mirror/outline
1
0
Fork 0
mirror of https://github.com/outline/outline.git synced 2026-02-20 03:20:42 -06:00
Code Issues Packages Projects Releases Wiki Activity
8,729 Commits 628 Branches 238 Tags
08eab03041eb458e751b337aafd0f03073d52a93
Commit Graph

18 Commits

Author SHA1 Message Date
Tom Moor
0a9bd39aac Add CSRF middleware (#10051) 
ref OUT-Q325-03
 2025-08-31 06:35:35 -04:00
Tom Moor
93cda9327a fix: Admins unable to revoke workspace API keys created by other users (#9865) 
* fix: Admins unable to revoke workspace API keys created by other users

closes #9864

* fix policy
 2025-08-07 22:49:23 -04:00
Tom Moor
772eb2f1d4 fix: randomstring dep does not work in browser with rolldown-vite (#9624) 
* fix: randomstring dep does not work in browser with rolldown-vite

* fix: Last usage of randomstring, docs

* feedback
 2025-07-13 09:33:16 -04:00
Tom Moor
a06671e8ce OAuth provider (#8884) 
This PR contains the necessary work to make Outline an OAuth provider including:

- OAuth app registration
- OAuth app management
- Private / public apps (Public in cloud only)
- Full OAuth 2.0 spec compatible authentication flow
- Granular scopes
- User token management screen in settings
- Associated API endpoints for programatic access
 2025-05-03 19:40:18 -04:00
Tom Moor
4cd2ee6291 fix: Path with query string does not work with scope restrictions, closes #8489 2025-02-18 20:16:54 -05:00
Tom Moor
15892a9364 feat: API key resource scoping (#8297) 2025-01-28 16:50:22 -08:00
Tom Moor
8cfd8e25db fix: Event should not be written when API key is used 2024-11-13 09:10:30 -05:00
Tom Moor
633e547d3e Refactor of event insertion (#5909) 2024-11-10 16:26:20 -08:00
Tom Moor
1a02b0d9d7 Add script to backfill ApiKey hashes (#7717) 
* Add hashed column for API keys

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2024-10-03 16:27:25 -07:00
Tom Moor
5e61fcd336 Add hashed column for API keys (#7699) 
* Add hashed column for API keys

* test

* Add obfuscatedValue getter
 2024-09-30 17:16:35 -07:00
Hemachandar
1bf9012992 feat: Add lastUsedAt to API keys (#7082) 
* feat: Add lastUsedAt to API keys

* rename column to lastActiveAt

* switch order
 2024-06-20 06:18:35 -07:00
Hemachandar
3af9861c4a feat: add API key expiry options (#7064) 
* feat: add API key expiry options

* review
 2024-06-18 18:34:45 -07:00
Tom Moor
cf16d25a67 chore: Tidy API key settings page 2024-06-05 07:13:35 -04:00
Apoorv Mishra
7e61a519f1 Type server models (#6326) 
* fix: type server models

* fix: make ParanoidModel generic

* fix: ApiKey

* fix: Attachment

* fix: AuthenticationProvider

* fix: Backlink

* fix: Collection

* fix: Comment

* fix: Document

* fix: FileOperation

* fix: Group

* fix: GroupPermission

* fix: GroupUser

* fix: Integration

* fix: IntegrationAuthentication

* fix: Notification

* fix: Pin

* fix: Revision

* fix: SearchQuery

* fix: Share

* fix: Star

* fix: Subscription

* fix: TypeError

* fix: Imports

* fix: Team

* fix: TeamDomain

* fix: User

* fix: UserAuthentication

* fix: UserPermission

* fix: View

* fix: WebhookDelivery

* fix: WebhookSubscription

* Remove type duplication

---------

Co-authored-by: Tom Moor <tom.moor@gmail.com>
 2024-01-12 22:33:05 +05:30
Tom Moor
d6d1eb4485 feat: Prefix api keys 2022-12-03 18:21:33 -05:00
Tom Moor
8bb88b8550 chore: Audit of all model column validations (#3757) 
* chore: Updating all model validations before the white-hatters get to it ;)

* test

* Remove isUrl validation, thinking about it need to account for minio and other weird urls here
 2022-07-09 08:04:40 -07:00
Tom Moor
b20a341f0c chore: Typescript database models (#2886) 
closes #2798
 2022-01-06 18:24:28 -08:00
Tom Moor
15b1069bcc chore: Move to Typescript (#2783) 
This PR moves the entire project to Typescript. Due to the ~1000 ignores this will lead to a messy codebase for a while, but the churn is worth it – all of those ignore comments are places that were never type-safe previously.

closes #1282
 2021-11-29 06:40:55 -08:00