calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-01 07:39:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,312 Commits 20 Branches 85 Tags
b7df0b122dbd2e0f28fff214042ed774bc4e886f
Commit Graph

549 Commits

Author SHA1 Message Date
miloschwartz
b7df0b122d introduce strict rate limitso on auth router endpoints 2025-07-14 18:00:41 -07:00
miloschwartz
d6fdb38c22 remove vacuum 2025-07-14 16:27:18 -07:00
miloschwartz
3505342a8d style consistency changes to add security key form 2025-07-14 15:43:33 -07:00
miloschwartz
0a97d91aed restore migrations and fix rate limit 2025-07-14 14:55:09 -07:00
Milo Schwartz
9075ecb007 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-14 17:43:01 -04:00
miloschwartz
915ccdc007 server admin enforce 2fa per user 2025-07-13 21:58:37 -07:00
Adrian Astles
c9f5ffae42 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-14 07:20:33 +08:00
J. Newing
0f3a5ce8ba Added users 2FA statsu to userstable 2025-07-08 10:21:24 -04:00
J. Newing
2a6298e9eb Admins can enable 2FA 
Added the feature for admins to force 2FA on accounts. The next time the
user logs in they will have to setup 2FA on their account.
 2025-07-08 10:21:24 -04:00
Adrian Astles
f97b133c8c Resolved build error. 2025-07-08 22:04:24 +08:00
Adrian Astles
f0a1c10ec5 fix(auth): improve security key login flow. 
- Fix login to verify password before showing security key prompt
- Add proper 2FA verification flow when deleting security keys

Previously, users with security keys would see the security key prompt
even if they entered an incorrect password. Now the password is verified
first. Additionally, security key deletion now properly handles 2FA
verification when enabled.
 2025-07-07 17:48:23 +08:00
Adrian Astles
5009906385 renamed passkey to security key to stay aligned with the UI and other backend naming. 2025-07-05 21:51:31 +08:00
Adrian Astles
6ccc05b183 Update security key error handling and user feedback. Improve user guidance for security key interactions and Implement proper error handling for permission denials and timing issues. 2025-07-05 18:56:32 +08:00
Adrian Astles
3994b25a71 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-05 18:36:44 +08:00
Adrian Astles
5130071a60 improved security key management interface, also updated locales 2025-07-05 18:27:04 +08:00
Adrian Astles
d5e67835aa improved WebAuthn error messages and session handling. Compatibility guidance in error states, and Improve user guidance for common authentication issues. 2025-07-05 16:52:56 +08:00
Adrian Astles
bf8078ed66 enhance WebAuthn implementation and error handling. 2025-07-05 16:48:37 +08:00
Adrian Astles
f31717145f feat(passkeys): Add password verification for passkey management 
- Add password verification requirement when registering passkeys
- Add password verification requirement when deleting passkeys
- Add support for 2FA verification if enabled
- Add new delete confirmation dialog with password field
- Add recommendation message when only one passkey is registered
- Improve dialog styling and user experience
- Fix type issues with WebAuthn credential descriptors

Security: This change ensures that sensitive passkey operations require
password verification, similar to 2FA management, preventing unauthorized
modifications to authentication methods.
 2025-07-03 22:57:29 +08:00
Adrian Astles
db76558944 refactor: rename passkeyChallenge to webauthnChallenge 
- Renamed table for consistency with webauthnCredentials
- Created migration script 1.8.1.ts for table rename
- Updated schema definitions in SQLite and PostgreSQL
- Maintains WebAuthn standard naming convention
 2025-07-03 21:53:07 +08:00
miloschwartz
719d75f8a6 fix pg migration for >1.6.0 2025-07-01 21:03:10 -07:00
Owen
baee745d3c Fix orgId not in queries 2025-06-27 18:01:06 -04:00
miloschwartz
2ead5f4506 add deprecated env vars warning 2025-06-21 16:59:10 -04:00
miloschwartz
ead5df0a8c simplify installer and remove parsing from read config 2025-06-21 16:35:22 -04:00
miloschwartz
d03f45279c remove server admin from config and add onboarding ui 2025-06-19 22:11:05 -04:00
miloschwartz
f300838f8e add migration for 1.6.0 2025-06-19 15:58:05 -04:00
miloschwartz
1bf2e23f5d make username lowercase 2025-06-19 15:41:49 -04:00
miloschwartz
58ba0d07b0 add migration to set trust_proxy to 1 if it exists in config 2025-06-19 12:08:06 -04:00
miloschwartz
97ae76e4e7 forward headers from server component and make trust_proxy config a number 2025-06-19 11:22:29 -04:00
miloschwartz
c043912f94 fix bug preventing creating raw resources with api key closes #920 2025-06-18 16:42:07 -04:00
miloschwartz
b56ba3ee23 prevent org id taken error for flashing after create org 2025-06-18 16:22:01 -04:00
miloschwartz
fc19d0ba8b add set server admin password to cli 2025-06-15 13:19:07 -04:00
Owen
ddd292422b Make error more clear 
From #911
 2025-06-15 10:53:03 -04:00
miloschwartz
b86ef93211 add replica connections for pg 2025-06-13 13:04:44 -04:00
Thijs van Loef
cbca88f76b fix semi colons 2025-06-09 23:52:16 +02:00
Owen
3ed681e277 Bump temp version 2025-06-06 12:16:58 -04:00
miloschwartz
f0cb65f65c dont import db in nextjs 2025-06-05 14:44:34 -04:00
miloschwartz
980545c636 dont throw if fail to migration config 2025-06-05 11:55:59 -04:00
miloschwartz
92135ff9c1 minor visal adjustments to docker container view 2025-06-05 11:51:48 -04:00
Owen
ab843b1a43 Clean up unused 2025-06-04 17:42:19 -04:00
miloschwartz
4593edbb45 add get role to integration api 2025-06-04 17:28:46 -04:00
Owen
96b451843c Update placeholder 2025-06-04 17:27:10 -04:00
miloschwartz
af98610d0d fix migration number and add allowed_headers migration 2025-06-04 17:15:11 -04:00
Owen
8800ec9675 Merge branch 'dev' of github.com:fosrl/pangolin into dev 2025-06-04 16:02:52 -04:00
Owen
df4da75c57 Dont do socket on non-newt sites 2025-06-04 16:02:45 -04:00
miloschwartz
717dfae26c look for ipv6 in brackets and fix cors headers in install config 2025-06-04 15:56:16 -04:00
Owen
58a2a9dcc9 Fix db import for pg 2025-06-04 15:24:15 -04:00
Owen
27a0df4ed4 Add migration for 1.4.0 2025-06-04 15:16:42 -04:00
Milo Schwartz
6fc6f325a7 Merge pull request #807 from pyrho/feat/auth-header 
send user data to badger when authenticated
 2025-06-04 12:17:23 -04:00
miloschwartz
b46e49922c Merge branch 'dev' into postgres 2025-06-04 12:04:28 -04:00
miloschwartz
2cca561e51 support postgresql as database option 2025-06-04 12:02:07 -04:00