lundberg/porchlight
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Commit graph

  • aff22eb2f4
         dev config main Johan Lundberg 2026-06-29 09:23:33 +02:00
  • 8e8c33a407
         reference RP Johan Lundberg 2026-06-29 09:23:22 +02:00
  • 850240ab97
         more agent config, mostly about beads Johan Lundberg 2026-06-29 09:22:50 +02:00
  • 8143db5aea
         implement ACCR aware authentications Johan Lundberg 2026-06-29 09:19:52 +02:00
  • 7d06d747d6
         add config file to compose Johan Lundberg 2026-06-29 09:18:51 +02:00
  • dbbc99abd9
         update CLAUDE.md Johan Lundberg 2026-06-29 09:18:37 +02:00
  • 8e45aae006
         ignore beads and dolt Johan Lundberg 2026-06-29 09:18:07 +02:00
  • b284cf596b
         fix(oidc): return 400 instead of 500 on bad token requests Johan Lundberg 2026-06-10 14:37:01 +02:00
  • 3c5451b9c2
         fix(csrf): replay request body consumed during token validation Johan Lundberg 2026-06-10 13:05:18 +02:00
  • 27763d19ea
         fix(security): don't mint new ID tokens on refresh; confirm offline_access gating Johan Lundberg 2026-06-10 09:25:49 +02:00
  • 519e3659a1
         feat(security): add baseline security-header middleware Johan Lundberg 2026-06-10 08:53:49 +02:00
  • c7550cbf09
         fix(security): lock down signing-key file permissions Johan Lundberg 2026-06-08 15:21:27 +02:00
  • cba63280fb
         fix(security): set an explicit session cookie lifetime Johan Lundberg 2026-06-08 10:26:57 +02:00
  • cf2754f302
         fix(security): require a configured session secret in production Johan Lundberg 2026-06-05 14:12:54 +02:00
  • c175633980
         fix(security): POST WebAuthn login-begin; render JS errors as text Johan Lundberg 2026-06-05 14:04:24 +02:00
  • 1571706d21
         fix(security): reject WebAuthn signature-counter rollback Johan Lundberg 2026-06-05 13:53:10 +02:00
  • f03d509eb4
         fix(security): enforce globally-unique WebAuthn credential_id Johan Lundberg 2026-06-05 13:51:09 +02:00
  • 0f04a7daf9
         feat(security): make WebAuthn user verification configurable Johan Lundberg 2026-06-05 13:48:27 +02:00
  • baef5e0e2e
         fix(security): require CSRF-protected POST to consume a registration link Johan Lundberg 2026-06-05 13:40:30 +02:00
  • efb265a68b
         fix(security): make rate-limit client IP proxy-aware Johan Lundberg 2026-06-05 13:35:29 +02:00
  • aedb451128
         fix(security): prevent removing the last active admin Johan Lundberg 2026-06-05 13:31:39 +02:00
  • e54764cda9
         fix(security): guard admin credential deletion against lockout Johan Lundberg 2026-06-05 13:27:00 +02:00
  • 1bb76899a5
         fix(security): make self-service last-credential guard atomic Johan Lundberg 2026-06-04 15:00:08 +02:00
  • 407db57279
         fix(security): reset session on login to prevent fixation Johan Lundberg 2026-06-04 14:23:08 +02:00
  • 7c4dbf2cd9
         fix(security): escape error text in OIDC error pages Johan Lundberg 2026-06-04 11:06:08 +02:00
  • 71a7c23bdd
         fix(security): verify S256 PKCE when relying parties use it Johan Lundberg 2026-06-04 11:00:30 +02:00
  • faeecaed59
         fix(security): invite links must not log in accounts with credentials Johan Lundberg 2026-06-04 10:51:01 +02:00
  • e4eb539e3f
         fix(security): consume magic-link tokens atomically Johan Lundberg 2026-06-04 10:46:38 +02:00
  • 91a2277664
         fix(security): store only a hash of magic-link tokens Johan Lundberg 2026-06-04 10:36:18 +02:00
  • cdde3e3754
         fix(security): reject consent scopes outside the original request Johan Lundberg 2026-06-04 10:26:55 +02:00
  • c52778326e
         fix(security): escape user input in validation error HTML Johan Lundberg 2026-06-04 10:23:32 +02:00
  • 437ad59658
         feat: add Profile link to admin nav Johan Lundberg 2026-06-04 09:53:13 +02:00
  • 3cbae6255b
         fix: prevent admin user table from overflowing its card Johan Lundberg 2026-06-04 09:39:25 +02:00
  • 2fc2bdcabb
         test: allow disabling rate limiting for e2e runs Johan Lundberg 2026-06-03 16:32:32 +02:00
  • bcfe3a2a15
         fix: keep password form visible on validation error Johan Lundberg 2026-06-03 16:22:01 +02:00
  • fb133f9cba
         add uncommitted plans and CLAUDE.md Johan Lundberg 2026-04-10 11:28:51 +02:00
  • 6b4cbdc152
         clean up Johan Lundberg 2026-04-10 11:28:08 +02:00
  • 01e3382aaf
         fix: resolve all ruff lint errors and type checker warnings Johan Lundberg 2026-03-31 15:48:46 +02:00
  • 2b652ff603
         added ruff config Johan Lundberg 2026-03-31 15:40:37 +02:00
  • 2745471412
         fix: narrow type for PasswordChange to satisfy type checker Johan Lundberg 2026-03-31 15:37:52 +02:00
  • d7cdedbd5f
         style: apply ruff formatting to new files Johan Lundberg 2026-03-31 15:36:08 +02:00
  • a65af90320
         feat: require current password when changing password, add zxcvbn strength check Johan Lundberg 2026-03-31 15:34:43 +02:00
  • 72a93984f2
         feat: wire validation models into admin routes and deduplicate error handling Johan Lundberg 2026-03-31 15:34:28 +02:00
  • 56c177c817
         fix: add CSRF tokens to admin forms and HTML5 validation hints Johan Lundberg 2026-03-31 15:24:16 +02:00
  • d4acb46cf5
         feat: add rate limiting middleware for authentication endpoints Johan Lundberg 2026-03-31 15:23:51 +02:00
  • 23ca6272a2
         fix: block inactive users from all authentication paths Johan Lundberg 2026-03-31 15:18:51 +02:00
  • aff6ddb99b
         feat: add validation models (locale, username, groups, password) and error helper Johan Lundberg 2026-03-31 15:18:24 +02:00
  • 2f8cca3f41
         build: add slowapi and zxcvbn dependencies Johan Lundberg 2026-03-25 13:46:55 +01:00
  • 2dfa3f3bff
         test: add profile validation e2e tests and fix pre-existing failures Johan Lundberg 2026-03-16 10:00:46 +01:00
  • 752bf87b7c
         style: apply ruff SIM108 ternary to validation error handling Johan Lundberg 2026-03-13 20:46:12 +01:00
  • 86deb56524
         style: add E.164 format hint to phone number inputs Johan Lundberg 2026-03-13 20:44:30 +01:00
  • 7bfea306ab
         refactor: use shared ProfileUpdate validation in admin routes Johan Lundberg 2026-03-13 20:40:05 +01:00
  • 5fd63d61ff
         feat: wire ProfileUpdate validation into manage profile route Johan Lundberg 2026-03-10 14:01:47 +01:00
  • 3cbf7cda5f
         test: add e2e tests for logout buttons in admin and manage nav bars Johan Lundberg 2026-03-10 10:50:44 +01:00
  • b9bb848d5e
         update .gitignore Johan Lundberg 2026-03-10 09:00:11 +01:00
  • a52bb2eef7
         chore: stop tracking data/keys/public_jwks.json Johan Lundberg 2026-02-20 15:44:18 +01:00
  • db94294d6d
         feat: add logout buttons to admin and manage navigation bars Johan Lundberg 2026-02-20 15:41:45 +01:00
  • 7c9e426bb8
         feat: add ProfileUpdate pydantic model with email and phone validation Johan Lundberg 2026-02-20 15:21:28 +01:00
  • 428c17c4e3
         build: add pydantic-extra-types[phonenumbers] dependency Johan Lundberg 2026-02-20 15:06:26 +01:00
  • d696c91d95
         docs: add profile validation implementation plan Johan Lundberg 2026-02-20 15:05:00 +01:00
  • 1dfd89c7c3
         add Makefile Johan Lundberg 2026-02-20 15:04:04 +01:00
  • a5198148a3
         make output from cli commands easier to read Johan Lundberg 2026-02-20 15:03:45 +01:00
  • dc84881c87
         replace check.sh with Makefile Johan Lundberg 2026-02-20 15:03:20 +01:00
  • a3d4ac1bfd
         docs: add profile form validation design Johan Lundberg 2026-02-20 15:01:55 +01:00
  • 0435b81c5a
         feat: add landing page at / with navigation links Johan Lundberg 2026-02-19 15:38:09 +01:00
  • cedf2a65e2
         fix: add session_https_only to dev config and update README Johan Lundberg 2026-02-19 15:10:37 +01:00
  • 4242f1a40f
         style: update logo and favicon with new pentagon house design Johan Lundberg 2026-02-19 15:03:31 +01:00
  • befcef9395
         fix: add CSRF token handling to admin tests after merge Johan Lundberg 2026-02-19 15:02:51 +01:00
  • 33a61ecc2a
         Merge branch 'feature/admin-pages' Johan Lundberg 2026-02-19 14:36:48 +01:00
  • 34450aa38f
         style: fix import sort order in app.py Johan Lundberg 2026-02-19 14:33:57 +01:00
  • 5a24a9c70b
         test: add E2E tests for admin pages Johan Lundberg 2026-02-19 14:31:41 +01:00
  • 1054feb534
         fix: reorder imports and use ty-compatible type suppression Johan Lundberg 2026-02-19 14:29:01 +01:00
  • 7ad794170d
         feat: show admin link in manage nav for admin users Johan Lundberg 2026-02-19 14:20:57 +01:00
  • f648422227
         test: update all tests to include CSRF tokens Johan Lundberg 2026-02-19 14:19:47 +01:00
  • 186be17b97
         test: add comprehensive unit tests for admin routes Johan Lundberg 2026-02-19 14:01:39 +01:00
  • 9e5773f52f
         feat: add CSRF tokens to templates and JS fetch calls Johan Lundberg 2026-02-19 14:03:34 +01:00
  • 3975d5ce88
         feat: add admin action routes (profile, groups, activate, credentials, invite, delete) Johan Lundberg 2026-02-19 13:47:36 +01:00
  • d1f2b39cb6
         feat: wire CSRF middleware and harden session cookie Johan Lundberg 2026-02-19 13:45:58 +01:00
  • 2b8d3e9800
         feat: add admin user detail page with profile, groups, credentials, and actions Johan Lundberg 2026-02-19 13:44:14 +01:00
  • b5ea9950a2
         fix: use frozenset for SAFE_METHODS and extract SESSION_KEY constant Johan Lundberg 2026-02-19 13:42:18 +01:00
  • 6a9e32f74d
         feat: add admin invite creation endpoint Johan Lundberg 2026-02-19 13:36:11 +01:00
  • f93290d43e
         feat: add CSRF middleware with synchronizer token pattern Johan Lundberg 2026-02-19 13:26:33 +01:00
  • 1a795914f9
         feat: add admin user list page with search and pagination Johan Lundberg 2026-02-19 11:35:25 +01:00
  • b1291c801e
         docs: add CSRF protection implementation plan Johan Lundberg 2026-02-19 11:32:51 +01:00
  • f2d669d705
         feat: add admin base template and CSS styles Johan Lundberg 2026-02-19 11:30:35 +01:00
  • 94c14af8cc
         docs: add CSRF protection design document Johan Lundberg 2026-02-19 11:29:19 +01:00
  • dd1f85d8d3
         feat: add admin router with admin group guard Johan Lundberg 2026-02-19 11:18:50 +01:00
  • be35c17fa5
         Merge branch 'feature/consent-screen' Johan Lundberg 2026-02-19 11:16:51 +01:00
  • 3b1c145e31
         fix: add type annotation to approved_scopes for type checker Johan Lundberg 2026-02-19 11:16:01 +01:00
  • b8464284c2
         test: update existing tests to handle consent step Johan Lundberg 2026-02-19 11:13:11 +01:00
  • 078892a413
         fix: validate consent action and add error check after re-parse Johan Lundberg 2026-02-19 11:09:14 +01:00
  • 7e9eeb1339
         feat: add search_users and count_users to user repository Johan Lundberg 2026-02-19 11:00:47 +01:00
  • 5c4269fd6e
         feat: add consent page template Johan Lundberg 2026-02-19 09:52:45 +01:00
  • 1d8fd91f68
         feat: add consent check to authorization flow Johan Lundberg 2026-02-19 09:47:59 +01:00
  • 9ccc6c885f
         feat: add Consent model, migration, and repository Johan Lundberg 2026-02-18 14:41:32 +01:00
  • b22dabbbb0
         Merge branch 'feature/profile-page' Johan Lundberg 2026-02-18 14:38:53 +01:00
  • 8a610a0cd6
         feat: add self-service profile page with manage navigation Johan Lundberg 2026-02-18 14:35:17 +01:00
  • 16f3e039d9
         docs: add consent screen design Johan Lundberg 2026-02-18 13:50:56 +01:00
  • 404fcac4dd
         Merge branch 'feature/config-file' Johan Lundberg 2026-02-18 13:09:58 +01:00
  • 64f8c1936b
         refactor: fix lint warnings and remove stale type: ignore comments Johan Lundberg 2026-02-18 13:08:03 +01:00