mirre-mt/ pcmt
1
0
Fork 0
Code Issues 6 Pull Requests Releases 4 Activity
340 Commits 1 Branch 4 Tags 3.4 MiB
Commit Graph

340 Commits

Author SHA1 Message Date
surtur 4d10510f5b
go: always defer adding headers
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-10 14:16:57 +02:00
surtur 882b7dfd28
go: add more logs on unauthorised access
All checks were successful
continuous-integration/drone/push Build is passing
Details 
* log details about unauthorised access
* return semantically correct 403 (instead of 401) on unauthorised access
* allow read-only admin access to "hibp breach details" endpoint
 2023-09-10 14:12:13 +02:00
surtur 67165c82cc
tmpl(user-details): h3 -> span [skip ci] 2023-09-10 13:00:25 +02:00
surtur b97e47ed1b
go(app/settings): create a file for defaults
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-10 12:58:38 +02:00
surtur 35435da9a6
head.tmpl,go: set description+lang, rm meta CSP
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-10 12:47:35 +02:00
surtur de9c6d0196
ci: build release container using plugins/kaniko
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-10 12:30:37 +02:00
surtur fc3dc01229
release 0.0.1-rc.3
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
2023-09-08 23:00:44 +02:00
surtur 1b457aa8c0
goreleaser: only build for arm64 linux atm [skip ci] 2023-09-08 22:59:36 +02:00
surtur 96c0b53493
go,tmpl: implement+activate validator
All checks were successful
continuous-integration/drone/push Build is passing
Details 
also ad initial password change:
* switch the password field type to `password`
* add a field for repeated password
 2023-09-08 22:56:17 +02:00
surtur ff87c35dd1
head.tmpl: set 'og:description' meta tag
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-08 17:54:00 +02:00
surtur 1d159e4f64
go,tmpl: unify handling of CSP
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-08 17:48:51 +02:00
surtur 73915fcd98
fix(go): resolve signin/logout issues for all time
All checks were successful
continuous-integration/drone/push Build is passing
Details 
affects:
* app/settings
* app/server
* handlers
    * signin
    * signup
    * logout
    * home
    * middleware
 2023-09-08 17:22:20 +02:00
surtur 83f0ec7e15
fix(go): set correct cookie params
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 21:02:06 +02:00
surtur 07d19e6b77
go: handle demoting admin to regular-user level
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 20:27:14 +02:00
surtur e10fdc5042
go: update last_login for users w/ finished setup
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 20:02:21 +02:00
surtur 1b2d860beb
fix(go,tmpl): solve the Chromium/Safari logout...
All checks were successful
continuous-integration/drone/push Build is passing
Details 
...issue by deleting the session cookie after successful password change
and forcing the user to re-authenticate.

additionally, split the InitialPasswordChange func into separate "GET"
and "POST" variants.
 2023-09-04 19:21:01 +02:00
surtur e8515d9a89
chore(tmpl): alignment [skip ci] 2023-09-04 16:17:54 +02:00
surtur d0867f0686
tmpl: add text to home page [skip ci] 2023-09-04 16:17:14 +02:00
surtur fcea85e54b
go(sessionMiddleware): render err page on 401
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 15:31:11 +02:00
surtur fa1253a675
fix(go): set logout cache-control header+add check
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 15:22:17 +02:00
surtur 4e17a6c911
tmpl: reflect default value in checkbox [skip ci] 2023-09-04 15:19:20 +02:00
surtur 0c8f867316
chore(tmpl): code readability [skip ci] 2023-09-04 15:15:43 +02:00
surtur 5527caa3a8
fix(go): prevent panic on manage/api-keys
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 15:12:58 +02:00
surtur 5d494fca8d
go,tmpl(api-keys): add tooltips, disable buttons
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 15:00:41 +02:00
surtur 010e54168a
go(app/server): skip logging /assets visits
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 14:01:42 +02:00
surtur 15994c9d8f
tmpl(signin): add link tooltip [skip ci] 2023-09-04 13:59:07 +02:00
surtur 34babd8335
tmpl: indent input field params for clarity 
[skip ci]
 2023-09-04 13:45:36 +02:00
surtur 0cb77e096f
tmpl(signin): rm red borders on `invalid`
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 12:25:32 +02:00
surtur b1e2168023
fix(go,tmpl): require minlength on username/passwd
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 12:21:58 +02:00
surtur c10b4326b8
tmpl(signin): green -> plain border on username
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 11:59:57 +02:00
surtur fd2916e73e
fix(go): show LastLogin on `Manage Users` page
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 11:33:50 +02:00
surtur f4bd798821
fix(go): reject empty/same passwd on init change
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-09-04 11:28:23 +02:00
surtur 047471e6d4
tmpl: fix init user password not changing
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details 
the backend type was binding `new-password`, while the password input
field in the template was named `password`.
 2023-09-04 10:21:29 +02:00
surtur ff07d14368
release 0.0.1-rc.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
2023-08-25 02:59:58 +02:00
surtur 6b45213649
go: add user onboarding, HIBP search functionality
All checks were successful
continuous-integration/drone/push Build is passing
Details 
* add user onboarding workflow
* fix user editing (no edits of passwords of regular users after
  onboarding)
* refresh HIBP breach cache in DB on app start-up
* display HIBP breach details
* fix request scheduling to prevent panics (this still needs some love..)
* fix middleware auth
* add TODOs
* update head.tmpl
* reword some error messages
 2023-08-24 18:43:24 +02:00
surtur dcb3dfdecc
tmpl: populate navbar's about link [skip ci] 2023-08-24 11:28:39 +02:00
surtur 247c95f753
go: save all breaches as cache, search by name
All checks were successful
continuous-integration/drone/push Build is passing
Details 
* also switch addedDate column to string temporarily, until saving
  yy-mm-dd as time is solved...
 2023-08-24 03:59:50 +02:00
surtur 9fb9cc2735
go(hibp): add AllBreachesForAccount + amend tests
All checks were successful
continuous-integration/drone/push Build is passing
Details 
* also automatically use hibp api key with direnv and in CI
* check for rate-limit
* don't interpret rate-limit in tests as a failure
* report errors properly
 2023-08-24 02:05:22 +02:00
surtur ec7a8ca61a
go: run requests scheduler from main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
* also, actually quit serving on shutdown timeout
 2023-08-22 20:56:32 +02:00
surtur f2025395b2
go: add basic hibp handling, requests scheduling
All checks were successful
continuous-integration/drone/push Build is passing
Details 
* change hibp schema's date field to string, as the date format would
  prevent direct unmarshaling. instead, marshal to string, convert later
* the scheduler is in place in order not to get throttled after going
  over API limit
* the scheduler detects when in testing mode and changes little bits of
  behaviour
* add tests for some basic requests
* run the requests scheduler as a background service during testing
 2023-08-22 19:57:48 +02:00
surtur 3077eb80c6
go: add HIBPSchema + adjust ent model fields
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-20 23:16:12 +02:00
surtur e7849b5443
go: fix setting port from config
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-20 23:01:27 +02:00
surtur 7a877b01bb
go: implement import of local breach data
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-20 05:20:33 +02:00
surtur 74546f996b
ent: add/extend entities, tests, validation
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-19 04:52:15 +02:00
surtur 5579d77cc3
pre-commit-config: use check-added-large-files ... 
...hook

[skip ci]
 2023-08-19 04:36:24 +02:00
surtur f8364605e4
go: add handling of argon2 to the password module
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-19 04:28:00 +02:00
surtur 2e49dd58d7
config: add comments [skip ci] 2023-08-16 16:10:49 +02:00
surtur ab93161867
go,tmpl: allow conditionally disabling the sign-up
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-16 15:07:10 +02:00
surtur 01907c349f
fix: stop looking for the CSRF token logout GET
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-15 18:35:49 +02:00
surtur f0bda26e8c
handlers: add helper newPage func w/ pre-filling
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-08-15 18:33:48 +02:00