LeoVasanko/passkey-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
139 Commits 1 Branch 6 Tags
97f653e1169141524b5797b1ea59d23c1613aec3
Commit Graph

57 Commits

Author SHA1 Message Date
Leo Vasanko
97f653e116 Fix deletion of session cookie on host logout. 2025-10-04 16:26:36 -06:00
Leo Vasanko
bfb11cc20f A major refactoring for more consistent and stricter flows. 
- Force using the dedicated authentication site configured via auth-host
- Stricter host validation
- Using the restricted app consistently for all access control (instead of the old loginview).
 2025-10-04 15:55:43 -06:00
Leo Vasanko
389e05730b Refactor user editing endpoints (only auth site) under api/user/ while leaving host-based endpoints at api root. 2025-10-04 08:59:51 -06:00
Leo Vasanko
591ea626bf Add host-based authentication, UTC timestamps, session management, and secure cookies; fix styling issues; refactor to remove module; update database schema for sessions and reset tokens. 2025-10-03 18:31:54 -06:00
Leo Vasanko
bb35e57ba4 Fix reset link logic to include /auth when no configured auth-host. 2025-10-02 15:57:20 -06:00
Leo Vasanko
5d8304bbd9 Refactor user-profile, restricted access and reset token registration as separate apps so the frontend does not need to guess which context it is running in. 
Support user-navigable URLs at / as well as /auth/, allowing for a dedicated authentication site with pretty URLs.
 2025-10-02 15:44:48 -06:00
Leo Vasanko
fbfd0bbb47 Create registration links on the same host (subdomain) that is being used by the one who creates it. 2025-10-02 12:30:50 -06:00
Leo Vasanko
ed7d3ee0fc Admin app: guard rails extended, consistent styling, also share styling with main app. 2025-09-30 16:38:14 -06:00
Leo Vasanko
654618883d Implement credential reset via CLI. 2025-09-26 17:18:49 -06:00
Leo Vasanko
8409c7726c Make the /auth/api/validate endpoint renew sessions if needed. 2025-09-26 16:59:11 -06:00
Leo Vasanko
21a6bfd8ba Cleanup 2025-09-26 15:00:17 -06:00
Leo Vasanko
eaca57f625 Minor tuning of Caddy configuration and improved documentation. 2025-09-25 19:12:11 -06:00
Leo Vasanko
e514ae010d Provide user info in Remote-* headers. Caddy configuration improved. 2025-09-25 18:12:40 -06:00
Leo Vasanko
b324276173 Cleaned up login/logout flows. 2025-09-02 19:08:16 -06:00
Leo Vasanko
10e55f63b5 Fix url_for query arg on reset link redirect. 2025-09-02 18:32:56 -06:00
Leo Vasanko
c9f9b28bf4 Major refactoring of admin API (permissions, paths) 2025-09-02 18:08:06 -06:00
Leo Vasanko
bfc777fb56 Refactoring permissions checks. 2025-09-02 17:28:26 -06:00
Leo Vasanko
3cd6a59b26 Utility module for accessing frontend in backend code. 2025-09-02 16:06:10 -06:00
Leo Vasanko
dd20e7e7f8 Move forward auth under /admin/api/forward 2025-09-02 15:03:39 -06:00
Leo Vasanko
9feac6e9a8 Moved exception handlers to sub apps. 2025-09-02 14:57:06 -06:00
Leo Vasanko
312d23b79a Refactor API under /auth/api 2025-09-02 14:32:19 -06:00
Leo Vasanko
859cc9ed41 Restructure admin app separate of user api. 2025-09-02 14:04:52 -06:00
Leo Vasanko
5302cb9d72 Use bun --bun consistently, avoid devmode origin override if specified by args rp-id and/or origin. 2025-09-01 19:47:46 -06:00
Leo Vasanko
7036338b33 Use rp-name for frontend branding 2025-09-01 18:48:59 -06:00
Leo Vasanko
37eaffff3f Renaming of users in registration, profile and admin app. 2025-09-01 18:13:01 -06:00
Leo Vasanko
2b03fa74cd Only allow safe characters in permission IDs 2025-08-30 19:10:00 -06:00
Leo Vasanko
d045e1c520 Make default permissions use only : as separator. 2025-08-30 18:43:49 -06:00
Leo Vasanko
16de7b5f1f Allow specifying multiple permissions. 2025-08-30 16:47:38 -06:00
Leo Vasanko
cb17a332a3 Add permission check on forward-auth and validate. 2025-08-30 16:14:39 -06:00
Leo Vasanko
3e5c0065d5 Remodel reset token handling due to browsers sometimes refusing to set the cookie when opening the link (from another site). 2025-08-30 15:54:17 -06:00
Leo Vasanko
4f094a7016 Fixing cascade. 2025-08-30 14:07:32 -06:00
Leo Vasanko
f3e3679b6d Actually usable admin panel 2025-08-29 22:38:22 -06:00
Leo Vasanko
4db7f2e9a6 Almost usable admin panel 2025-08-29 21:54:51 -06:00
Leo Vasanko
7380f09458 Major changes to server startup. Admin page tuning. 2025-08-29 20:41:38 -06:00
Leo Vasanko
e0717f005a Drafting admin app (frontend) 2025-08-12 13:24:27 -07:00
Leo Vasanko
02ac4adc77 Support for adding permissions on roles and orgs. 2025-08-12 13:13:35 -07:00
Leo Vasanko
407994548a Almost complete org/permission handling. Much cleanup, bootstrap works. 2025-08-07 13:58:12 -06:00
Leo Vasanko
dcca3e3fbd Globals restructured to their own module. Origin and RP definition. 2025-08-06 13:23:35 -06:00
Leo Vasanko
5a129220aa Initial bootstrap to add admin user 2025-08-06 12:16:37 -06:00
Leo Vasanko
ba5f2d8bd9 Error handling cleanup for WS too. 2025-08-06 10:53:13 -06:00
Leo Vasanko
c9ae53ef79 Centralised error handling & convenience. 2025-08-06 10:44:57 -06:00
Leo Vasanko
42545c07d2 Add New Passkey and Add New Device flows fixed. 2025-08-06 10:14:04 -06:00
Leo Vasanko
9f423135ed Refactor to not use status: success, but HTTP codes, and renamed the error key to detail to match FastAPI's own. 2025-08-06 10:09:55 -06:00
Leo Vasanko
cf138d90c5 Checkpoint, fixing reset token handling broken in earlier edits. 2025-08-06 09:55:14 -06:00
Leo Vasanko
4362e8527e Allow externally initialized DB for FastAPI app lifespan. 2025-08-05 09:20:32 -06:00
Leo Vasanko
7f8f77ae1e Separated session management from its FastAPI-dependent parts, creating authsession.py on main level. 
Startup/main/scripts cleanup, now runs with passkey-auth command that takes CLI arguments.
 2025-08-05 09:02:49 -06:00
Leo Vasanko
b58b7d5350 Finish DB cleanup/refactoring. Working now. 2025-08-05 08:26:35 -06:00
Leo Vasanko
c5733eefd6 Database cleanup, base class, separated from FastAPI app. 2025-08-05 07:55:31 -06:00
Leo Vasanko
30ab73d625 Everything works. Minor adjustments on frontend and backend for the new API. 2025-08-02 07:41:42 -06:00
Leo Vasanko
a987f47988 Fixes to backend API changes. The whole app is mostly functional. 2025-08-01 13:48:38 -06:00