* ent re-generation
* add oidc integration
* document oidc integration
* go fmt
* address backend linter findings
* run prettier on index.vue
* State cookie domain can mismatch when Hostname override is used (breaks CSRF check). Add SameSite.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Delete state cookie with matching domain and MaxAge; add SameSite.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Fix endpoint path in comments and error to include /api/v1.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Also use request context when verifying the ID token.
* Do not return raw auth errors to clients (user-enumeration risk).
* consistently set cookie the same way across function
* remove baseURL after declaration
* only enable OIDC routes if OIDC is enabled
* swagger doc for failure
* Only block when provider=local; move the check after parsing provider
* fix extended session comment
* reduce pii logging
* futher reduce pii logging
* remove unused DiscoveryDocument
* remove unused offline_access from default oidc scopes
* remove offline access from AuthCodeURL
* support host from X-Forwarded-Host
* set sane default claim names if unset
* error strings should not be capitalized
* Revert "run prettier on index.vue"
This reverts commit aa22330a23.
* Add timeout to provider discovery
* Split scopes robustly
* refactor hostname calculation
* address frontend prettier findings
* add property oidc on type APISummary
* LoginOIDC: Normalize inputs, only create if not found
* add oidc email verification
* oidc handleCallback: clear state cookie before each return
* add support for oidc nonce parameter
* Harden first-login race: handle concurrent creates gracefully and fix log key.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* support email verified claim as bool or string
* fail fast on empty email
* PKCE verifier
* fix: add timing delay to attachment test to resolve CI race condition
The attachment test was failing intermittently in CI due to a race condition
between attachment creation and retrieval. Adding a small 100ms delay after
attachment creation ensures the file system and database operations complete
before the test attempts to verify the attachment exists.
* Revert "fix: add timing delay to attachment test to resolve CI race condition"
This reverts commit 4aa8b2a0d829753e8d2dd1ba76f4b1e04e28c45e.
* oidc error state, use ref
* rename oidc.force to oidc.authRedirect
* remove hardcoded oidc error timeout
* feat: sub/iss based identity matching and userinfo endpoint collection
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Matthew Kilgore <matthew@kilgore.dev>
* Remove documents table (WIP)
* Further cleanup of documents table
* This should clean up the errors, but actual attachment handling still needs added.
* Full generation to update the JS side of things too
* Further fixes
* Fix cyclic dependency issue
* In theory the API side works now
* Fix go linting issues
* Fix frontend issues
* Way closer, but has a foreign key constrant issue
* UI actually works now
* Fix deduplication feature not working right
* Upgrade to `golangci-lint` v2 file
* Add ability to set primary during attachment creation
* Update swagger with new primary attachment during creation stuff
* Files are actually saved now, but there's still a bug
* Fix critical issue whith how deletions were working
* Fix the byte copy issue
* Hopefully everything is fixed now
* Fix golangci-lint config and lint files
* Fix lint issue
* Fix a few more tests
* Fix lint issues again
* More minor test fixes
* Update backend/internal/core/services/service_items_attachments.go
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Fix migration (I think)
* Fixed postgres migration
* Change some migration options to work better
* Some more little things that I tried
* Fix merge go.mod
* Fix migrations
* Little lint thing
* Fix AttachmentsList.vue with updated API
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* [VNEXT] feat: Multi-DB type support (#291)
* feat: Multi-DB type URL formats and config
* fix: remove legacy sqlite path config and minor other things
* fix: dumb eslint issues
* fix: dumb eslint issues
* fix: application can be tested with sqlite
* fix: minor config formatting
* chore: some cleanup
* feat: postgres migration creation now works
The migration creation for postgres now works properly.
Removed MySQL support, having too many issues with it at this time.
* chore: revert some strings back to bytes as they should be
* feat: improve languages support
* feat: add locale time ago formatting and the local name for the language in language dropdown
* Update FUNDING.yml
* chore: remove some more mysql stuff
* fix: coderabbit security recommendations
* fix: validate postgres sslmode
* Update migrations.go
* fix: postgres migration creation now works
* fix: errors in raw sql queries
* fix: lint error, and simpler SQL query
* fix: migrations directory string
* fix: stats related test
* fix: sql query
* Update TextArea.vue
* Update TextField.vue
* chore: run integration testing on multiple postgresql versions
* chore: jobs should run for vnext branch PRs
* fix: missed $ for Postgres testing
* fix: environment variable for db ssl mode
* fix: lint issue from a merge
* chore: trying to fix postgresql testing
* chore: trying to fix postgresql testing
* fix: trying to fix postgresql testing
* fix: trying to fix postgresql testing
---------
Co-authored-by: tonya <tonya@tokia.dev>
* fix: publish docker vnext branch
* Add upgrade guide documentation
* chore: add new config options to documentation
* Update vnext (#314)
* feat: make 404 follow theme and add a return home page
* feat: sanitise translations when using v-html
* chore: Add native API docs to website
* chore: remove try it button from api docs
---------
Co-authored-by: tonyaellie <tonya@tokia.dev>
* Update Dockerfile
Update dockerfile to test the theory of data folder breaking in vnext
* fix: broken docker image
* fix: statistics
* feat: support mm, cm and inches for label generation
* [VNEXT] feat: Multi-DB type support (#291)
* feat: Multi-DB type URL formats and config
* fix: remove legacy sqlite path config and minor other things
* fix: dumb eslint issues
* fix: dumb eslint issues
* fix: application can be tested with sqlite
* fix: minor config formatting
* chore: some cleanup
* feat: postgres migration creation now works
The migration creation for postgres now works properly.
Removed MySQL support, having too many issues with it at this time.
* chore: revert some strings back to bytes as they should be
* feat: improve languages support
* feat: add locale time ago formatting and the local name for the language in language dropdown
* Update FUNDING.yml
* chore: remove some more mysql stuff
* fix: coderabbit security recommendations
* fix: validate postgres sslmode
* Update migrations.go
* fix: postgres migration creation now works
* fix: errors in raw sql queries
* fix: lint error, and simpler SQL query
* fix: migrations directory string
* fix: stats related test
* fix: sql query
* Update TextArea.vue
* Update TextField.vue
* chore: run integration testing on multiple postgresql versions
* chore: jobs should run for vnext branch PRs
* fix: missed $ for Postgres testing
* fix: environment variable for db ssl mode
* fix: lint issue from a merge
* chore: trying to fix postgresql testing
* chore: trying to fix postgresql testing
* fix: trying to fix postgresql testing
* fix: trying to fix postgresql testing
---------
Co-authored-by: tonya <tonya@tokia.dev>
* fix: publish docker vnext branch
* Add upgrade guide documentation
* chore: add new config options to documentation
* Update Dockerfile
Update dockerfile to test the theory of data folder breaking in vnext
* fix: broken docker image
* fix: statistics
* feat: support mm, cm and inches for label generation
* Update go dependencies
* Update documentation
* Slight update to docker actions
* Small doc update
* More doc changes
* Sort out migrations
* Temp fix to broken stats test
* Update dependencies
* Update documentation
* Fix broken merge
* Fix docker image sqlite path
* Fix minor taskfile issue
---------
Co-authored-by: tonya <tonya@tokia.dev>
Co-authored-by: Katos <7927609+katosdev@users.noreply.github.com>
