Simon/romm
1
0
Fork 0
mirror of https://github.com/rommapp/romm.git synced 2026-06-28 06:46:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,254 Commits 45 Branches 191 Tags
master
Commit Graph

53 Commits

Author SHA1 Message Date
Georges-Antoine Assi
29112b4ddc create device on login web 2026-03-15 11:25:39 -04:00
HydroSulphide
fe4d42e192 removed unused import "Final" 2026-03-12 06:55:45 +01:00
HydroSulphide
8293c7ba9b Make OAuth token expiry configurable via env vars 2026-03-12 06:48:48 +01:00
HydroSulphide
b9ea937373 Merge branch 'master' into fix-oauth-token-expiry-and-refresh-rotation 2026-03-10 08:51:44 +01:00
HydroSulphide
8758cb31b7 Tried to fix everything the bot complained about and the failed pytests. 
Three tests were also implemented to check initial implementation that now invalidates expired access and refresh tokens and also rotating refresh tokens.

Since I introduced wrapper functions for create_oauth_token to distinguish between access and refresh token there is no need to set the token type in the data dict, since the type is now enforced in the wrapper functions create_access_token and create_refresh_token.

By convention I renamed create_oauth_token to _create_oauth_token as it is considered a private helper function now.
 2026-03-10 07:22:02 +01:00
Georges-Antoine Assi
11c16e92bd run fmt 2026-03-09 22:53:30 -04:00
Georges-Antoine Assi
9e31430c88 run fmt 2026-03-09 22:32:54 -04:00
copilot-swe-agent[bot]
4992731265 Address code review feedback: log OIDC metadata errors, remove redundant import 
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
 2026-03-10 02:01:59 +00:00
copilot-swe-agent[bot]
dda77737af Implement OIDC RP-Initiated Logout (end-session endpoint) 
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
 2026-03-10 01:56:47 +00:00
HydroSulphide
41f64eb42b fix: oauth token invalidation on expiration date and rotating refresh token 2026-03-09 17:03:29 +01:00
Georges-Antoine Assi
1f64e8437b Switch ACCESS_TOKEN_EXPIRE_MINUTES to SECONDS 2026-03-08 22:46:54 -04:00
Georges-Antoine Assi
b3339c177b Run formatter on alembic files 2026-02-17 15:12:33 -05:00
Georges-Antoine Assi
ec6bb24662 Add new redis-backed session middleware 2025-11-22 10:47:59 -05:00
Georges-Antoine Assi
ab06a321e0 Check if user is enabled before generating auth tokne 2025-10-03 09:34:40 -04:00
Michael Manganiello
e4e3928d1b misc: Apply import sorting 2025-09-04 11:17:00 -03:00
Georges-Antoine Assi
8061db40b2 fix tests and cleanup 2025-08-02 17:55:43 -04:00
Georges-Antoine Assi
53f9b8c9f7 remove auth response 2025-08-02 14:43:54 -04:00
Georges-Antoine Assi
1f5fa946be cleanup auth resopnses 2025-08-02 13:47:04 -04:00
Georges-Antoine Assi
70fe56296b Replace MessageResponse with spcific responses 2025-08-02 13:42:35 -04:00
Georges-Antoine Assi
c7cdbad141 tiny typo fix in auth 2025-07-19 10:03:55 -04:00
zurdi
eb4997a189 refactor: update password reset endpoint documentation and improve scroll behavior in router 2025-05-14 15:19:05 +00:00
zurdi
d27f4d626b feat: Reset forgotten password added 2025-05-13 09:35:53 +00:00
Georges-Antoine Assi
db26248f04 Remove disabled login check from login endpoint 2025-03-21 14:58:47 -04:00
Michael Manganiello
70825830c4 misc: Set prefix and tags to API routers 
Improve OpenAPI documentation by setting tags to each API router. Also,
set a prefix to each router to group the endpoints by their
functionality.
 2025-02-09 11:31:13 -03:00
Georges-Antoine Assi
696a1c6122 Merge branch 'master' into rom-hashing-background-task 2025-01-15 21:51:23 -05:00
Georges-Antoine Assi
04c31374af disable login endpoint as wel 2025-01-07 17:28:13 -05:00
Georges-Antoine Assi
4473b6e498 fix formatting and tests 2024-12-28 10:11:36 -05:00
Georges-Antoine Assi
3fcce6606c complete updating the endpoints and models 2024-12-20 22:41:56 -05:00
Georges-Antoine Assi
34d49e6494 changes from self review 2024-12-13 11:33:39 -05:00
Georges-Antoine Assi
2d5bc34e9c add tests for oidc handler 2024-12-12 17:37:30 -05:00
Georges-Antoine Assi
f2f8956ad4 more cleanup of unneded oauth code 2024-11-29 09:26:03 -05:00
Georges-Antoine Assi
3abf50b056 changes from self review 2024-11-27 23:28:54 -05:00
Georges-Antoine Assi
11923786be fetch and use rsa key 2024-11-27 22:40:02 -05:00
Georges-Antoine Assi
bc5c2e45f3 wokring oidc setup with authentik 2024-11-26 23:57:15 -05:00
Georges-Antoine Assi
3a91b7ba54 Merge branch 'master' into openid-connect 2024-11-26 19:52:18 -05:00
Georges-Antoine Assi
8fc25cde99 use timezone aware datetimes 2024-09-09 10:11:46 -04:00
Michael Manganiello
8abbae4c02 misc: Make backend handle URLs with trailing slash 
According to multiple FastAPI discussions [1], FastAPI only includes a
built-in mechanism to redirect requests including a trailing slash, to
its variation without slash, using a `307` status code.

This can be an issue when certain clients do not send the same headers
on the redirected request.

This change adds a custom FastAPI `APIRouter`, that registers both route
path variations (with and without trailing slash), while only marking
the path without slash for being included in the OpenAPI schema.

[1] https://github.com/fastapi/fastapi/discussions/7298
 2024-08-07 00:22:21 -03:00
Georges-Antoine Assi
a46eb5643b more stuff 2024-08-04 19:00:14 -04:00
Georges-Antoine Assi
0fae870837 start work with fake openid add for testing 2024-08-04 00:41:34 -04:00
Georges-Antoine Assi
2a980a04e6 last bits of fixes 2024-05-21 17:52:13 -04:00
Georges-Antoine Assi
b2085f87a8 bunch of fixes for trunk 2024-05-21 17:10:11 -04:00
Georges-Antoine Assi
a7cf0d389a run trunk format on all files 2024-05-21 10:18:13 -04:00
Georges-Antoine Assi
2756121f06 Merge branch 'master' into python-pkg-drop 2024-05-14 09:22:59 -04:00
Georges-Antoine Assi
444a0fe9f6 fix auth jwt parsing 2024-05-13 09:39:12 -04:00
Georges-Antoine Assi
2749aaee4a rename back to old names 2024-05-05 16:59:30 -04:00
Georges-Antoine Assi
9ad28f3294 more refactoring again 2024-05-05 16:32:40 -04:00
Georges-Antoine Assi
def2608c28 refactor db handlers 2024-05-05 15:46:07 -04:00
Georges-Antoine Assi
1a2c914045 refactor handlers out into own files 2024-05-05 12:45:56 -04:00
Georges-Antoine Assi
c3e1f4f44c [ROMM-618] Add last logged in and last active for users 2024-04-06 15:29:40 -04:00
Georges-Antoine Assi
7ca551b743 switched to jwt backed sessions 2024-02-16 10:00:54 -05:00