Commit Graph

5 Commits

Author SHA1 Message Date
4d10510f5b
go: always defer adding headers
All checks were successful
continuous-integration/drone/push Build is passing
2023-09-10 14:16:57 +02:00
882b7dfd28
go: add more logs on unauthorised access
All checks were successful
continuous-integration/drone/push Build is passing
* log details about unauthorised access
* return semantically correct 403 (instead of 401) on unauthorised access
* allow read-only admin access to "hibp breach details" endpoint
2023-09-10 14:12:13 +02:00
96c0b53493
go,tmpl: implement+activate validator
All checks were successful
continuous-integration/drone/push Build is passing
also ad initial password change:
* switch the password field type to `password`
* add a field for repeated password
2023-09-08 22:56:17 +02:00
1b2d860beb
fix(go,tmpl): solve the Chromium/Safari logout...
All checks were successful
continuous-integration/drone/push Build is passing
...issue by deleting the session cookie after successful password change
and forcing the user to re-authenticate.

additionally, split the InitialPasswordChange func into separate "GET"
and "POST" variants.
2023-09-04 19:21:01 +02:00
6b45213649
go: add user onboarding, HIBP search functionality
All checks were successful
continuous-integration/drone/push Build is passing
* add user onboarding workflow
* fix user editing (no edits of passwords of regular users after
  onboarding)
* refresh HIBP breach cache in DB on app start-up
* display HIBP breach details
* fix request scheduling to prevent panics (this still needs some love..)
* fix middleware auth
* add TODOs
* update head.tmpl
* reword some error messages
2023-08-24 18:43:24 +02:00