Commit Graph

365 Commits

Author SHA1 Message Date
Derrick Hammer 4dec430c69
fix: set pins as required 2024-03-21 10:54:15 -04:00
Derrick Hammer facea33e0e
fix: need to pass api name 2024-03-20 17:28:25 -04:00
Derrick Hammer be7a7977ac
refactor: need to pass api name to SetAuthCookie 2024-03-20 17:13:58 -04:00
Derrick Hammer da19a2e287
fix: use StatusUnauthorized 2024-03-20 14:44:28 -04:00
Derrick Hammer 52a1f18c60
fix: if claim is empty and ExpiredAllowed on, abort early and pass through 2024-03-20 14:41:54 -04:00
Derrick Hammer 7df6bb245b
fix: return in wrong spot 2024-03-20 14:34:48 -04:00
Derrick Hammer cfce7348d4
fix: move error conditional outside if 2024-03-20 14:30:03 -04:00
Derrick Hammer 053a55c1f3
fix: invert check 2024-03-20 14:28:46 -04:00
Derrick Hammer 6c0ae8c0e6
refactor: if unauthorized is true, audList may be nil, and we may have to manually parse out the aud unverified to test 2024-03-20 14:27:02 -04:00
Derrick Hammer 9e170bae0d
fix: capture aud in JWTVerifyToken 2024-03-20 14:13:59 -04:00
Derrick Hammer 7616d9f7c9
refactor: set ExpiredAllowed on loginAuthMw2fa 2024-03-20 14:11:21 -04:00
Derrick Hammer 2528fd0afe
refactor: add optionExpiredAllowed to AuthMiddlewareOptions, add jwtPurposeEqual helper, don't error if expired with ExpiredAllowed and the purposes are different 2024-03-20 14:09:41 -04:00
Derrick Hammer bee80a9981
Revert "refactor: if the token doesn't match our purpose only error if EmptyAllowed is off"
This reverts commit b1fcc7f7ae.
2024-03-20 13:55:35 -04:00
Derrick Hammer b1fcc7f7ae
refactor: if the token doesn't match our purpose only error if EmptyAllowed is off 2024-03-20 13:52:25 -04:00
Derrick Hammer f9c834752f
fix: update AllowedHeaders and add Content-Type 2024-03-19 18:25:20 -04:00
Derrick Hammer 30aac94468
fix: update AllowedHeaders and add Authorization 2024-03-19 17:23:35 -04:00
Derrick Hammer 79425b76fc
fix: update AllowedMethods 2024-03-19 15:47:54 -04:00
Derrick Hammer 85738c1065
refactor: replace AllowedOrigins with AllowOriginFunc 2024-03-19 15:45:02 -04:00
Derrick Hammer 7ed63d94cc
refactor: add proxy middleware to add routes 2024-03-19 15:40:03 -04:00
Derrick Hammer c667c9509c
refactor: update cors options handling for S5 2024-03-19 15:37:38 -04:00
Derrick Hammer 4988368b7c
fix: add explicit options routes for all API methods 2024-03-19 15:32:40 -04:00
Derrick Hammer aff371a844
feat: add update password api route 2024-03-19 10:04:27 -04:00
Derrick Hammer ebb19df217
fix: update email endpoint needs auth mw 2024-03-19 09:09:25 -04:00
Derrick Hammer bf6264b01d
fix: malformed routes 2024-03-19 07:53:24 -04:00
Derrick Hammer 080a4a1a85
feat: add /api/account/update-email route 2024-03-19 07:49:15 -04:00
Derrick Hammer fddc64799e
refactor: put some account endpoints under account instead of auth 2024-03-19 07:41:53 -04:00
Derrick Hammer b2b6102216
fix: add Content-Type to tus cors allowed headers 2024-03-18 18:13:24 -04:00
Derrick Hammer 2067c68a72
fix: ctx's not property nested 2024-03-18 17:29:49 -04:00
Derrick Hammer d1c5bde5c1
refactor: add token to ping response message 2024-03-18 17:19:52 -04:00
Derrick Hammer 26a6bda053
feat: add GetAuthTokenFromContext 2024-03-18 17:18:26 -04:00
Derrick Hammer 93105fe5af
refactor: add auth token to the request context 2024-03-18 17:17:52 -04:00
Derrick Hammer 040c662826
refactor: echo the auth cookie back if any exist 2024-03-18 17:03:17 -04:00
Derrick Hammer fd53b98633
fix: allow Upload-Metadata in cors 2024-03-18 15:53:40 -04:00
Derrick Hammer 5b8a7f79f0
fix: use AllowOriginFunc in tus 2024-03-18 15:45:29 -04:00
Derrick Hammer 228cabd83b
fix: cid needs to be lowercase 2024-03-18 14:26:45 -04:00
Derrick Hammer 99d47a4d9c
fix: need to enable AllowCredentials 2024-03-18 14:19:34 -04:00
Derrick Hammer 6b51e7196c
fix: need to whitelist Authorization and Content-Type headers 2024-03-18 14:16:04 -04:00
Derrick Hammer dcab0b46cd
fix: upload cors does not support wildcard methods 2024-03-18 14:13:40 -04:00
Derrick Hammer 65278cb046
fix: add options routes for basic upload 2024-03-18 14:06:58 -04:00
Derrick Hammer 455b793db6
dep: update dashboard 2024-03-18 13:51:29 -04:00
Derrick Hammer 3b01c8642d
refactor: add cors mw for account 2024-03-18 13:50:21 -04:00
Derrick Hammer c68dc51732
refactor: add cors mw for uploads 2024-03-18 13:39:50 -04:00
Derrick Hammer e864bcb098
feat: add upload limit endpoint 2024-03-17 11:16:50 -04:00
Derrick Hammer e73ab26ebf
feat: add logout endpoint 2024-03-17 09:27:57 -04:00
Derrick Hammer fd75ec3f6a
fix: bad alias for authCookieName 2024-03-17 09:19:33 -04:00
Derrick Hammer 9306051812
fix: use account.SetAuthCookie 2024-03-17 09:18:31 -04:00
Derrick Hammer d893216831
fix: SetAuthCookie needs the jwt 2024-03-17 09:18:01 -04:00
Derrick Hammer 5861e95fb5
refactor: update use of SetAuthCookie 2024-03-17 09:15:24 -04:00
Derrick Hammer e7393085b4
refactor: implement new methods for RoutableAPI 2024-03-17 09:13:20 -04:00
Derrick Hammer 4bd2b028b7
chore: remove local setAuthCookie 2024-03-17 09:10:14 -04:00