Merge branch 'dev' into clients-user

2026-02-28 15:56:39 +00:00 · 2025-12-05 15:17:32 -05:00
parent 53bb4efbb2 35f9c67cfe
commit a3b852ef45
27 changed files with 2882 additions and 1896 deletions
--- a/server/lib/blueprints/proxyResources.ts
+++ b/server/lib/blueprints/proxyResources.ts
@@ -221,6 +221,7 @@ export async function updateProxyResources(
                        domainId: domain ? domain.domainId : null,
                        enabled: resourceEnabled,
                        sso: resourceData.auth?.["sso-enabled"] || false,
+                        skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
                        ssl: resourceSsl,
                        setHostHeader: resourceData["host-header"] || null,
                        tlsServerName: resourceData["tls-server-name"] || null,
@@ -610,6 +611,7 @@ export async function updateProxyResources(
                    domainId: domain ? domain.domainId : null,
                    enabled: resourceEnabled,
                    sso: resourceData.auth?.["sso-enabled"] || false,
+                    skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
                    setHostHeader: resourceData["host-header"] || null,
                    tlsServerName: resourceData["tls-server-name"] || null,
                    ssl: resourceSsl,
--- a/server/lib/blueprints/types.ts
+++ b/server/lib/blueprints/types.ts
@@ -59,6 +59,7 @@ export const AuthSchema = z.object({
        }),
    "sso-users": z.array(z.email()).optional().default([]),
    "whitelist-users": z.array(z.email()).optional().default([]),
+    "auto-login-idp": z.int().positive().optional(),
 });

 export const RuleSchema = z.object({
--- a/server/lib/consts.ts
+++ b/server/lib/consts.ts
@@ -2,7 +2,7 @@ import path from "path";
 import { fileURLToPath } from "url";

 // This is a placeholder value replaced by the build process
-export const APP_VERSION = "1.12.1";
+export const APP_VERSION = "1.12.3";

 export const __FILENAME = fileURLToPath(import.meta.url);
 export const __DIRNAME = path.dirname(__FILENAME);
--- a/server/lib/lock.ts
+++ b/server/lib/lock.ts
@@ -0,0 +1,111 @@
+export class LockManager {
+    /**
+     * Acquire a distributed lock using Redis SET with NX and PX options
+     * @param lockKey - Unique identifier for the lock
+     * @param ttlMs - Time to live in milliseconds
+     * @returns Promise<boolean> - true if lock acquired, false otherwise
+     */
+    async acquireLock(
+        lockKey: string,
+        ttlMs: number = 30000
+    ): Promise<boolean> {
+        return true;
+    }
+
+    /**
+     * Release a lock using Lua script to ensure atomicity
+     * @param lockKey - Unique identifier for the lock
+     */
+    async releaseLock(lockKey: string): Promise<void> {}
+
+    /**
+     * Force release a lock regardless of owner (use with caution)
+     * @param lockKey - Unique identifier for the lock
+     */
+    async forceReleaseLock(lockKey: string): Promise<void> {}
+
+    /**
+     * Check if a lock exists and get its info
+     * @param lockKey - Unique identifier for the lock
+     * @returns Promise<{exists: boolean, ownedByMe: boolean, ttl: number}>
+     */
+    async getLockInfo(lockKey: string): Promise<{
+        exists: boolean;
+        ownedByMe: boolean;
+        ttl: number;
+        owner?: string;
+    }> {
+        return { exists: true, ownedByMe: true, ttl: 0 };
+    }
+
+    /**
+     * Extend the TTL of an existing lock owned by this worker
+     * @param lockKey - Unique identifier for the lock
+     * @param ttlMs - New TTL in milliseconds
+     * @returns Promise<boolean> - true if extended successfully
+     */
+    async extendLock(lockKey: string, ttlMs: number): Promise<boolean> {
+        return true;
+    }
+
+    /**
+     * Attempt to acquire lock with retries and exponential backoff
+     * @param lockKey - Unique identifier for the lock
+     * @param ttlMs - Time to live in milliseconds
+     * @param maxRetries - Maximum number of retry attempts
+     * @param baseDelayMs - Base delay between retries in milliseconds
+     * @returns Promise<boolean> - true if lock acquired
+     */
+    async acquireLockWithRetry(
+        lockKey: string,
+        ttlMs: number = 30000,
+        maxRetries: number = 5,
+        baseDelayMs: number = 100
+    ): Promise<boolean> {
+        return true;
+    }
+
+    /**
+     * Execute a function while holding a lock
+     * @param lockKey - Unique identifier for the lock
+     * @param fn - Function to execute while holding the lock
+     * @param ttlMs - Lock TTL in milliseconds
+     * @returns Promise<T> - Result of the executed function
+     */
+    async withLock<T>(
+        lockKey: string,
+        fn: () => Promise<T>,
+        ttlMs: number = 30000
+    ): Promise<T> {
+        const acquired = await this.acquireLock(lockKey, ttlMs);
+
+        if (!acquired) {
+            throw new Error(`Failed to acquire lock: ${lockKey}`);
+        }
+
+        try {
+            return await fn();
+        } finally {
+            await this.releaseLock(lockKey);
+        }
+    }
+
+    /**
+     * Clean up expired locks - Redis handles this automatically, but this method
+     * can be used to get statistics about locks
+     * @returns Promise<{activeLocksCount: number, locksOwnedByMe: number}>
+     */
+    async getLockStatistics(): Promise<{
+        activeLocksCount: number;
+        locksOwnedByMe: number;
+    }> {
+        return { activeLocksCount: 0, locksOwnedByMe: 0 };
+    }
+
+    /**
+     * Close the Redis connection
+     */
+    async disconnect(): Promise<void> {}
+}
+
+export const lockManager = new LockManager();