miloschwartz
b7df0b122d
introduce strict rate limitso on auth router endpoints
2025-07-14 18:00:41 -07:00
miloschwartz
3505342a8d
style consistency changes to add security key form
2025-07-14 15:43:33 -07:00
miloschwartz
0a97d91aed
restore migrations and fix rate limit
2025-07-14 14:55:09 -07:00
Milo Schwartz
9075ecb007
Merge branch 'dev' into feat/internal-user-passkey-support
2025-07-14 17:43:01 -04:00
miloschwartz
915ccdc007
server admin enforce 2fa per user
2025-07-13 21:58:37 -07:00
Adrian Astles
c9f5ffae42
Merge branch 'dev' into feat/internal-user-passkey-support
2025-07-14 07:20:33 +08:00
J. Newing
0f3a5ce8ba
Added users 2FA statsu to userstable
2025-07-08 10:21:24 -04:00
J. Newing
2a6298e9eb
Admins can enable 2FA
...
Added the feature for admins to force 2FA on accounts. The next time the
user logs in they will have to setup 2FA on their account.
2025-07-08 10:21:24 -04:00
Adrian Astles
f97b133c8c
Resolved build error.
2025-07-08 22:04:24 +08:00
Adrian Astles
f0a1c10ec5
fix(auth): improve security key login flow.
...
- Fix login to verify password before showing security key prompt
- Add proper 2FA verification flow when deleting security keys
Previously, users with security keys would see the security key prompt
even if they entered an incorrect password. Now the password is verified
first. Additionally, security key deletion now properly handles 2FA
verification when enabled.
2025-07-07 17:48:23 +08:00
Adrian Astles
5009906385
renamed passkey to security key to stay aligned with the UI and other backend naming.
2025-07-05 21:51:31 +08:00
Adrian Astles
6ccc05b183
Update security key error handling and user feedback. Improve user guidance for security key interactions and Implement proper error handling for permission denials and timing issues.
2025-07-05 18:56:32 +08:00
Adrian Astles
5130071a60
improved security key management interface, also updated locales
2025-07-05 18:27:04 +08:00
Adrian Astles
d5e67835aa
improved WebAuthn error messages and session handling. Compatibility guidance in error states, and Improve user guidance for common authentication issues.
2025-07-05 16:52:56 +08:00
Adrian Astles
bf8078ed66
enhance WebAuthn implementation and error handling.
2025-07-05 16:48:37 +08:00
Adrian Astles
f31717145f
feat(passkeys): Add password verification for passkey management
...
- Add password verification requirement when registering passkeys
- Add password verification requirement when deleting passkeys
- Add support for 2FA verification if enabled
- Add new delete confirmation dialog with password field
- Add recommendation message when only one passkey is registered
- Improve dialog styling and user experience
- Fix type issues with WebAuthn credential descriptors
Security: This change ensures that sensitive passkey operations require
password verification, similar to 2FA management, preventing unauthorized
modifications to authentication methods.
2025-07-03 22:57:29 +08:00
Adrian Astles
db76558944
refactor: rename passkeyChallenge to webauthnChallenge
...
- Renamed table for consistency with webauthnCredentials
- Created migration script 1.8.1.ts for table rename
- Updated schema definitions in SQLite and PostgreSQL
- Maintains WebAuthn standard naming convention
2025-07-03 21:53:07 +08:00
Owen
baee745d3c
Fix orgId not in queries
2025-06-27 18:01:06 -04:00
miloschwartz
d03f45279c
remove server admin from config and add onboarding ui
2025-06-19 22:11:05 -04:00
miloschwartz
f300838f8e
add migration for 1.6.0
2025-06-19 15:58:05 -04:00
miloschwartz
1bf2e23f5d
make username lowercase
2025-06-19 15:41:49 -04:00
miloschwartz
c043912f94
fix bug preventing creating raw resources with api key closes #920
2025-06-18 16:42:07 -04:00
Owen
ddd292422b
Make error more clear
...
From #911
2025-06-15 10:53:03 -04:00
Thijs van Loef
cbca88f76b
fix semi colons
2025-06-09 23:52:16 +02:00
miloschwartz
f0cb65f65c
dont import db in nextjs
2025-06-05 14:44:34 -04:00
miloschwartz
92135ff9c1
minor visal adjustments to docker container view
2025-06-05 11:51:48 -04:00
Owen
ab843b1a43
Clean up unused
2025-06-04 17:42:19 -04:00
miloschwartz
4593edbb45
add get role to integration api
2025-06-04 17:28:46 -04:00
Owen
8800ec9675
Merge branch 'dev' of github.com:fosrl/pangolin into dev
2025-06-04 16:02:52 -04:00
Owen
df4da75c57
Dont do socket on non-newt sites
2025-06-04 16:02:45 -04:00
miloschwartz
717dfae26c
look for ipv6 in brackets and fix cors headers in install config
2025-06-04 15:56:16 -04:00
Owen
58a2a9dcc9
Fix db import for pg
2025-06-04 15:24:15 -04:00
Milo Schwartz
6fc6f325a7
Merge pull request #807 from pyrho/feat/auth-header
...
send user data to badger when authenticated
2025-06-04 12:17:23 -04:00
miloschwartz
b46e49922c
Merge branch 'dev' into postgres
2025-06-04 12:04:28 -04:00
miloschwartz
2cca561e51
support postgresql as database option
2025-06-04 12:02:07 -04:00
Owen
17919192e0
Speed up when the button shows
2025-06-03 21:04:08 -04:00
Damien Rajon
c5e37c1608
send user data to badger when authenticated
2025-05-30 20:37:21 +02:00
Rajesh V
948eb7f6d0
docker socket
2025-05-29 22:34:05 +05:30
miloschwartz
5b0200154a
add feature parity
2025-05-13 11:09:38 -04:00
miloschwartz
caded23b51
allow root path
2025-05-09 17:37:55 -04:00
miloschwartz
4ed98c227b
fix setting tlsServerName and hostHeader conflict
2025-05-09 17:12:01 -04:00
miloschwartz
f25990a9a7
add id token and claims to debug logs
2025-05-09 16:46:51 -04:00
miloschwartz
5e052a446a
1.3.1
2025-05-03 12:25:02 -04:00
miloschwartz
a9f0b9aa38
add user checks in routes
2025-05-02 10:44:50 -04:00
miloschwartz
237960fc5b
various small fixes
2025-04-29 22:59:38 -04:00
Owen
e236364124
Change api
2025-04-28 21:50:48 -04:00
miloschwartz
599d0a52bf
add api key code and oidc auto provision code
2025-04-28 21:14:09 -04:00
miloschwartz
4819f410e6
add license system and ui
2025-04-27 13:03:00 -04:00
miloschwartz
91b4bb4683
move proxy related settings to new proxy tab for resource
2025-04-23 23:08:25 -04:00
miloschwartz
f4fd33b47f
Merge branch 'auth-providers' into dev
2025-04-23 22:08:37 -04:00
