Commit Graph

1561 Commits

Author SHA1 Message Date
Varun Narravula 6c8757f230 feat(olm): reset/send new olm secret if a matching fingerprint is detected 2026-01-15 12:33:26 -08:00
Milo Schwartz 40e37b1798 Merge pull request #2244 from water-sucks/add-fingerprint-and-posture-check-info
feat(fingerprint): store posture checks and fingerprint info
2026-01-15 12:05:41 -08:00
Varun Narravula e9e935d6c4 feat(fingerprint): add platform fingerprint hash 2026-01-14 20:21:22 -08:00
miloschwartz 2f2c2b4222 improved org idp login flow 2026-01-14 19:15:19 -08:00
Fred KISSIE a4f3963a5a ♻️update approval filter & set approval to denied when blocked 2026-01-15 03:34:42 +01:00
Owen d52bd65d21 Fix build 2026-01-14 17:54:34 -08:00
Fred KISSIE fb51f42f35 ♻️ set approval & blocked work in tandem 2026-01-15 01:33:52 +01:00
Fred KISSIE cbf184342b Merge branch 'dev' into feat/device-approvals 2026-01-14 23:08:40 +01:00
Fred KISSIE 4c78e93143 💄 show approval state in the user device uI 2026-01-14 01:59:51 +01:00
miloschwartz 2201b0395d add optional tags field to idp 2026-01-13 16:21:40 -08:00
miloschwartz a56b058858 fix role name missing in forward headers 2026-01-13 15:28:02 -08:00
miloschwartz e9bc9747b8 check if olm is blocked in get user olm 2026-01-12 22:08:58 -08:00
Owen eb0cdda0f9 Merge branch 'dev' into msg-delivery 2026-01-12 21:17:38 -08:00
Owen 552adf3200 Properly handle blocked devices 2026-01-12 21:14:18 -08:00
Owen eba25fcc4d Add increment options and slight cleanup 2026-01-12 20:48:18 -08:00
miloschwartz 673cd0fcd1 add block client 2026-01-12 20:37:53 -08:00
miloschwartz b941b5571f add archive to org clients and add unarchive 2026-01-12 15:52:27 -08:00
Varun Narravula fcee735578 feat(fingerprints): receive fingerprints/postures from olm and add to db 2026-01-10 21:15:54 -08:00
miloschwartz 2ba49e84bb add archive device instead of delete 2026-01-09 18:00:00 -08:00
miloschwartz 4c8d2266ec clean up login page 2026-01-09 14:41:22 -08:00
Fred KISSIE 39bebea5f7 create & update role with device approval 2026-01-08 03:33:03 +01:00
miloschwartz 168ce549f7 remove guards form list idp for integration api 2026-01-06 13:20:18 -05:00
Fred KISSIE cb21cab117 🚧 add device approval in the roles page 2026-01-06 01:51:33 +01:00
Fred KISSIE 0f2b94307f Merge branch 'dev' into feat/device-approvals 2026-01-05 16:54:18 +01:00
Owen f7fcde8312 Add max recursion depth to matchSegments 2025-12-31 10:40:16 -05:00
Owen 6660c850f3 Try to bound logs
Ref #2120
2025-12-31 10:31:40 -05:00
Owen 0eb39abdb4 Set hc to unknown when changing to local site
Fixes #2181
2025-12-29 10:22:06 -05:00
miloschwartz 9fba9bd6b7 ui enhancements 2025-12-24 15:53:08 -05:00
Owen b64e2e11db Try to remove deadlocks on client updates 2025-12-24 12:20:22 -05:00
Owen 0ccd5714f9 Seperating out functions 2025-12-24 11:50:27 -05:00
Owen 446eba8bc9 Orging how we are going to make the sync 2025-12-24 10:38:44 -05:00
Owen 18579c0647 Merge branch 'dev' into msg-delivery 2025-12-23 16:57:17 -05:00
Owen 0d37e08638 Merge branch 'dev' into msg-delivery 2025-12-23 16:56:50 -05:00
miloschwartz da112d3417 add stripPortFromHost and reuse everywhere 2025-12-23 12:35:03 -05:00
Owen 5c67a1cb12 Format 2025-12-22 16:28:41 -05:00
miloschwartz 1905936950 parse request ip in exchange session 2025-12-22 15:48:24 -05:00
Owen 221ee6a1c2 Remove warning for limit 2025-12-22 14:07:49 -05:00
miloschwartz 71386d3b05 fix request ip port strip issue with badger >=1.3.0 2025-12-22 12:35:40 -05:00
Dennis e051142334 Add region-based resource rule 2025-12-22 17:44:56 +01:00
Jacky Fong 89a7e2e4dc handle olm as well 2025-12-22 10:25:30 -05:00
Jacky Fong 27440700a5 fix: Don't treat newt release-candidate as a "update" in the site list 2025-12-22 10:25:30 -05:00
Dhananjay Mahtha 90c48f20e0 Fix: Prevent cache memory leak by adding maxKeys limit and conditional caching
- Add maxKeys limit (10,000) to NodeCache to prevent unbounded memory growth
- Skip caching undefined values when GeoIP/ASN lookups fail (e.g., when MaxMind DB not configured)
- Add periodic cache statistics logging every 5 minutes for monitoring
- Fixes memory leak where cache would grow indefinitely with high request volumes

The maxKeys limit uses LRU eviction, so oldest entries are automatically removed
when the limit is reached. With ~10k requests/day and 5min TTL, 10k keys provides
ample headroom while preventing OOM issues.

Fixes #2120
2025-12-21 17:08:27 -05:00
Owen 3ce0cc1992 Add missing semicolon 2025-12-20 16:35:16 -05:00
Owen a9a0fbe244 Merge UI into new screen 2025-12-20 16:35:16 -05:00
Owen 9b3d066a91 Fix merge issues 2025-12-20 16:35:16 -05:00
Owen d8344988c0 Restrict license 2025-12-20 16:35:16 -05:00
Owen 19f8cda3d9 Make private 2025-12-20 16:35:16 -05:00
Owen b8ffc601d4 add backend API maintenance screen 2025-12-20 16:35:16 -05:00
Pallavi Kumari c033fd4e8b backend for updating maintenance screen 2025-12-20 16:35:16 -05:00
Owen eafcefbe45 Merge branch 'dev' of github.com:jln-brtn/pangolin into jln-brtn-dev 2025-12-20 15:34:32 -05:00