* ent re-generation
* add oidc integration
* document oidc integration
* go fmt
* address backend linter findings
* run prettier on index.vue
* State cookie domain can mismatch when Hostname override is used (breaks CSRF check). Add SameSite.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Delete state cookie with matching domain and MaxAge; add SameSite.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Fix endpoint path in comments and error to include /api/v1.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Also use request context when verifying the ID token.
* Do not return raw auth errors to clients (user-enumeration risk).
* consistently set cookie the same way across function
* remove baseURL after declaration
* only enable OIDC routes if OIDC is enabled
* swagger doc for failure
* Only block when provider=local; move the check after parsing provider
* fix extended session comment
* reduce pii logging
* futher reduce pii logging
* remove unused DiscoveryDocument
* remove unused offline_access from default oidc scopes
* remove offline access from AuthCodeURL
* support host from X-Forwarded-Host
* set sane default claim names if unset
* error strings should not be capitalized
* Revert "run prettier on index.vue"
This reverts commit aa22330a23.
* Add timeout to provider discovery
* Split scopes robustly
* refactor hostname calculation
* address frontend prettier findings
* add property oidc on type APISummary
* LoginOIDC: Normalize inputs, only create if not found
* add oidc email verification
* oidc handleCallback: clear state cookie before each return
* add support for oidc nonce parameter
* Harden first-login race: handle concurrent creates gracefully and fix log key.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* support email verified claim as bool or string
* fail fast on empty email
* PKCE verifier
* fix: add timing delay to attachment test to resolve CI race condition
The attachment test was failing intermittently in CI due to a race condition
between attachment creation and retrieval. Adding a small 100ms delay after
attachment creation ensures the file system and database operations complete
before the test attempts to verify the attachment exists.
* Revert "fix: add timing delay to attachment test to resolve CI race condition"
This reverts commit 4aa8b2a0d829753e8d2dd1ba76f4b1e04e28c45e.
* oidc error state, use ref
* rename oidc.force to oidc.authRedirect
* remove hardcoded oidc error timeout
* feat: sub/iss based identity matching and userinfo endpoint collection
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Matthew Kilgore <matthew@kilgore.dev>
* fix: Remove log.Fatal in favor of returning errors
This change is useful for including error tracking, which needs the
application to not terminate immediately, and instead give the tracer
time to capture and flush errors.
* Fix CodeRabbit issues
---------
Co-authored-by: Matthew Kilgore <matthew@kilgore.dev>
* Remove documents table (WIP)
* Further cleanup of documents table
* This should clean up the errors, but actual attachment handling still needs added.
* Full generation to update the JS side of things too
* Further fixes
* Fix cyclic dependency issue
* In theory the API side works now
* Fix go linting issues
* Fix frontend issues
* Way closer, but has a foreign key constrant issue
* UI actually works now
* Fix deduplication feature not working right
* Upgrade to `golangci-lint` v2 file
* Add ability to set primary during attachment creation
* Update swagger with new primary attachment during creation stuff
* Files are actually saved now, but there's still a bug
* Fix critical issue whith how deletions were working
* Fix the byte copy issue
* Hopefully everything is fixed now
* Fix golangci-lint config and lint files
* Fix lint issue
* Fix a few more tests
* Fix lint issues again
* More minor test fixes
* Update backend/internal/core/services/service_items_attachments.go
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Fix migration (I think)
* Fixed postgres migration
* Change some migration options to work better
* Some more little things that I tried
* Fix merge go.mod
* Fix migrations
* Little lint thing
* Fix AttachmentsList.vue with updated API
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* [VNEXT] feat: Multi-DB type support (#291)
* feat: Multi-DB type URL formats and config
* fix: remove legacy sqlite path config and minor other things
* fix: dumb eslint issues
* fix: dumb eslint issues
* fix: application can be tested with sqlite
* fix: minor config formatting
* chore: some cleanup
* feat: postgres migration creation now works
The migration creation for postgres now works properly.
Removed MySQL support, having too many issues with it at this time.
* chore: revert some strings back to bytes as they should be
* feat: improve languages support
* feat: add locale time ago formatting and the local name for the language in language dropdown
* Update FUNDING.yml
* chore: remove some more mysql stuff
* fix: coderabbit security recommendations
* fix: validate postgres sslmode
* Update migrations.go
* fix: postgres migration creation now works
* fix: errors in raw sql queries
* fix: lint error, and simpler SQL query
* fix: migrations directory string
* fix: stats related test
* fix: sql query
* Update TextArea.vue
* Update TextField.vue
* chore: run integration testing on multiple postgresql versions
* chore: jobs should run for vnext branch PRs
* fix: missed $ for Postgres testing
* fix: environment variable for db ssl mode
* fix: lint issue from a merge
* chore: trying to fix postgresql testing
* chore: trying to fix postgresql testing
* fix: trying to fix postgresql testing
* fix: trying to fix postgresql testing
---------
Co-authored-by: tonya <tonya@tokia.dev>
* fix: publish docker vnext branch
* Add upgrade guide documentation
* chore: add new config options to documentation
* Update vnext (#314)
* feat: make 404 follow theme and add a return home page
* feat: sanitise translations when using v-html
* chore: Add native API docs to website
* chore: remove try it button from api docs
---------
Co-authored-by: tonyaellie <tonya@tokia.dev>
* Update Dockerfile
Update dockerfile to test the theory of data folder breaking in vnext
* fix: broken docker image
* fix: statistics
* feat: support mm, cm and inches for label generation
* [VNEXT] feat: Multi-DB type support (#291)
* feat: Multi-DB type URL formats and config
* fix: remove legacy sqlite path config and minor other things
* fix: dumb eslint issues
* fix: dumb eslint issues
* fix: application can be tested with sqlite
* fix: minor config formatting
* chore: some cleanup
* feat: postgres migration creation now works
The migration creation for postgres now works properly.
Removed MySQL support, having too many issues with it at this time.
* chore: revert some strings back to bytes as they should be
* feat: improve languages support
* feat: add locale time ago formatting and the local name for the language in language dropdown
* Update FUNDING.yml
* chore: remove some more mysql stuff
* fix: coderabbit security recommendations
* fix: validate postgres sslmode
* Update migrations.go
* fix: postgres migration creation now works
* fix: errors in raw sql queries
* fix: lint error, and simpler SQL query
* fix: migrations directory string
* fix: stats related test
* fix: sql query
* Update TextArea.vue
* Update TextField.vue
* chore: run integration testing on multiple postgresql versions
* chore: jobs should run for vnext branch PRs
* fix: missed $ for Postgres testing
* fix: environment variable for db ssl mode
* fix: lint issue from a merge
* chore: trying to fix postgresql testing
* chore: trying to fix postgresql testing
* fix: trying to fix postgresql testing
* fix: trying to fix postgresql testing
---------
Co-authored-by: tonya <tonya@tokia.dev>
* fix: publish docker vnext branch
* Add upgrade guide documentation
* chore: add new config options to documentation
* Update Dockerfile
Update dockerfile to test the theory of data folder breaking in vnext
* fix: broken docker image
* fix: statistics
* feat: support mm, cm and inches for label generation
* Update go dependencies
* Update documentation
* Slight update to docker actions
* Small doc update
* More doc changes
* Sort out migrations
* Temp fix to broken stats test
* Update dependencies
* Update documentation
* Fix broken merge
* Fix docker image sqlite path
* Fix minor taskfile issue
---------
Co-authored-by: tonya <tonya@tokia.dev>
Co-authored-by: Katos <7927609+katosdev@users.noreply.github.com>
* introduce scaffold for new models
* wip: shoutrrr wrapper (may remove)
* update schema files
* gen: ent code
* gen: migrations
* go mod tidy
* add group_id to notifier
* db migration
* new mapper helpers
* notifier repo
* introduce experimental adapter pattern for hdlrs
* refactor adapters to fit more common use cases
* new routes for notifiers
* update errors to fix validation panic
* go tidy
* reverse checkbox label display
* wip: notifiers UI
* use badges instead of text
* improve documentation
* add scaffold schema reference
* remove notifier service
* refactor schema folder
* support group edges via scaffold
* delete test file
* include link to API docs
* audit and update documentation + improve format
* refactor schema edges
* refactor
* add custom validator
* set validate + order fields by name
* fix failing tests
* new PR tasks
* add homebox to know words
* formatting
* bump deps
* generate db models
* ts errors
* drop id
* fix accessor
* drop unused time field
* change CI
* add expected error
* add type check
* resolve serveral type errors
* hoise in CI
* add date format and orDefault helpers
* introduce new statistics calculations queries
* rework statistics endpoints
* code generation
* fix styles on photo card
* label and location aggregation endpoints
* code-gen
* cleanup parser and defaults
* remove debug point
* setup E2E Testing
* linters
* formatting
* fmt plus name support on time series data
* code gen
* schema changes
* db generate
* db migration
* add role based middleware
* implement attachment token access
* generate docs
* implement role based auth
* replace attachment specific tokens with gen token
* run linter
* cleanup temporary token implementation
Add archive option feature. Archived items can only be seen on the items page when including archived is selected. Archived items are excluded from the count and from other views
