LeoVasanko/passkey-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 07525b47ae Centralise all cookie handling to session.py. main v0.4.0 Leo Vasanko 2025-10-04 18:48:24 -06:00
  • 1ad1644b64 Refactor /api/user/* to its own module. Leo Vasanko 2025-10-04 18:41:14 -06:00
  • 876215f1c1 Reset dialog UX improved. Leo Vasanko 2025-10-04 18:25:40 -06:00
  • 59e7e40128 Harmonise ProfileView and HostApp. Leo Vasanko 2025-10-04 18:14:17 -06:00
  • a0da799c9e Tuning the host app. Leo Vasanko 2025-10-04 18:03:28 -06:00
  • 94efb00e34 Don't redirect non-auth-host /auth/ to auth site but show basic info on current host, and allow logging out. Adds a new host app for this purpose. Leo Vasanko 2025-10-04 17:55:08 -06:00
  • f9f4d59c6b Deny creating sessions for hosts other than rp-id subdomains. Leo Vasanko 2025-10-04 17:26:03 -06:00
  • 45f9870d0d WebSockets must use origin for finding the host calling them. Leo Vasanko 2025-10-04 17:16:51 -06:00
  • 2a81544701 Correction on restricted path checking (auth-host). Leo Vasanko 2025-10-04 16:59:05 -06:00
  • a60c1bd5f5 Refactor auth-host redirection middleware to its own module. Leo Vasanko 2025-10-04 16:49:23 -06:00
  • 229f066533 Add validation of the CLI specified --auth-host (needs to be within rp-id). Leo Vasanko 2025-10-04 16:35:55 -06:00
  • 97f653e116 Fix deletion of session cookie on host logout. Leo Vasanko 2025-10-04 16:26:36 -06:00
  • 29be642dbe Better UX for profile view logout buttons. Leo Vasanko 2025-10-04 16:22:16 -06:00
  • bfb11cc20f A major refactoring for more consistent and stricter flows. - Force using the dedicated authentication site configured via auth-host - Stricter host validation - Using the restricted app consistently for all access control (instead of the old loginview). Leo Vasanko 2025-10-04 15:55:11 -06:00
  • 389e05730b Refactor user editing endpoints (only auth site) under api/user/ while leaving host-based endpoints at api root. Leo Vasanko 2025-10-04 08:59:51 -06:00
  • 79b6c50a9c More consistent shared styling between credential and session cards. Leo Vasanko 2025-10-04 08:32:27 -06:00
  • 591ea626bf Add host-based authentication, UTC timestamps, session management, and secure cookies; fix styling issues; refactor to remove module; update database schema for sessions and reset tokens. Leo Vasanko 2025-10-03 18:31:54 -06:00
  • 963ab06664 Use git tag versioning for the Python project. v0.3.0 Leo Vasanko 2025-10-02 16:07:11 -06:00
  • bb35e57ba4 Fix reset link logic to include /auth when no configured auth-host. Leo Vasanko 2025-10-02 15:57:20 -06:00
  • 5d8304bbd9 Refactor user-profile, restricted access and reset token registration as separate apps so the frontend does not need to guess which context it is running in. Leo Vasanko 2025-10-02 15:42:01 -06:00
  • fbfd0bbb47 Create registration links on the same host (subdomain) that is being used by the one who creates it. Leo Vasanko 2025-10-02 12:22:02 -06:00
  • eb38995cca Version 0.2.0 v0.2.0 Leo Vasanko 2025-09-30 17:04:53 -06:00
  • 382341e5ee Make the login/reset/forbidden dialogs look better. Leo Vasanko 2025-09-30 17:03:51 -06:00
  • ed7d3ee0fc Admin app: guard rails extended, consistent styling, also share styling with main app. Leo Vasanko 2025-09-30 16:38:14 -06:00
  • 3dff459068 Remove duplicate message from permission denied page. Leo Vasanko 2025-09-30 12:56:41 -06:00
  • 89b40cd080 Admin app divided to separate components. Leo Vasanko 2025-09-30 12:54:18 -06:00
  • d46d50b91a Massive style redesign, WIP. Leo Vasanko 2025-09-29 21:02:49 -06:00
  • 39beb31347 Simplified Caddy snippets (removed auth/all). v0.1.2 Leo Vasanko 2025-09-28 20:00:19 -06:00
  • 41e6eb9a5a Version 0.1.2 Leo Vasanko 2025-09-28 19:46:49 -06:00
  • d5bc3e773d Clear sessionStorage on logout. Leo Vasanko 2025-09-28 19:45:37 -06:00
  • ac0256c366 chore: bump version to 0.1.1 v0.1.1 Leo Vasanko 2025-09-27 20:51:46 -06:00
  • 6439437e8b Implement breadcrumb navigation. Leo Vasanko 2025-09-27 20:47:45 -06:00
  • 654618883d Implement credential reset via CLI. v0.1.0 Leo Vasanko 2025-09-26 17:18:33 -06:00
  • f065a8294f Update documentation. Leo Vasanko 2025-09-26 16:59:18 -06:00
  • 8409c7726c Make the /auth/api/validate endpoint renew sessions if needed. Leo Vasanko 2025-09-26 16:59:11 -06:00
  • 971d534dca Updated example Caddyfile Leo Vasanko 2025-09-26 16:58:36 -06:00
  • c6a039cc50 Support auth request for WebSocket connections (using plain HTTP for auth). Use keep-alive for better performance. Leo Vasanko 2025-09-26 15:00:56 -06:00
  • 21a6bfd8ba Cleanup Leo Vasanko 2025-09-26 15:00:17 -06:00
  • eaca57f625 Minor tuning of Caddy configuration and improved documentation. Leo Vasanko 2025-09-25 19:12:11 -06:00
  • e514ae010d Provide user info in Remote-* headers. Caddy configuration improved. Leo Vasanko 2025-09-25 18:12:40 -06:00
  • b0a1bb72dc Cleaner logout. Leo Vasanko 2025-09-02 19:11:25 -06:00
  • b324276173 Cleaned up login/logout flows. Leo Vasanko 2025-09-02 19:08:16 -06:00
  • 10e55f63b5 Fix url_for query arg on reset link redirect. Leo Vasanko 2025-09-02 18:32:56 -06:00
  • 074daebd14 Fix matching bug Leo Vasanko 2025-09-02 18:22:21 -06:00
  • c9f9b28bf4 Major refactoring of admin API (permissions, paths) Leo Vasanko 2025-09-02 18:08:06 -06:00
  • bfc777fb56 Refactoring permissions checks. Leo Vasanko 2025-09-02 17:28:26 -06:00
  • 3cd6a59b26 Utility module for accessing frontend in backend code. Leo Vasanko 2025-09-02 16:05:20 -06:00
  • dd20e7e7f8 Move forward auth under /admin/api/forward Leo Vasanko 2025-09-02 15:03:39 -06:00
  • cbf6223d4b New lint option path in pyproject Leo Vasanko 2025-09-02 15:03:02 -06:00
  • 9feac6e9a8 Moved exception handlers to sub apps. Leo Vasanko 2025-09-02 14:57:06 -06:00
  • 8c07945661 Rename variable to silence linter Leo Vasanko 2025-09-02 14:45:23 -06:00
  • 312d23b79a Refactor API under /auth/api Leo Vasanko 2025-09-02 14:32:19 -06:00
  • 859cc9ed41 Restructure admin app separate of user api. Leo Vasanko 2025-09-02 14:04:52 -06:00
  • cead912ddc Remove icon, prefer automatic use of /favicon.ico of the host site. Leo Vasanko 2025-09-02 10:17:40 -06:00
  • 0e7858b15d Redux Leo Vasanko 2025-09-01 20:21:20 -06:00
  • 028313eb27 Support WS connections on older browsers. Leo Vasanko 2025-09-01 20:15:14 -06:00
  • 70551cebb7 Better navigation on admin app. Leo Vasanko 2025-09-01 20:04:56 -06:00
  • 5a9bee9a1d Smarter user info Leo Vasanko 2025-09-01 20:02:52 -06:00
  • 19b5ce6464 Fix previous Leo Vasanko 2025-09-01 19:58:48 -06:00
  • fd11cac4bc Unify user info across admin app and profile view. Leo Vasanko 2025-09-01 19:56:18 -06:00
  • 5302cb9d72 Use bun --bun consistently, avoid devmode origin override if specified by args rp-id and/or origin. Leo Vasanko 2025-09-01 19:47:46 -06:00
  • 357eb2b761 User name editing UI (hopefully fixed) Leo Vasanko 2025-09-01 18:59:39 -06:00
  • 7036338b33 Use rp-name for frontend branding Leo Vasanko 2025-09-01 18:48:59 -06:00
  • 0b285e6ef0 Count registration also as a login. Leo Vasanko 2025-09-01 18:40:05 -06:00
  • 6854ba62d4 Linter Leo Vasanko 2025-09-01 18:29:38 -06:00
  • 6d6c4ee35d User rename fixes. Leo Vasanko 2025-09-01 18:20:32 -06:00
  • 37eaffff3f Renaming of users in registration, profile and admin app. Leo Vasanko 2025-09-01 18:13:01 -06:00
  • bc87f76d11 Crude dialog rather than prompt() for input fields. (needs cleanup) Leo Vasanko 2025-09-01 17:34:45 -06:00
  • 21035568f9 Updated frontend build script Leo Vasanko 2025-09-01 17:16:48 -06:00
  • 2b03fa74cd Only allow safe characters in permission IDs Leo Vasanko 2025-08-30 19:10:00 -06:00
  • d045e1c520 Make default permissions use only : as separator. Leo Vasanko 2025-08-30 18:43:49 -06:00
  • 326a7664d3 Formatting Leo Vasanko 2025-08-30 18:43:27 -06:00
  • c422f59b2e Extended demo Caddyfile Leo Vasanko 2025-08-30 18:41:28 -06:00
  • 4a0fbd8199 Implement Permission Denied handling. Leo Vasanko 2025-08-30 18:38:48 -06:00
  • 16de7b5f1f Allow specifying multiple permissions. Leo Vasanko 2025-08-30 16:47:38 -06:00
  • cb17a332a3 Add permission check on forward-auth and validate. Leo Vasanko 2025-08-30 16:13:54 -06:00
  • 3e5c0065d5 Remodel reset token handling due to browsers sometimes refusing to set the cookie when opening the link (from another site). Leo Vasanko 2025-08-30 15:54:17 -06:00
  • 4f094a7016 Fixing cascade. Leo Vasanko 2025-08-30 14:07:32 -06:00
  • f3e3679b6d Actually usable admin panel Leo Vasanko 2025-08-29 22:38:22 -06:00
  • 4db7f2e9a6 Almost usable admin panel Leo Vasanko 2025-08-29 21:54:51 -06:00
  • efdfa77fc9 Basic navigation between auth and user pages. Leo Vasanko 2025-08-29 20:50:37 -06:00
  • 90f775734a Fix proxying so that Vite dev mode autoreloads. Leo Vasanko 2025-08-29 20:49:26 -06:00
  • 7380f09458 Major changes to server startup. Admin page tuning. Leo Vasanko 2025-08-29 20:41:38 -06:00
  • 6e80011eed Instruct type checker Leo Vasanko 2025-08-29 19:03:14 -06:00
  • e0717f005a Drafting admin app (frontend) Leo Vasanko 2025-08-12 13:24:27 -07:00
  • 02ac4adc77 Support for adding permissions on roles and orgs. Leo Vasanko 2025-08-12 13:13:35 -07:00
  • d2a6bfd2a5 Add permissions to orgs and roles (in DB-agnostic API). Leo Vasanko 2025-08-12 13:21:37 -06:00
  • 6d9f2a967e Cleaner formatting Leo Vasanko 2025-08-12 13:21:05 -06:00
  • 407994548a Almost complete org/permission handling. Much cleanup, bootstrap works. Leo Vasanko 2025-08-07 13:58:12 -06:00
  • 2e4ff30bea Users always belong to one Org. Implement a DB function to fetch all data relevant to a session. Leo Vasanko 2025-08-07 10:42:49 -06:00
  • 2e3ce32779 Bootstrapping cleanup, avoid double operations. Leo Vasanko 2025-08-07 00:45:12 -06:00
  • 07f5cf84fc Bootstrap cleanup Leo Vasanko 2025-08-06 23:56:13 -06:00
  • f050dfb3f2 Bootstrap code cleanup. Leo Vasanko 2025-08-06 14:39:44 -06:00
  • dcca3e3fbd Globals restructured to their own module. Origin and RP definition. Leo Vasanko 2025-08-06 13:23:35 -06:00
  • 5a129220aa Initial bootstrap to add admin user Leo Vasanko 2025-08-06 12:16:37 -06:00
  • f96668b135 Cleaner error message on aborted Passkey operations. Leo Vasanko 2025-08-06 12:00:23 -06:00
  • 3c6c9b29f6 Frontend component selection logic simplified. Leo Vasanko 2025-08-06 11:33:34 -06:00
  • 74ba443d3d Avoid loading user info twice to show profile. Leo Vasanko 2025-08-06 10:57:41 -06:00
  • ba5f2d8bd9 Error handling cleanup for WS too. Leo Vasanko 2025-08-06 10:53:13 -06:00
  • c9ae53ef79 Centralised error handling & convenience. Leo Vasanko 2025-08-06 10:44:57 -06:00