OneAuth

Commit Graph

Author	SHA1	Message	Date
veypi	69efc4284b	fix(api/oauth): encrypt ClientSecret in database Encrypt OAuth Provider ClientSecret before storing in database to prevent sensitive credential exposure in case of database breach. - Encrypt ClientSecret on create using cfg.Config.Key.Encrypt() - Encrypt ClientSecret on update when provided - Decrypt ClientSecret before use in OAuth token exchange - Add AES-GCM encryption/decryption functions to crypto package - Gracefully handle legacy plaintext secrets during transition	1 week ago
veypi	4a316e6d67	fix(api/auth): reset count variable before uniqueness checks Fix a bug where the count variable was not reset before checking email and phone uniqueness. This could cause false positives if a previous check had count > 0, incorrectly reporting that email or phone already exists when they don't. - Reset count to 0 before email check - Reset count to 0 before phone check	1 week ago
veypi	23c7f6cb7a	refactor(auth): 重构认证系统，支持多种验证方式和 OAuth 提供商管理 - 新增验证模块(api/verification)，统一处理短信和邮件验证码发送 - 新增邮件发送功能(libs/email)，支持 SMTP 协议 - 重构短信模块(libs/sms)，简化阿里云和腾讯云短信接口 - 新增 OAuth 提供商管理 API(api/oauth/providers)，支持 CRUD 操作 - 新增系统设置管理 API(api/settings)，支持动态配置更新 - 重构认证方式管理(api/auth/methods)，支持启用/禁用多种登录方式 - 删除旧的 sms_providers 和 sms API 模块，迁移至新验证体系 - 新增数据库模型：verification、email、oauth_provider、oauth_templates、setting - 更新配置文档，增加新功能的使用说明	1 week ago
veypi	37acea3420	feat: 实现组织成员角色管理功能	1 week ago
veypi	178fa755d4	refactor: 重构认证模型和数据库结构	1 week ago
veypi	8b2a1aba3b	refactor: 统一API错误类型处理	1 week ago
veypi	5daab97008	fix bug	1 week ago
veypi	52f2ae35ab	upgrade new version	1 week ago
veypi	17f81f6a2a	del old file	2 years ago
veypi	5efcf47351	添加权限角色编辑	4 years ago

10 Commits (e96277ee8559b62fd8b8ef630134d63f417d1bb4)