OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
237 Commits
3 Branches
2 Tags
25 MiB
master
v3
v2
v1.0.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'df0f7f047a'
${ noResults }
Commit Graph

60 Commits (df0f7f047ac9743e7ea9690770dc1df416de825c)

Author SHA1 Message Date
veypi df0f7f047a refactor: Rename Config to Global and simplify app initialization 
- Rename cfg.Config to cfg.Global for consistency
    - Simplify cli/main.go to use vbase.App.Run() pattern
    - Update init.go to create app with vigo.New and Init function
    - Update all references from cfg.Config to cfg.Global across api, libs, models, and tests
    - Fix VBase constructor parameter order in ui/vbase.js
    - Update ui/env.js to use new VBase('vb', '/') initialization
 5 days ago
veypi c588962485 fix: Add input validation and OAuth client access control 
- Add username validation (required, 3-50 chars, alphanumeric + underscore)
    - Add password validation (required, minimum 8 characters)
    - Add email format validation using regex
    - Add owner check in OAuth client update and delete operations
    - Allow admin users with wildcard permission to access all organizations
 7 days ago
veypi fba42193cf feat(api): Enhance /auth/me endpoint with permissions and roles 
- Add UserPermissionInfo and UserInfoWithPerms structs for detailed user info
    - Extend /auth/me to return user permissions and global roles
    - Remove unused isAdmin helper method from auth.go
    - Update updateMe to return UserInfoWithPerms for consistency
 7 days ago
veypi b0322047cd feat: Restrict user APIs to admins and add public user search 
- Add /api/auth/users endpoint for authenticated users to search other users
    - Only return public info (id, username, nickname, avatar) in search results
    - Change /api/user routes to require user:admin permission instead of user:read
    - Update auth tests to use /api/auth/me for self updates
    - Add tests for new user search endpoint
 1 week ago
veypi f7c4f1ee86 test: improve test stability and documentation 
- Add 'clean_run.sh' script to reset database and restart server for clean test environment
    - Update 'README.md' with detailed troubleshooting guide and pitfalls
    - Add '04_org_load_middleware.sh' to test LoadOrg middleware functionality
    - Update 'run_all.sh' to include new middleware test
    - Fix BASE_URL handling in 'lib.sh' and test scripts to support custom environments
    - Update '02_resource_perm.sh' to fix admin permission checks
    - Remove debug logging from 'auth.go'
 1 week ago
veypi 11a689f28d fix(auth): Fix permission logic and add org member API 
- Add api/org/add_member.go for adding organization members
    - Register POST /api/orgs/{id}/members endpoint
    - Fix PermWithOwner to check owner before permission
    - Remove user:update from user role (should use owner check)
    - Add service enabled check in verification send
 1 week ago
veypi e96277ee85 fix(api/settings): wrap batch update in database transaction 
Use database transaction for batch settings update to ensure atomicity.
If any individual update fails, the entire batch will be rolled back,
preventing partial configuration updates.

- Wrap all updates in db.Transaction()
- Return detailed error on failure
 1 week ago
veypi 5304c30fb9 fix(api/verification): validate purpose parameter 
Add validation for the 'purpose' parameter in verification code requests
to ensure only allowed values are accepted.

Valid purposes: register, login, reset_password, bind
Invalid purposes will be rejected with 400 Bad Request.
 1 week ago
veypi 241d22dba6 fix(api/verification): handle max_daily_count config correctly 
Fix the logic for code.max_daily_count setting to correctly handle:
- 0: Disable verification code service entirely
- -1: No limit on daily sends
- >0: Limit daily sends to the specified number

Previously both 0 and -1 were treated as unlimited, which was incorrect.
The documentation states 0 should disable the service.
 1 week ago
veypi 69efc4284b fix(api/oauth): encrypt ClientSecret in database 
Encrypt OAuth Provider ClientSecret before storing in database to prevent
sensitive credential exposure in case of database breach.

- Encrypt ClientSecret on create using cfg.Config.Key.Encrypt()
- Encrypt ClientSecret on update when provided
- Decrypt ClientSecret before use in OAuth token exchange
- Add AES-GCM encryption/decryption functions to crypto package
- Gracefully handle legacy plaintext secrets during transition
 1 week ago
veypi 4a316e6d67 fix(api/auth): reset count variable before uniqueness checks 
Fix a bug where the count variable was not reset before checking
email and phone uniqueness. This could cause false positives if
a previous check had count > 0, incorrectly reporting that email
or phone already exists when they don't.

- Reset count to 0 before email check
- Reset count to 0 before phone check
 1 week ago
veypi 9dc866315f fix(api/settings): add admin permission check for settings update 
Add permission check in settings update API to ensure only admin users
can modify system settings. This fixes a security vulnerability where
any authenticated user could modify critical configurations.

- Check 'setting:update' permission before allowing updates
- Return 403 Forbidden for non-admin users
 1 week ago
veypi 23c7f6cb7a refactor(auth): 重构认证系统,支持多种验证方式和 OAuth 提供商管理 
- 新增验证模块(api/verification),统一处理短信和邮件验证码发送
    - 新增邮件发送功能(libs/email),支持 SMTP 协议
    - 重构短信模块(libs/sms),简化阿里云和腾讯云短信接口
    - 新增 OAuth 提供商管理 API(api/oauth/providers),支持 CRUD 操作
    - 新增系统设置管理 API(api/settings),支持动态配置更新
    - 重构认证方式管理(api/auth/methods),支持启用/禁用多种登录方式
    - 删除旧的 sms_providers 和 sms API 模块,迁移至新验证体系
    - 新增数据库模型:verification、email、oauth_provider、oauth_templates、setting
    - 更新配置文档,增加新功能的使用说明
 1 week ago
veypi ba39611f58 fix(org): 为组织创建者添加权限 
创建组织时,为组织特定的 admin 角色添加权限:
- vb:*:* (通配符权限)
- vb:org:read
- vb:org:update
- vb:org:delete

修复了组织创建者无法修改自己创建的组织的问题
 1 week ago
veypi 37acea3420 feat: 实现组织成员角色管理功能 1 week ago
veypi 691f1df75b feat: 添加角色管理模块(API + UI) 1 week ago
veypi 178fa755d4 refactor: 重构认证模型和数据库结构 1 week ago
veypi 8b2a1aba3b refactor: 统一API错误类型处理 1 week ago
veypi 983a5651a3 fix: 修复路由和页面加载问题 1 week ago
veypi dea82e80a1 validate resource 1 week ago
veypi 5daab97008 fix bug 1 week ago
veypi 26bd0bfd29 update 1 week ago
veypi 8fa01c4c52 upgrade 1 week ago
veypi ced7cc6a07 update perm 1 week ago
veypi 52f2ae35ab upgrade new version 1 week ago
veypi 45708ca4f0 remove old 1 week ago
veypi a3923ebcdb update 2 weeks ago
veypi 89e7caa7b0 uodate login api 3 weeks ago
veypi 6d0ec8e6ba rename to vbase 3 weeks ago
veypi a74ccb104f update to new vigo version 3 weeks ago
veypi 1880a6ce0f update router params 3 weeks ago
veypi 67b92662d1 add sms enable option 2 months ago
veypi 95eccc2cde update 6 months ago
veypi 69b4b7c504 change vyes-ai 7 months ago
veypi 134ab38751 fix: fix login bug 7 months ago
veypi ada216cfd5 feat: change auth check 7 months ago
veypi 1a29442c1c im dead 7 months ago
veypi e83f2da265 update crud and env.js 7 months ago
veypi ae463e0723 update 7 months ago
veypi a5339aa589 feat: oauth demo 7 months ago
veypi 959e390126 feat: change to vigo 7 months ago
veypi 3b9cbe1c1b feat: change axios and add auth refresh 8 months ago
veypi d472464d8a update 10 months ago
veypi 71924315b4 update access 10 months ago
veypi 6277ab0c4c feat: update app resouce 10 months ago
veypi 7e7e6ed506 feat: simplify user login 10 months ago
veypi 5112f1ab7d change to new version 10 months ago
veypi 17f81f6a2a del old file 2 years ago
veypi f9065abe55 update 4 years ago
veypi 5e341aeef5 对接oa 去掉用户 4 years ago