LeoVasanko/passkey-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
150 Commits 1 Branch 6 Tags
main
Commit Graph

150 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Leo Vasanko
07525b47ae Centralise all cookie handling to session.py. v0.4.0 2025-10-04 18:48:24 -06:00
Leo Vasanko
1ad1644b64 Refactor /api/user/* to its own module. 2025-10-04 18:41:35 -06:00
Leo Vasanko
876215f1c1 Reset dialog UX improved. 2025-10-04 18:40:46 -06:00
Leo Vasanko
59e7e40128 Harmonise ProfileView and HostApp. 2025-10-04 18:14:17 -06:00
Leo Vasanko
a0da799c9e Tuning the host app. 2025-10-04 18:06:47 -06:00
Leo Vasanko
94efb00e34 Don't redirect non-auth-host /auth/ to auth site but show basic info on current host, and allow logging out. Adds a new host app for this purpose. 2025-10-04 17:55:08 -06:00
Leo Vasanko
f9f4d59c6b Deny creating sessions for hosts other than rp-id subdomains. 2025-10-04 17:26:03 -06:00
Leo Vasanko
45f9870d0d WebSockets must use origin for finding the host calling them. 2025-10-04 17:16:51 -06:00
Leo Vasanko
2a81544701 Correction on restricted path checking (auth-host). 2025-10-04 16:59:05 -06:00
Leo Vasanko
a60c1bd5f5 Refactor auth-host redirection middleware to its own module. 
Implement redirection to remove /auth/ from UI URLs when on auth-host.
 2025-10-04 16:49:23 -06:00
Leo Vasanko
229f066533 Add validation of the CLI specified --auth-host (needs to be within rp-id). 2025-10-04 16:35:55 -06:00
Leo Vasanko
97f653e116 Fix deletion of session cookie on host logout. 2025-10-04 16:26:36 -06:00
Leo Vasanko
29be642dbe Better UX for profile view logout buttons. 2025-10-04 16:22:16 -06:00
Leo Vasanko
bfb11cc20f A major refactoring for more consistent and stricter flows. 
- Force using the dedicated authentication site configured via auth-host
- Stricter host validation
- Using the restricted app consistently for all access control (instead of the old loginview).
 2025-10-04 15:55:43 -06:00
Leo Vasanko
389e05730b Refactor user editing endpoints (only auth site) under api/user/ while leaving host-based endpoints at api root. 2025-10-04 08:59:51 -06:00
Leo Vasanko
79b6c50a9c More consistent shared styling between credential and session cards. 2025-10-04 08:32:27 -06:00
Leo Vasanko
591ea626bf Add host-based authentication, UTC timestamps, session management, and secure cookies; fix styling issues; refactor to remove module; update database schema for sessions and reset tokens. 2025-10-03 18:31:54 -06:00
Leo Vasanko
963ab06664 Use git tag versioning for the Python project. v0.3.0 2025-10-02 16:09:26 -06:00
Leo Vasanko
bb35e57ba4 Fix reset link logic to include /auth when no configured auth-host. 2025-10-02 15:57:20 -06:00
Leo Vasanko
5d8304bbd9 Refactor user-profile, restricted access and reset token registration as separate apps so the frontend does not need to guess which context it is running in. 
Support user-navigable URLs at / as well as /auth/, allowing for a dedicated authentication site with pretty URLs.
 2025-10-02 15:44:48 -06:00
Leo Vasanko
fbfd0bbb47 Create registration links on the same host (subdomain) that is being used by the one who creates it. 2025-10-02 12:30:50 -06:00
Leo Vasanko
eb38995cca Version 0.2.0 v0.2.0 2025-09-30 17:04:53 -06:00
Leo Vasanko
382341e5ee Make the login/reset/forbidden dialogs look better. 2025-09-30 17:03:51 -06:00
Leo Vasanko
ed7d3ee0fc Admin app: guard rails extended, consistent styling, also share styling with main app. 2025-09-30 16:38:14 -06:00
Leo Vasanko
3dff459068 Remove duplicate message from permission denied page. 2025-09-30 12:56:41 -06:00
Leo Vasanko
89b40cd080 Admin app divided to separate components. 2025-09-30 12:54:18 -06:00
Leo Vasanko
d46d50b91a Massive style redesign, WIP. 2025-09-29 21:02:49 -06:00
Leo Vasanko
39beb31347 Simplified Caddy snippets (removed auth/all). v0.1.2 2025-09-28 20:00:19 -06:00
Leo Vasanko
41e6eb9a5a Version 0.1.2 2025-09-28 19:46:49 -06:00
Leo Vasanko
d5bc3e773d Clear sessionStorage on logout. 2025-09-28 19:45:37 -06:00
Leo Vasanko
ac0256c366 chore: bump version to 0.1.1 v0.1.1 2025-09-27 20:51:46 -06:00
Leo Vasanko
6439437e8b Implement breadcrumb navigation. 2025-09-27 20:47:45 -06:00
Leo Vasanko
654618883d Implement credential reset via CLI. v0.1.0 2025-09-26 17:18:49 -06:00
Leo Vasanko
f065a8294f Update documentation. 2025-09-26 16:59:18 -06:00
Leo Vasanko
8409c7726c Make the /auth/api/validate endpoint renew sessions if needed. 2025-09-26 16:59:11 -06:00
Leo Vasanko
971d534dca Updated example Caddyfile 2025-09-26 16:58:36 -06:00
Leo Vasanko
c6a039cc50 Support auth request for WebSocket connections (using plain HTTP for auth). Use keep-alive for better performance. 2025-09-26 15:00:56 -06:00
Leo Vasanko
21a6bfd8ba Cleanup 2025-09-26 15:00:17 -06:00
Leo Vasanko
eaca57f625 Minor tuning of Caddy configuration and improved documentation. 2025-09-25 19:12:11 -06:00
Leo Vasanko
e514ae010d Provide user info in Remote-* headers. Caddy configuration improved. 2025-09-25 18:12:40 -06:00
Leo Vasanko
b0a1bb72dc Cleaner logout. 2025-09-02 19:11:25 -06:00
Leo Vasanko
b324276173 Cleaned up login/logout flows. 2025-09-02 19:08:16 -06:00
Leo Vasanko
10e55f63b5 Fix url_for query arg on reset link redirect. 2025-09-02 18:32:56 -06:00
Leo Vasanko
074daebd14 Fix matching bug 2025-09-02 18:22:21 -06:00
Leo Vasanko
c9f9b28bf4 Major refactoring of admin API (permissions, paths) 2025-09-02 18:08:06 -06:00
Leo Vasanko
bfc777fb56 Refactoring permissions checks. 2025-09-02 17:28:26 -06:00
Leo Vasanko
3cd6a59b26 Utility module for accessing frontend in backend code. 2025-09-02 16:06:10 -06:00
Leo Vasanko
dd20e7e7f8 Move forward auth under /admin/api/forward 2025-09-02 15:03:39 -06:00
Leo Vasanko
cbf6223d4b New lint option path in pyproject 2025-09-02 15:03:02 -06:00
Leo Vasanko
9feac6e9a8 Moved exception handlers to sub apps. 2025-09-02 14:57:06 -06:00