Derrick Hammer
|
9587ef4941
|
refactor: require an api name to be provided and skip if not matched
|
2024-03-20 17:12:31 -04:00 |
Derrick Hammer
|
4a3028f61a
|
fix: cookies sent to us don't include the expiry time, so we need to parse from thr jwt echo it.
|
2024-03-20 14:56:18 -04:00 |
Derrick Hammer
|
da19a2e287
|
fix: use StatusUnauthorized
|
2024-03-20 14:44:28 -04:00 |
Derrick Hammer
|
52a1f18c60
|
fix: if claim is empty and ExpiredAllowed on, abort early and pass through
|
2024-03-20 14:41:54 -04:00 |
Derrick Hammer
|
7df6bb245b
|
fix: return in wrong spot
|
2024-03-20 14:34:48 -04:00 |
Derrick Hammer
|
cfce7348d4
|
fix: move error conditional outside if
|
2024-03-20 14:30:03 -04:00 |
Derrick Hammer
|
053a55c1f3
|
fix: invert check
|
2024-03-20 14:28:46 -04:00 |
Derrick Hammer
|
6c0ae8c0e6
|
refactor: if unauthorized is true, audList may be nil, and we may have to manually parse out the aud unverified to test
|
2024-03-20 14:27:02 -04:00 |
Derrick Hammer
|
9e170bae0d
|
fix: capture aud in JWTVerifyToken
|
2024-03-20 14:13:59 -04:00 |
Derrick Hammer
|
7616d9f7c9
|
refactor: set ExpiredAllowed on loginAuthMw2fa
|
2024-03-20 14:11:21 -04:00 |
Derrick Hammer
|
2528fd0afe
|
refactor: add optionExpiredAllowed to AuthMiddlewareOptions, add jwtPurposeEqual helper, don't error if expired with ExpiredAllowed and the purposes are different
|
2024-03-20 14:09:41 -04:00 |
Derrick Hammer
|
bee80a9981
|
Revert "refactor: if the token doesn't match our purpose only error if EmptyAllowed is off"
This reverts commit b1fcc7f7ae .
|
2024-03-20 13:55:35 -04:00 |
Derrick Hammer
|
b1fcc7f7ae
|
refactor: if the token doesn't match our purpose only error if EmptyAllowed is off
|
2024-03-20 13:52:25 -04:00 |
Derrick Hammer
|
b6c92a6348
|
fix: check for a mysql.MySQLError and error no 1062 explicitly
|
2024-03-20 13:39:13 -04:00 |
Derrick Hammer
|
f9c834752f
|
fix: update AllowedHeaders and add Content-Type
|
2024-03-19 18:25:20 -04:00 |
Derrick Hammer
|
30aac94468
|
fix: update AllowedHeaders and add Authorization
|
2024-03-19 17:23:35 -04:00 |
Derrick Hammer
|
79425b76fc
|
fix: update AllowedMethods
|
2024-03-19 15:47:54 -04:00 |
Derrick Hammer
|
85738c1065
|
refactor: replace AllowedOrigins with AllowOriginFunc
|
2024-03-19 15:45:02 -04:00 |
Derrick Hammer
|
7ed63d94cc
|
refactor: add proxy middleware to add routes
|
2024-03-19 15:40:03 -04:00 |
Derrick Hammer
|
c667c9509c
|
refactor: update cors options handling for S5
|
2024-03-19 15:37:38 -04:00 |
Derrick Hammer
|
4988368b7c
|
fix: add explicit options routes for all API methods
|
2024-03-19 15:32:40 -04:00 |
Derrick Hammer
|
b55c1f7d48
|
refactor: set MaxAge
|
2024-03-19 11:43:11 -04:00 |
Derrick Hammer
|
ce93591ff8
|
Revert "refactor: change ClearAuthCookie to set value to deleted"
This reverts commit ac61279081 .
|
2024-03-19 11:40:34 -04:00 |
Derrick Hammer
|
6ac37cfe65
|
refactor: add no cache headers
|
2024-03-19 11:05:51 -04:00 |
Derrick Hammer
|
ac61279081
|
refactor: change ClearAuthCookie to set value to deleted
|
2024-03-19 10:59:38 -04:00 |
Derrick Hammer
|
d1bbe7c158
|
refactor: change ClearAuthCookie to set expires date to epoch
|
2024-03-19 10:57:49 -04:00 |
Derrick Hammer
|
aff371a844
|
feat: add update password api route
|
2024-03-19 10:04:27 -04:00 |
Derrick Hammer
|
3473551f6c
|
fix: ensure exists check only matches if it is a different account id
|
2024-03-19 09:48:45 -04:00 |
Derrick Hammer
|
080bef354d
|
refactor: check if the email is the same and return a new error for it
|
2024-03-19 09:44:44 -04:00 |
Derrick Hammer
|
1d60cbf532
|
fix: cast to user, no pointer
|
2024-03-19 09:38:05 -04:00 |
Derrick Hammer
|
3b3faaa1e6
|
fix: use tx.Statement.Dest
|
2024-03-19 09:36:50 -04:00 |
Derrick Hammer
|
9ea77fb5c3
|
fix: check to ensure error is something other than ErrRecordNotFound, or that exists is true
|
2024-03-19 09:29:29 -04:00 |
Derrick Hammer
|
9e52d35d2f
|
Revert "fix: use AccountExists"
This reverts commit 0bbb89e02c .
|
2024-03-19 09:26:36 -04:00 |
Derrick Hammer
|
0bbb89e02c
|
fix: use AccountExists
|
2024-03-19 09:24:19 -04:00 |
Derrick Hammer
|
ebb19df217
|
fix: update email endpoint needs auth mw
|
2024-03-19 09:09:25 -04:00 |
Derrick Hammer
|
bf6264b01d
|
fix: malformed routes
|
2024-03-19 07:53:24 -04:00 |
Derrick Hammer
|
080a4a1a85
|
feat: add /api/account/update-email route
|
2024-03-19 07:49:15 -04:00 |
Derrick Hammer
|
9bfdef1519
|
feat: add UpdateAccountEmail
|
2024-03-19 07:46:58 -04:00 |
Derrick Hammer
|
fddc64799e
|
refactor: put some account endpoints under account instead of auth
|
2024-03-19 07:41:53 -04:00 |
Derrick Hammer
|
4391e9fc31
|
fix: define new cookie in EchoAuthCookie but use the existing cookies values
|
2024-03-19 05:02:48 -04:00 |
Derrick Hammer
|
b2b6102216
|
fix: add Content-Type to tus cors allowed headers
|
2024-03-18 18:13:24 -04:00 |
Derrick Hammer
|
2067c68a72
|
fix: ctx's not property nested
|
2024-03-18 17:29:49 -04:00 |
Derrick Hammer
|
d1c5bde5c1
|
refactor: add token to ping response message
|
2024-03-18 17:19:52 -04:00 |
Derrick Hammer
|
26a6bda053
|
feat: add GetAuthTokenFromContext
|
2024-03-18 17:18:26 -04:00 |
Derrick Hammer
|
93105fe5af
|
refactor: add auth token to the request context
|
2024-03-18 17:17:52 -04:00 |
Derrick Hammer
|
040c662826
|
refactor: echo the auth cookie back if any exist
|
2024-03-18 17:03:17 -04:00 |
Derrick Hammer
|
66f73d1a53
|
feat: add EchoAuthCookie
|
2024-03-18 17:02:16 -04:00 |
Derrick Hammer
|
48dc1b9be0
|
Revert "fix: remove Secure property"
This reverts commit 9e5d996f20 .
|
2024-03-18 16:54:42 -04:00 |
Derrick Hammer
|
9e5d996f20
|
fix: remove Secure property
|
2024-03-18 16:40:29 -04:00 |
Derrick Hammer
|
649e0e0011
|
Revert "fix: remove Secure property"
This reverts commit 044604d863 .
|
2024-03-18 16:40:18 -04:00 |