* chore: update copyright year in license headers
* Revert "chore: update copyright year in license headers"
This reverts commit 3e58129c431b9a491089ce36b908f9bb6ba38ed3.
* chore: update copyright year in license headers
* fix: sort go imports
* fix: add missing license headers
* feat(auth): implement oidc
* refactor(auth): centralize OIDC state cookie handling
* fix(web): resolve unused error variables in route handlers
* docs(readme): add OIDC authentication feature to list
* fix(auth): improve OIDC cookie handling for reverse proxy setups
The OIDC state cookie's Secure flag is now properly set when running behind a reverse proxy by checking both direct TLS and X-Forwarded-Proto header. This fixes authentication issues in common setups where:
- autobrr runs behind a reverse proxy that terminates HTTPS
- local development environments without TLS
- mixed protocol environments (internal HTTP, external HTTPS)
* fix: use crypt/random if argon2id fails
* feat(auth): show both login options when user exists in db
if user doesn't exist, e.g. canOnboard=true then we only show the OIDC button, since regular login makes no sense in that case
If user does not exist in db and the user wants to create a local user, OIDC needs to be disabled first
* feat(auth): improve OIDC provider initialization with discovery logging
* revert(issuer): do not remove trailing slash
* feat(auth): improve OIDC username resolution with additional claims
* fix(auth): handle OIDC issuer URLs with and without trailing slashes
When initializing the OIDC provider, automatically retry with/without trailing
slash if the first attempt fails.
- First attempts with original issuer URL
- If fails with trailing slash, retries without
- If fails without trailing slash, retries with
* feat(oidc): add gorilla sessions store for secure state management
Add gorilla sessions store to handle encrypted state cookies in OIDC flow,
while removing redundant session validation checks
Co-authored-by: Kyle Sanderson <kyle.leet@gmail.com>
* fix(auth): prevent duplicate OIDC state cookies for authenticated sessions
Modify OIDC config handler to check for existing authenticated sessions
before setting state cookie. Still returns OIDC enabled status to maintain
UI state, but prevents unnecessary cookie creation for authenticated users.
* feat(oidc): use random secret for temporary state cookies
Co-authored-by: Kyle Sanderson <kyle.leet@gmail.com>
* feat(auth): add rate limiting to OIDC endpoints
Co-authored-by: Kyle Sanderson <kyle.leet@gmail.com>
* fix(auth): validate OIDC authorization code presence in callback
Co-authored-by: Kyle Sanderson <kyle.leet@gmail.com>
* fix(auth): properly handle OIDC session errors
Improve error handling in OIDC login flow by properly handling cookie store
session errors. Return HTTP 500 if session cannot be retrieved instead of
silently continuing with potentially invalid state.
Co-authored-by: Kyle Sanderson <kyle.leet@gmail.com>
* feat(auth): track and display authentication method for oidc and password logins
* fix: tests
* docs(readme): add environment variable section
* go mod tidy
* chore: log style and errors
---------
Co-authored-by: Kyle Sanderson <kyle.leet@gmail.com>
Co-authored-by: ze0s <ze0s@riseup.net>
* feat(web): add theme toggle to navbar
* refactor: move OS theme detection to App.tsx
* fix: disallowed unused variables
* fix: removed unused variable
* refactor: check for os color scheme in SettingsContextDefaults
* refactor: remove unnecessary iconTheme variable
* fix: add title tag to button
* add react suspense, fix broken stuff, clean up code, improve DX
enhancement: added react suspense + spinner to show loading (still can be added in certain places)
chore: cleaned up Header/NavBar code
chore: cleaned up DeleteModal code
chore: cleaned up other relevant code
enhancement: changed remove button style to be much more pleasant (see e.g. filter tabs)
fix: made active tab on filters page to be blue (as it should've been) when active
fix: fixed ghost delimiter which was only visible when DeleteModal was active in FormButtonGroup
chore: removed most of linter warnings/errors
fix: fixed incorrect/double modal transition in FilterExternalItem
fix: fixed incorrect z-height on Options popover in Settings/IRC (would've been visible when Add new was clicked)
enhancement: improved robustness of all Context classes to support seamless new-feature expansion (#866)
enhancement: improved expand logic (see #994 comments)
* reverted irc expand view to previous design
* forgot to propagate previous z-height fix
* jinxed it
* add license header to new files
---------
Co-authored-by: martylukyy <35452459+martylukyy@users.noreply.github.com>
Co-authored-by: Kyle Sanderson <kyle.leet@gmail.com>
* refactor: move to tanstack/react-query and fix cache
* refactor(releases): move to tanstack/react-query
* refactor(logs): move to tanstack/react-query
* refactor(base): move to tanstack/react-query
* refactor(base): move to tanstack/react-query
* refactor(dashboard): move to tanstack/react-query
* refactor(auth): move to tanstack/react-query
* refactor(filters): move to tanstack/react-query
* refactor(settings): move to tanstack/react-query
* chore(pkg): add tanstack/react-query
* refactor(filters): move to tanstack/react-query
* refactor: move to tanstack/react-query
* refactor: invalidate queries
* chore(pkg): remove old react-query
* chore: change imports to root prefixes
* build: remove needs web from test
* set enableReinitialize to true to fix formik caching issues
* fix all property for apiKeys const
* fix toast when enabling/disabling feed
---------
Co-authored-by: martylukyy <35452459+martylukyy@users.noreply.github.com>
* fix(tsconfig.json): changed skipLibCheck to false.
refactor(eslint): moved configuration from package.json to .eslintrc.js and added a typescript plugin for future use
* feat: wip eslint and types
* feat: fix identation
* feat: get rid of last any types
* enhancement(frontend/logs): added ability to indent messages, hide wrapped text and ability to turn off "scroll to bottom page on new line". addresses #232
* fix: improved "hide wrapped text" feature
* Removed recoil and replaced it with react-ridge-state, a 0.4kb alternative.
* Added AuthContext and SettingsContext persistent localStorage states.
* Fixed tailwind.config.js incorrect key directive. See https://tailwindcss.com/docs/content-configuration#safelisting-classes.
* Changed darkMode in Tailwind to "class" and started manually adjusting the theme according to the appropriate media query.
* Added possibility of changing the theme manually via the Settings tab.
* Changed Releases.tsx behavior to show the UI only when the HTTP request succeeded and there is some data (i.e. table is non-empty).
* Changed the table color of screens/filters/list.tsx to a one notch lighter shade of gray for eye-comfort.
* Replaced "User" in the header, with the users real username.
* Made data version, commit and date fields optional in settings/Application.tsx.
* Started working on a RegExp playground, which works fine, but JS won't cooperate and return the right match length. Either way, the RegExp must be implemented on backend and then must be communicated with the frontend. Otherwise a potential for incorrect results exists.
* Removed Layout.tsx, since it was redundant.
* Created a Checkbox component class for easier and consistent future use.
* Rewritten App.tsx, Login.tsx, Logout.tsx to accomodate for new changes.
* Fixed previous mistake regarding tailwind.config.js purge key, since we're still using old postcss7 from October last year
* Removed package-lock.json from both root and web directories.
* Refresh TypeScript configuration to support a types/ directory containing d.ts. The effect of this is that types don't have to be imported anymore and are at all times available globally. This also unifies them into a single source of truth, which will be a lot easier to manage in the future. Note: Only certain interop types have been moved at the time of writing.
* Fixed minor Checkbox argument mistake.
* fix: remove length from data check
* chore: lock files are annoying
* fix: select
* fix: wip release filtering
