mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-07 21:41:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
1,718 Commits 31 Branches 175 Tags
69baa6785fba33e5466eddcffd88dc4bbb87aa57
Commit Graph

24 Commits

Author SHA1 Message Date
Adrian Astles 69baa6785f feat: Add setup token security for initial server setup 
- Add setupTokens database table with proper schema
- Implement setup token generation on first server startup
- Add token validation endpoint and modify admin creation
- Update initial setup page to require setup token
- Add migration scripts for both SQLite and PostgreSQL
- Add internationalization support for setup token fields
- Implement proper error handling and logging
- Add CLI command for resetting user security keys

This prevents unauthorized access during initial server setup by requiring
a token that is generated and displayed in the server console.
 2025-08-03 21:17:18 +08:00
Milo Schwartz 9075ecb007 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-14 17:43:01 -04:00
miloschwartz 915ccdc007 server admin enforce 2fa per user 2025-07-13 21:58:37 -07:00
Adrian Astles c9f5ffae42 Merge branch 'dev' into feat/internal-user-passkey-support 2025-07-14 07:20:33 +08:00
J. Newing 2a6298e9eb Admins can enable 2FA 
Added the feature for admins to force 2FA on accounts. The next time the
user logs in they will have to setup 2FA on their account.
 2025-07-08 10:21:24 -04:00
Adrian Astles 5009906385 renamed passkey to security key to stay aligned with the UI and other backend naming. 2025-07-05 21:51:31 +08:00
Adrian Astles db76558944 refactor: rename passkeyChallenge to webauthnChallenge 
- Renamed table for consistency with webauthnCredentials
- Created migration script 1.8.1.ts for table rename
- Updated schema definitions in SQLite and PostgreSQL
- Maintains WebAuthn standard naming convention
 2025-07-03 21:53:07 +08:00
miloschwartz d03f45279c remove server admin from config and add onboarding ui 2025-06-19 22:11:05 -04:00
Milo Schwartz 8178dd1525 set resource session as base domain cookie 2024-11-27 00:07:40 -05:00
Milo Schwartz c565c14aa0 move middlewares out of auth 2024-11-16 22:48:10 -05:00
Milo Schwartz b1e53ed8d7 set users on resource working 2024-11-15 23:38:08 -05:00
Owen Schwartz e5e78ff1bf Basic websocket and auth for newt 2024-11-10 17:08:11 -05:00
Milo Schwartz 03051878ef rename super user to admin and middleware refactoring 2024-11-05 22:38:57 -05:00
Milo Schwartz fadfaf1f0b ability to remove user from org 2024-11-03 17:28:12 -05:00
Owen Schwartz 4facb91d7a Add user endpoints 2024-10-12 22:31:24 -04:00
Owen Schwartz 364b2c26c3 Add role aware updates & endpoints 2024-10-12 21:36:30 -04:00
Milo Schwartz 7d66a6ff66 added reset password workflow 2024-10-05 17:01:49 -04:00
Milo Schwartz e7080c4aa8 added change password endpoint 2024-10-05 15:11:51 -04:00
Milo Schwartz 76eeb335a3 verify email workflow working 2024-10-04 23:14:40 -04:00
Owen Schwartz a8f944fc78 Add verify middleware 2024-10-03 22:31:20 -04:00
Milo Schwartz f88cb71e62 disable 2fa endpoint 2024-10-02 23:39:07 -04:00
Milo Schwartz 637007e060 finished totp endpoints 2024-10-02 21:55:49 -04:00
Milo Schwartz cfd0a15e2c added logout endpoint 2024-10-02 20:05:08 -04:00
Milo Schwartz 1a91dbb89c organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00