pangolin

mirror of https://github.com/fosrl/pangolin.git synced 2025-12-12 02:47:46 +00:00

Author	SHA1	Message	Date
miloschwartz	379d31aac6	Merge branch 'dev' of https://github.com/fosrl/pangolin into dev	2025-07-14 22:21:04 -07:00
miloschwartz	b7df0b122d	introduce strict rate limitso on auth router endpoints	2025-07-14 18:00:41 -07:00
Owen	f9798a8d86	Redis	2025-07-14 17:10:26 -07:00
Owen	3dc79da2fa	Merge branch 'dev' into clients-pops-dev	2025-07-14 16:59:00 -07:00
Owen	83b00c1cfa	Fix domain picker build and copy in for domains	2025-07-14 16:37:54 -07:00
miloschwartz	d6fdb38c22	remove vacuum	2025-07-14 16:27:18 -07:00
miloschwartz	3505342a8d	style consistency changes to add security key form	2025-07-14 15:43:33 -07:00
Owen	78661799f2	Resources working with new picker	2025-07-14 15:36:15 -07:00
miloschwartz	0a97d91aed	restore migrations and fix rate limit	2025-07-14 14:55:09 -07:00
Milo Schwartz	9075ecb007	Merge branch 'dev' into feat/internal-user-passkey-support	2025-07-14 17:43:01 -04:00
Owen	7f227932da	Domain picker support wildcard	2025-07-14 12:24:38 -07:00
Owen	69d253fba3	Create wildcard domains	2025-07-14 12:18:12 -07:00
Owen	b75800c583	Reintroduce clients conditionally	2025-07-14 11:43:13 -07:00
Owen	a35add3fc6	Consolidate imports	2025-07-14 10:56:24 -07:00
Owen	b17ff57582	Add missing new domain cols	2025-07-14 10:56:10 -07:00
miloschwartz	915ccdc007	server admin enforce 2fa per user	2025-07-13 21:58:37 -07:00
Owen	98a261e38c	Pull up downstream changes	2025-07-13 21:57:24 -07:00
Adrian Astles	c9f5ffae42	Merge branch 'dev' into feat/internal-user-passkey-support	2025-07-14 07:20:33 +08:00
J. Newing	0f3a5ce8ba	Added users 2FA statsu to userstable	2025-07-08 10:21:24 -04:00
J. Newing	2a6298e9eb	Admins can enable 2FA Added the feature for admins to force 2FA on accounts. The next time the user logs in they will have to setup 2FA on their account.	2025-07-08 10:21:24 -04:00
Adrian Astles	f97b133c8c	Resolved build error.	2025-07-08 22:04:24 +08:00
Adrian Astles	f0a1c10ec5	fix(auth): improve security key login flow. - Fix login to verify password before showing security key prompt - Add proper 2FA verification flow when deleting security keys Previously, users with security keys would see the security key prompt even if they entered an incorrect password. Now the password is verified first. Additionally, security key deletion now properly handles 2FA verification when enabled.	2025-07-07 17:48:23 +08:00
Adrian Astles	5009906385	renamed passkey to security key to stay aligned with the UI and other backend naming.	2025-07-05 21:51:31 +08:00
Adrian Astles	6ccc05b183	Update security key error handling and user feedback. Improve user guidance for security key interactions and Implement proper error handling for permission denials and timing issues.	2025-07-05 18:56:32 +08:00
Adrian Astles	3994b25a71	Merge branch 'dev' into feat/internal-user-passkey-support	2025-07-05 18:36:44 +08:00
Adrian Astles	5130071a60	improved security key management interface, also updated locales	2025-07-05 18:27:04 +08:00
Adrian Astles	d5e67835aa	improved WebAuthn error messages and session handling. Compatibility guidance in error states, and Improve user guidance for common authentication issues.	2025-07-05 16:52:56 +08:00
Adrian Astles	bf8078ed66	enhance WebAuthn implementation and error handling.	2025-07-05 16:48:37 +08:00
Adrian Astles	f31717145f	feat(passkeys): Add password verification for passkey management - Add password verification requirement when registering passkeys - Add password verification requirement when deleting passkeys - Add support for 2FA verification if enabled - Add new delete confirmation dialog with password field - Add recommendation message when only one passkey is registered - Improve dialog styling and user experience - Fix type issues with WebAuthn credential descriptors Security: This change ensures that sensitive passkey operations require password verification, similar to 2FA management, preventing unauthorized modifications to authentication methods.	2025-07-03 22:57:29 +08:00
Adrian Astles	db76558944	refactor: rename passkeyChallenge to webauthnChallenge - Renamed table for consistency with webauthnCredentials - Created migration script 1.8.1.ts for table rename - Updated schema definitions in SQLite and PostgreSQL - Maintains WebAuthn standard naming convention	2025-07-03 21:53:07 +08:00
miloschwartz	719d75f8a6	fix pg migration for >1.6.0	2025-07-01 21:03:10 -07:00
miloschwartz	1e5141c27c	add newt version update available to table	2025-06-30 13:59:30 -07:00
miloschwartz	a0381eb2c6	clean up ui pass 1	2025-06-30 09:34:14 -07:00
Owen	3b6a44e683	Merge branch 'dev' into clients-pops	2025-06-27 18:01:21 -04:00
Owen	baee745d3c	Fix orgId not in queries	2025-06-27 18:01:06 -04:00
Owen	073c318f12	Improve bandiwdth update	2025-06-27 10:36:58 -04:00
miloschwartz	8f1cfd8037	toggle clients with feature flag	2025-06-26 15:09:16 -04:00
miloschwartz	7bf9cccbf6	show account already exists if email not verified	2025-06-25 16:54:33 -04:00
miloschwartz	e694817b57	add server init method to config	2025-06-25 12:18:29 -04:00
miloschwartz	9bb4d8b2a3	store last visited org in cookie	2025-06-24 14:54:07 -04:00
miloschwartz	34180ca454	set trust proxy for int api	2025-06-22 20:01:31 -04:00
miloschwartz	fb5010a2b5	use redis store in rate limiters	2025-06-22 19:55:05 -04:00
miloschwartz	0e87b6e48b	Merge branch 'dev' into clients-pops	2025-06-22 17:50:39 -04:00
miloschwartz	d45443258b	update selection algorithm	2025-06-22 17:19:40 -04:00
Owen	f3b44a3085	Add default type	2025-06-22 15:48:47 -04:00
Owen	9680260104	Add domain type	2025-06-22 12:58:33 -04:00
miloschwartz	2ead5f4506	add deprecated env vars warning	2025-06-21 16:59:10 -04:00
miloschwartz	ead5df0a8c	simplify installer and remove parsing from read config	2025-06-21 16:35:22 -04:00
miloschwartz	317a15b649	Merge branch 'dev' into clients-pops	2025-06-20 16:34:49 -04:00
miloschwartz	d03f45279c	remove server admin from config and add onboarding ui	2025-06-19 22:11:05 -04:00

1 2 3 4 5 ...

694 Commits