Commit Graph

2435 Commits

Author SHA1 Message Date
Milo Schwartz 9075ecb007 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-14 17:43:01 -04:00
Owen 7f227932da Domain picker support wildcard 2025-07-14 12:24:38 -07:00
Owen 69d253fba3 Create wildcard domains 2025-07-14 12:18:12 -07:00
Owen b75800c583 Reintroduce clients conditionally 2025-07-14 11:43:13 -07:00
Owen a35add3fc6 Consolidate imports 2025-07-14 10:56:24 -07:00
Owen b17ff57582 Add missing new domain cols 2025-07-14 10:56:10 -07:00
miloschwartz 915ccdc007 server admin enforce 2fa per user 2025-07-13 21:58:37 -07:00
Owen 98a261e38c Pull up downstream changes 2025-07-13 21:57:24 -07:00
Adrian Astles c9f5ffae42 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-14 07:20:33 +08:00
J. Newing 0f3a5ce8ba Added users 2FA statsu to userstable 2025-07-08 10:21:24 -04:00
J. Newing 2a6298e9eb Admins can enable 2FA
Added the feature for admins to force 2FA on accounts. The next time the
user logs in they will have to setup 2FA on their account.
2025-07-08 10:21:24 -04:00
Adrian Astles f97b133c8c Resolved build error. 2025-07-08 22:04:24 +08:00
Adrian Astles f0a1c10ec5 fix(auth): improve security key login flow.
- Fix login to verify password before showing security key prompt
- Add proper 2FA verification flow when deleting security keys

Previously, users with security keys would see the security key prompt
even if they entered an incorrect password. Now the password is verified
first. Additionally, security key deletion now properly handles 2FA
verification when enabled.
2025-07-07 17:48:23 +08:00
Adrian Astles 5009906385 renamed passkey to security key to stay aligned with the UI and other backend naming. 2025-07-05 21:51:31 +08:00
Adrian Astles 6ccc05b183 Update security key error handling and user feedback. Improve user guidance for security key interactions and Implement proper error handling for permission denials and timing issues. 2025-07-05 18:56:32 +08:00
Adrian Astles 3994b25a71 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-05 18:36:44 +08:00
Adrian Astles 5130071a60 improved security key management interface, also updated locales 2025-07-05 18:27:04 +08:00
Adrian Astles d5e67835aa improved WebAuthn error messages and session handling. Compatibility guidance in error states, and Improve user guidance for common authentication issues. 2025-07-05 16:52:56 +08:00
Adrian Astles bf8078ed66 enhance WebAuthn implementation and error handling. 2025-07-05 16:48:37 +08:00
Adrian Astles f31717145f feat(passkeys): Add password verification for passkey management
- Add password verification requirement when registering passkeys
- Add password verification requirement when deleting passkeys
- Add support for 2FA verification if enabled
- Add new delete confirmation dialog with password field
- Add recommendation message when only one passkey is registered
- Improve dialog styling and user experience
- Fix type issues with WebAuthn credential descriptors

Security: This change ensures that sensitive passkey operations require
password verification, similar to 2FA management, preventing unauthorized
modifications to authentication methods.
2025-07-03 22:57:29 +08:00
Adrian Astles db76558944 refactor: rename passkeyChallenge to webauthnChallenge
- Renamed table for consistency with webauthnCredentials
- Created migration script 1.8.1.ts for table rename
- Updated schema definitions in SQLite and PostgreSQL
- Maintains WebAuthn standard naming convention
2025-07-03 21:53:07 +08:00
miloschwartz 719d75f8a6 fix pg migration for >1.6.0 2025-07-01 21:03:10 -07:00
miloschwartz 1e5141c27c add newt version update available to table 2025-06-30 13:59:30 -07:00
miloschwartz a0381eb2c6 clean up ui pass 1 2025-06-30 09:34:14 -07:00
Owen 3b6a44e683 Merge branch 'dev' into clients-pops 2025-06-27 18:01:21 -04:00
Owen baee745d3c Fix orgId not in queries 2025-06-27 18:01:06 -04:00
Owen 073c318f12 Improve bandiwdth update 2025-06-27 10:36:58 -04:00
miloschwartz 8f1cfd8037 toggle clients with feature flag 2025-06-26 15:09:16 -04:00
miloschwartz 7bf9cccbf6 show account already exists if email not verified 2025-06-25 16:54:33 -04:00
miloschwartz e694817b57 add server init method to config 2025-06-25 12:18:29 -04:00
miloschwartz 9bb4d8b2a3 store last visited org in cookie 2025-06-24 14:54:07 -04:00
miloschwartz 34180ca454 set trust proxy for int api 2025-06-22 20:01:31 -04:00
miloschwartz fb5010a2b5 use redis store in rate limiters 2025-06-22 19:55:05 -04:00
miloschwartz 0e87b6e48b Merge branch 'dev' into clients-pops 2025-06-22 17:50:39 -04:00
miloschwartz d45443258b update selection algorithm 2025-06-22 17:19:40 -04:00
Owen f3b44a3085 Add default type 2025-06-22 15:48:47 -04:00
Owen 9680260104 Add domain type 2025-06-22 12:58:33 -04:00
miloschwartz 2ead5f4506 add deprecated env vars warning 2025-06-21 16:59:10 -04:00
miloschwartz ead5df0a8c simplify installer and remove parsing from read config 2025-06-21 16:35:22 -04:00
miloschwartz 317a15b649 Merge branch 'dev' into clients-pops 2025-06-20 16:34:49 -04:00
miloschwartz d03f45279c remove server admin from config and add onboarding ui 2025-06-19 22:11:05 -04:00
Owen 2fd8134a57 Dont go over capacity or accept no capacity 2025-06-19 18:04:52 -04:00
miloschwartz 494b54ac32 add redis rate limiter 2025-06-19 16:58:03 -04:00
Owen 377eb2b851 Handle version in db 2025-06-19 16:40:20 -04:00
Owen bd7e96b8af Send version and try to be reverse compatible 2025-06-19 16:40:02 -04:00
miloschwartz acf25e8ad7 Merge branch 'dev' into clients-pops 2025-06-19 16:34:06 -04:00
miloschwartz f300838f8e add migration for 1.6.0 2025-06-19 15:58:05 -04:00
miloschwartz 1bf2e23f5d make username lowercase 2025-06-19 15:41:49 -04:00
miloschwartz 58ba0d07b0 add migration to set trust_proxy to 1 if it exists in config 2025-06-19 12:08:06 -04:00
miloschwartz 97ae76e4e7 forward headers from server component and make trust_proxy config a number 2025-06-19 11:22:29 -04:00