Commit Graph

1264 Commits

Author SHA1 Message Date
Derrick Hammer facea33e0e
fix: need to pass api name 2024-03-20 17:28:25 -04:00
Derrick Hammer be7a7977ac
refactor: need to pass api name to SetAuthCookie 2024-03-20 17:13:58 -04:00
Derrick Hammer ee8fa2b98d
refactor: dont pass a domain 2024-03-20 17:13:31 -04:00
Derrick Hammer ad8de8f5a1
refactor: switch to using MaxAge 2024-03-20 17:13:13 -04:00
Derrick Hammer 9587ef4941
refactor: require an api name to be provided and skip if not matched 2024-03-20 17:12:31 -04:00
Derrick Hammer 4a3028f61a
fix: cookies sent to us don't include the expiry time, so we need to parse from thr jwt echo it. 2024-03-20 14:56:18 -04:00
Derrick Hammer da19a2e287
fix: use StatusUnauthorized 2024-03-20 14:44:28 -04:00
Derrick Hammer 52a1f18c60
fix: if claim is empty and ExpiredAllowed on, abort early and pass through 2024-03-20 14:41:54 -04:00
Derrick Hammer 7df6bb245b
fix: return in wrong spot 2024-03-20 14:34:48 -04:00
Derrick Hammer cfce7348d4
fix: move error conditional outside if 2024-03-20 14:30:03 -04:00
Derrick Hammer 053a55c1f3
fix: invert check 2024-03-20 14:28:46 -04:00
Derrick Hammer 6c0ae8c0e6
refactor: if unauthorized is true, audList may be nil, and we may have to manually parse out the aud unverified to test 2024-03-20 14:27:02 -04:00
Derrick Hammer 9e170bae0d
fix: capture aud in JWTVerifyToken 2024-03-20 14:13:59 -04:00
Derrick Hammer 7616d9f7c9
refactor: set ExpiredAllowed on loginAuthMw2fa 2024-03-20 14:11:21 -04:00
Derrick Hammer 2528fd0afe
refactor: add optionExpiredAllowed to AuthMiddlewareOptions, add jwtPurposeEqual helper, don't error if expired with ExpiredAllowed and the purposes are different 2024-03-20 14:09:41 -04:00
Derrick Hammer bee80a9981
Revert "refactor: if the token doesn't match our purpose only error if EmptyAllowed is off"
This reverts commit b1fcc7f7ae.
2024-03-20 13:55:35 -04:00
Derrick Hammer b1fcc7f7ae
refactor: if the token doesn't match our purpose only error if EmptyAllowed is off 2024-03-20 13:52:25 -04:00
Derrick Hammer b6c92a6348
fix: check for a mysql.MySQLError and error no 1062 explicitly 2024-03-20 13:39:13 -04:00
Derrick Hammer f9c834752f
fix: update AllowedHeaders and add Content-Type 2024-03-19 18:25:20 -04:00
Derrick Hammer 30aac94468
fix: update AllowedHeaders and add Authorization 2024-03-19 17:23:35 -04:00
Derrick Hammer 79425b76fc
fix: update AllowedMethods 2024-03-19 15:47:54 -04:00
Derrick Hammer 85738c1065
refactor: replace AllowedOrigins with AllowOriginFunc 2024-03-19 15:45:02 -04:00
Derrick Hammer 7ed63d94cc
refactor: add proxy middleware to add routes 2024-03-19 15:40:03 -04:00
Derrick Hammer c667c9509c
refactor: update cors options handling for S5 2024-03-19 15:37:38 -04:00
Derrick Hammer 4988368b7c
fix: add explicit options routes for all API methods 2024-03-19 15:32:40 -04:00
Derrick Hammer b55c1f7d48
refactor: set MaxAge 2024-03-19 11:43:11 -04:00
Derrick Hammer ce93591ff8
Revert "refactor: change ClearAuthCookie to set value to deleted"
This reverts commit ac61279081.
2024-03-19 11:40:34 -04:00
Derrick Hammer 6ac37cfe65
refactor: add no cache headers 2024-03-19 11:05:51 -04:00
Derrick Hammer ac61279081
refactor: change ClearAuthCookie to set value to deleted 2024-03-19 10:59:38 -04:00
Derrick Hammer d1bbe7c158
refactor: change ClearAuthCookie to set expires date to epoch 2024-03-19 10:57:49 -04:00
Derrick Hammer aff371a844
feat: add update password api route 2024-03-19 10:04:27 -04:00
Derrick Hammer 3473551f6c
fix: ensure exists check only matches if it is a different account id 2024-03-19 09:48:45 -04:00
Derrick Hammer 080bef354d
refactor: check if the email is the same and return a new error for it 2024-03-19 09:44:44 -04:00
Derrick Hammer 1d60cbf532
fix: cast to user, no pointer 2024-03-19 09:38:05 -04:00
Derrick Hammer 3b3faaa1e6
fix: use tx.Statement.Dest 2024-03-19 09:36:50 -04:00
Derrick Hammer 9ea77fb5c3
fix: check to ensure error is something other than ErrRecordNotFound, or that exists is true 2024-03-19 09:29:29 -04:00
Derrick Hammer 9e52d35d2f
Revert "fix: use AccountExists"
This reverts commit 0bbb89e02c.
2024-03-19 09:26:36 -04:00
Derrick Hammer 0bbb89e02c
fix: use AccountExists 2024-03-19 09:24:19 -04:00
Derrick Hammer ebb19df217
fix: update email endpoint needs auth mw 2024-03-19 09:09:25 -04:00
Derrick Hammer bf6264b01d
fix: malformed routes 2024-03-19 07:53:24 -04:00
Derrick Hammer 080a4a1a85
feat: add /api/account/update-email route 2024-03-19 07:49:15 -04:00
Derrick Hammer 9bfdef1519
feat: add UpdateAccountEmail 2024-03-19 07:46:58 -04:00
Derrick Hammer fddc64799e
refactor: put some account endpoints under account instead of auth 2024-03-19 07:41:53 -04:00
Derrick Hammer 4391e9fc31
fix: define new cookie in EchoAuthCookie but use the existing cookies values 2024-03-19 05:02:48 -04:00
Derrick Hammer b2b6102216
fix: add Content-Type to tus cors allowed headers 2024-03-18 18:13:24 -04:00
Derrick Hammer 2067c68a72
fix: ctx's not property nested 2024-03-18 17:29:49 -04:00
Derrick Hammer d1c5bde5c1
refactor: add token to ping response message 2024-03-18 17:19:52 -04:00
Derrick Hammer 26a6bda053
feat: add GetAuthTokenFromContext 2024-03-18 17:18:26 -04:00
Derrick Hammer 93105fe5af
refactor: add auth token to the request context 2024-03-18 17:17:52 -04:00
Derrick Hammer 040c662826
refactor: echo the auth cookie back if any exist 2024-03-18 17:03:17 -04:00