
 	GenericName             string `mapstructure:"generic-name"`
-	GenericSkipSSL          bool   `mapstructure:"generic-skip-ssl"`
 	DisableContinue         bool   `mapstructure:"disable-continue"`
 	OAuthWhitelist          string `mapstructure:"oauth-whitelist"`
 	OAuthAutoRedirect       string `mapstructure:"oauth-auto-redirect" validate:"oneof=none github google generic"`
@@ -35,7 +34,7 @@ type Config struct {
 	LoginTimeout            int    `mapstructure:"login-timeout"`
 	LoginMaxRetries         int    `mapstructure:"login-max-retries"`
 	FogotPasswordMessage    string `mapstructure:"forgot-password-message" validate:"required"`
-	BackgroundImage         string `mapstructure:"background-image" validate:"required"`
+	BackgroundImage         string `mapstructure:"background-image" validate:"required,url"`
 }
 
 // Server configuration
@@ -63,7 +62,6 @@ type OAuthConfig struct {
 	GenericAuthURL      string
 	GenericTokenURL     string
 	GenericUserURL      string
-	GenericSkipSSL      bool
 	AppURL              string
 }