summaryrefslogtreecommitdiff
path: root/internal/api/client/auth/auth.go
AgeCommit message (Collapse)AuthorFiles
2023-01-02[chore] The Big Middleware and API Refactor (tm) (#1250)Libravatar tobi1
* interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths
2022-12-06[feature] overhaul the oidc system (#961)Libravatar Dominik Süß1
* [feature] overhaul the oidc system this allows for more flexible username handling and prevents account takeover using old email addresses * [feature] add migration path for old OIDC users * [feature] nicer error reporting for users * [docs] document the new OIDC flow * [fix] return early on oidc error * [docs]: add comments on the finalization logic
2022-10-08[feature] `oob` oauth token support (#889)Libravatar tobi1
* move helpful advice into oauth server * rewrite HandleAuthorizeRequest to allow oob
2022-07-28[feature] add 'state' oauth2 param to /oauth/authorize (#730)Libravatar tobi1
2022-06-11[feature] Add `created_at` and `error_description` to `/oauth/token` ↵Libravatar tobi1
endpoint (#645) * start fiddling about with oauth server * start returning more helpful errors from oauth * test helpful(ish) token errors * add missing license header
2022-06-08[feature] More consistent API error handling (#637)Libravatar tobi1
* update templates * start reworking api error handling * update template * return AP status at web endpoint if negotiated * start making api error handling much more consistent * update account endpoints to new error handling * use new api error handling in admin endpoints * go fmt ./... * use api error logic in app * use generic error handling in auth * don't export generic error handler * don't defer clearing session * user nicer error handling on oidc callback handler * tidy up the sign in handler * tidy up the token handler * use nicer error handling in blocksget * auth emojis endpoint * fix up remaining api endpoints * fix whoopsie during login flow * regenerate swagger docs * change http error logging to debug
2022-02-07[feature] add authorization to the already-existing authentication (#365)Libravatar Forest Johnson1
* add ensureUserIsAuthorizedOrRedirect to /oauth/authorize * adding authorization (email confirm, account approve, etc) to TokenCheck * revert un-needed changes to signin.go * oops what happened here * error css * add account.SuspendedAt check * remove redundant checks from oauth util Authed function * wip tests * tests passing * stop stripping useful information from ErrAlreadyExists * that feeling of scraping the dryer LINT off the screen * oops I didn't mean to get rid of this NewTestRouter function * make tests work with recorder * re-add ConfigureTemplatesWithGin to handle template path err Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2021-12-20Extend license notices to 2022 (#354)Libravatar tobi1
2021-12-07Implement Cobra CLI tooling, Viper config tooling (#336)Libravatar tobi1
* start pulling out + replacing urfave and config * replace many many instances of config * move more stuff => viper * properly remove urfave * move some flags to root command * add testrig commands to root * alias config file keys * start adding cli parsing tests * reorder viper init * remove config path alias * fmt * change config file keys to non-nested * we're more or less in business now * tidy up the common func * go fmt * get tests passing again * add note about the cliparsing tests * reorganize * update docs with changes * structure cmd dir better * rename + move some files around * fix dangling comma
2021-11-27Require confirmed email when checking oauth token (#332)Libravatar tobi1
* move token checker to security package * update tests with new security package * add oauth token checking to security package * check if user email confirmed when parsing token
2021-11-22Enable stricter linting with golangci-lint (#316)Libravatar tobi1
* update golangci-lint * add golangci config file w/ more linters * correct issues flagged by stricter linters * add more generous timeout for golangci-lint * add some style + formatting guidelines * move timeout to config file * go fmt
2021-10-11reference global logrus (#274)Libravatar R. Aidan Campbell1
* reference logrus' global logger instead of passing and storing a logger reference everywhere * always directly use global logrus logger instead of referencing an instance * test suites should also directly use the global logrus logger * rename gin logging function to clarify that it's middleware * correct comments which erroneously referenced removed logger parameter * setting log level for tests now uses logrus' exported type instead of the string value, to guarantee error isn't possible
2021-07-23Oidc (#109)Libravatar Tobi Smethurst1
* add oidc config * inching forward with oidc idp * lil webfingy fix * bit more progress * further oidc * oidc now working * document dex config * replace broken images * add additional credits * tiny doc update * update * add oidc config * inching forward with oidc idp * bit more progress * further oidc * oidc now working * document dex config * replace broken images * add additional credits * tiny doc update * update * document * docs + comments
2021-07-08Auth flow fixes (#82)Libravatar Tobi Smethurst1
* preliminary fixes to broken auth flow * fix some auth/cookie weirdness * fmt
2021-05-08Ap (#14)Libravatar Tobi Smethurst1
Big restructuring and initial work on activitypub
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-13 06:43:04 +0000