4d10510f5b
go: always defer adding headers
continuous-integration/drone/push Build is passing
2023-09-10 14:16:57 +02:00
882b7dfd28
go: add more logs on unauthorised access
...
continuous-integration/drone/push Build is passing
* log details about unauthorised access
* return semantically correct 403 (instead of 401) on unauthorised access
* allow read-only admin access to "hibp breach details" endpoint
2023-09-10 14:12:13 +02:00
67165c82cc
tmpl(user-details): h3 -> span [skip ci]
2023-09-10 13:00:25 +02:00
b97e47ed1b
go(app/settings): create a file for defaults
continuous-integration/drone/push Build is passing
2023-09-10 12:58:38 +02:00
35435da9a6
head.tmpl,go: set description+lang, rm meta CSP
continuous-integration/drone/push Build is passing
2023-09-10 12:47:35 +02:00
de9c6d0196
ci: build release container using plugins/kaniko
continuous-integration/drone/push Build is passing
2023-09-10 12:30:37 +02:00
fc3dc01229
release 0.0.1-rc.3
continuous-integration/drone/push Build is passing
continuous-integration/drone/tag Build is passing
0.0.1-rc.3
2023-09-08 23:00:44 +02:00
1b457aa8c0
goreleaser: only build for arm64 linux atm [skip ci]
2023-09-08 22:59:36 +02:00
96c0b53493
go,tmpl: implement+activate validator
...
continuous-integration/drone/push Build is passing
also ad initial password change:
* switch the password field type to `password`
* add a field for repeated password
2023-09-08 22:56:17 +02:00
ff87c35dd1
head.tmpl: set 'og:description' meta tag
continuous-integration/drone/push Build is passing
2023-09-08 17:54:00 +02:00
1d159e4f64
go,tmpl: unify handling of CSP
continuous-integration/drone/push Build is passing
2023-09-08 17:48:51 +02:00
73915fcd98
fix(go): resolve signin/logout issues for all time
...
continuous-integration/drone/push Build is passing
affects:
* app/settings
* app/server
* handlers
* signin
* signup
* logout
* home
* middleware
2023-09-08 17:22:20 +02:00
83f0ec7e15
fix(go): set correct cookie params
continuous-integration/drone/push Build is passing
2023-09-04 21:02:06 +02:00
07d19e6b77
go: handle demoting admin to regular-user level
continuous-integration/drone/push Build is passing
2023-09-04 20:27:14 +02:00
e10fdc5042
go: update last_login for users w/ finished setup
continuous-integration/drone/push Build is passing
2023-09-04 20:02:21 +02:00
1b2d860beb
fix(go,tmpl): solve the Chromium/Safari logout...
...
continuous-integration/drone/push Build is passing
...issue by deleting the session cookie after successful password change
and forcing the user to re-authenticate.
additionally, split the InitialPasswordChange func into separate "GET"
and "POST" variants.
2023-09-04 19:21:01 +02:00
e8515d9a89
chore(tmpl): alignment [skip ci]
2023-09-04 16:17:54 +02:00
d0867f0686
tmpl: add text to home page [skip ci]
2023-09-04 16:17:14 +02:00
fcea85e54b
go(sessionMiddleware): render err page on 401
continuous-integration/drone/push Build is passing
2023-09-04 15:31:11 +02:00
fa1253a675
fix(go): set logout cache-control header+add check
continuous-integration/drone/push Build is passing
2023-09-04 15:22:17 +02:00
4e17a6c911
tmpl: reflect default value in checkbox [skip ci]
2023-09-04 15:19:20 +02:00
0c8f867316
chore(tmpl): code readability [skip ci]
2023-09-04 15:15:43 +02:00
5527caa3a8
fix(go): prevent panic on manage/api-keys
continuous-integration/drone/push Build is passing
2023-09-04 15:12:58 +02:00
5d494fca8d
go,tmpl(api-keys): add tooltips, disable buttons
continuous-integration/drone/push Build is passing
2023-09-04 15:00:41 +02:00
010e54168a
go(app/server): skip logging /assets visits
continuous-integration/drone/push Build is passing
2023-09-04 14:01:42 +02:00
15994c9d8f
tmpl(signin): add link tooltip [skip ci]
2023-09-04 13:59:07 +02:00
34babd8335
tmpl: indent input field params for clarity
...
[skip ci]
2023-09-04 13:45:36 +02:00
0cb77e096f
tmpl(signin): rm red borders on invalid
continuous-integration/drone/push Build is passing
2023-09-04 12:25:32 +02:00
b1e2168023
fix(go,tmpl): require minlength on username/passwd
continuous-integration/drone/push Build is passing
2023-09-04 12:21:58 +02:00
c10b4326b8
tmpl(signin): green -> plain border on username
continuous-integration/drone/push Build is passing
2023-09-04 11:59:57 +02:00
fd2916e73e
fix(go): show LastLogin on Manage Users
page
continuous-integration/drone/push Build is passing
2023-09-04 11:33:50 +02:00
f4bd798821
fix(go): reject empty/same passwd on init change
continuous-integration/drone/push Build is passing
2023-09-04 11:28:23 +02:00
047471e6d4
tmpl: fix init user password not changing
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/tag Build is passing
the backend type was binding `new-password`, while the password input
field in the template was named `password`.
0.0.1-rc.2
2023-09-04 10:21:29 +02:00
ff07d14368
release 0.0.1-rc.1
continuous-integration/drone/push Build is passing
continuous-integration/drone/tag Build is passing
0.0.1-rc.1
2023-08-25 02:59:58 +02:00
6b45213649
go: add user onboarding, HIBP search functionality
...
continuous-integration/drone/push Build is passing
* add user onboarding workflow
* fix user editing (no edits of passwords of regular users after
onboarding)
* refresh HIBP breach cache in DB on app start-up
* display HIBP breach details
* fix request scheduling to prevent panics (this still needs some love..)
* fix middleware auth
* add TODOs
* update head.tmpl
* reword some error messages
2023-08-24 18:43:24 +02:00
dcb3dfdecc
tmpl: populate navbar's about link [skip ci]
2023-08-24 11:28:39 +02:00
247c95f753
go: save all breaches as cache, search by name
...
continuous-integration/drone/push Build is passing
* also switch addedDate column to string temporarily, until saving
yy-mm-dd as time is solved...
2023-08-24 03:59:50 +02:00
9fb9cc2735
go(hibp): add AllBreachesForAccount + amend tests
...
continuous-integration/drone/push Build is passing
* also automatically use hibp api key with direnv and in CI
* check for rate-limit
* don't interpret rate-limit in tests as a failure
* report errors properly
2023-08-24 02:05:22 +02:00
ec7a8ca61a
go: run requests scheduler from main
...
continuous-integration/drone/push Build is passing
* also, actually quit serving on shutdown timeout
2023-08-22 20:56:32 +02:00
f2025395b2
go: add basic hibp handling, requests scheduling
...
continuous-integration/drone/push Build is passing
* change hibp schema's date field to string, as the date format would
prevent direct unmarshaling. instead, marshal to string, convert later
* the scheduler is in place in order not to get throttled after going
over API limit
* the scheduler detects when in testing mode and changes little bits of
behaviour
* add tests for some basic requests
* run the requests scheduler as a background service during testing
2023-08-22 19:57:48 +02:00
3077eb80c6
go: add HIBPSchema + adjust ent model fields
continuous-integration/drone/push Build is passing
2023-08-20 23:16:12 +02:00
e7849b5443
go: fix setting port from config
continuous-integration/drone/push Build is passing
2023-08-20 23:01:27 +02:00
7a877b01bb
go: implement import of local breach data
continuous-integration/drone/push Build is passing
2023-08-20 05:20:33 +02:00
74546f996b
ent: add/extend entities, tests, validation
continuous-integration/drone/push Build is passing
2023-08-19 04:52:15 +02:00
5579d77cc3
pre-commit-config: use check-added-large-files ...
...
...hook
[skip ci]
2023-08-19 04:36:24 +02:00
f8364605e4
go: add handling of argon2 to the password module
continuous-integration/drone/push Build is passing
2023-08-19 04:28:00 +02:00
2e49dd58d7
config: add comments [skip ci]
2023-08-16 16:10:49 +02:00
ab93161867
go,tmpl: allow conditionally disabling the sign-up
continuous-integration/drone/push Build is passing
2023-08-16 15:07:10 +02:00
01907c349f
fix: stop looking for the CSRF token logout GET
continuous-integration/drone/push Build is passing
2023-08-15 18:35:49 +02:00
f0bda26e8c
handlers: add helper newPage func w/ pre-filling
continuous-integration/drone/push Build is passing
2023-08-15 18:33:48 +02:00