luisgulo/photoprism
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
8570 commits 22 branches 65 tags 324 MiB
Commit graph

12 commits

Author SHA1 Message Date
Michael Mayer
d0ad3c23fb OAuth2: Remove client soft delete and fix client add command #213 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-29 21:08:01 +01:00
Michael Mayer
fe7e342692 OAuth2: Improve authentication logs and commands #213 #3730 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-29 17:32:53 +01:00
Michael Mayer
7e7ba69982 Auth: Add client_uid and client_name to auth_sessions table #808 #3943 
This also adds the ability to change the client role if needed and
improves the usage information and output of the CLI commands.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-18 16:53:05 +01:00
Michael Mayer
2912ac9464 Security: Refactor cache headers, auth token validation & UI #782 #808 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-17 14:16:02 +01:00
Michael Mayer
3946e2a16f API: Refactor "404 Not Found" response handler #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 20:56:43 +01:00
Michael Mayer
c3b9b73d1d API: Only allow CDNs to cache GET, HEAD, and OPTIONS requests #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 16:17:16 +01:00
Michael Mayer
fed1d8ad95 Auth: Accept access token as passwd with fail rate limit #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 18:28:17 +01:00
Michael Mayer
7a05c5553b OAuth2: Add "POST /api/v1/oauth/revoke" API endpoint #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 12:21:43 +01:00
Michael Mayer
3e924b70c7 API: Move handling of HTTP auth headers to pkg/header #808 #3943 #3959 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 10:58:47 +01:00
Michael Mayer
ec13ccb6d5 OAuth2: Enforce limit for number of access tokens / sessions #808 #3943 
These changes ensure that OAuth2 clients cannot create an unlimited
number of access tokens (sessions) with their client credentials.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 16:57:07 +01:00
Michael Mayer
0e4d81853c API: Add .well-known/oauth-authorization-server route handler #808 #3943 
This commit also adds an /api/v1/oauth/logout endpoint that allows
clients to delete their sessions (access tokens) as needed.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 14:53:39 +01:00
Michael Mayer
0d2f8be522 Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-06 17:35:19 +01:00
Renamed from internal/api/oauth.go (Browse further)