rommapp/romm
1
0
Fork 0
mirror of https://github.com/rommapp/romm.git synced 2026-02-18 00:27:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,317 Commits 29 Branches 168 Tags
3c4113f8a8a6e79bd45cd14d0df124a504ddba97
Commit Graph

76 Commits

Author SHA1 Message Date
Michael Manganiello
e4e3928d1b misc: Apply import sorting 2025-09-04 11:17:00 -03:00
Michael Manganiello
ba21cbc1e1 misc: Separate tests folder from backend code 
Create separate `tests/` folder for all tests. This will also simplify
not copying tests code into the Docker image.
 2025-08-08 12:49:13 -03:00
Georges-Antoine Assi
8ce943a514 use fastapi status 2025-08-02 22:17:07 -04:00
Georges-Antoine Assi
8061db40b2 fix tests and cleanup 2025-08-02 17:55:43 -04:00
Georges-Antoine Assi
9079954a3c fix tests 2025-07-19 22:27:05 -04:00
Georges-Antoine Assi
d9f97ee510 replace assert with explicit checks 2025-07-19 22:17:57 -04:00
Michael Manganiello
252722e3bc misc: Apply pyupgrade changes for Python 3.12 compatibility 
Command applied:
```
find ./backend/ -type f -name "*.py" -exec pyupgrade --py312-plus {} \;
```
 2025-06-29 12:27:16 -03:00
zurdi
7d27e368f1 feat: add SESSION_MAX_AGE_SECONDS configuration for session middleware 2025-06-13 12:54:31 +00:00
mjmfighter
c709b8ae2e fix: correct user creation logic in OpenIDHandler 2025-05-21 23:07:53 -05:00
zurdi
0d09f510de feat: implement invite link creation with role assignment and user registration 2025-05-13 22:28:46 +00:00
zurdi
1c7f8fff88 feat: add InviteLink dialog and update invite link handling in user table 2025-05-13 17:52:33 +00:00
zurdi
500ff5e67f add: endpoint to generate invite link token 2025-05-13 17:40:07 +00:00
zurdi
1103700d00 feat: implement one-time use for password reset tokens with Redis 2025-05-13 09:36:14 +00:00
zurdi
d27f4d626b feat: Reset forgotten password added 2025-05-13 09:35:53 +00:00
zurdi
14761c2c83 refactor: enhance logging with highlighted output for improved readability 2025-05-09 09:05:59 +00:00
Georges-Antoine Assi
0f8d51193a kiosk mode allows viewing without auth 2025-02-07 00:18:52 -05:00
Georges-Antoine Assi
6c95a03746 Read-only kiosk mode for viewers 2025-02-06 09:04:41 -05:00
Georges-Antoine Assi
8e5d4cdcb5 disable pyright 2025-01-26 11:29:33 -05:00
Georges-Antoine Assi
2859ac04c8 fix pyright issues 2025-01-26 10:57:27 -05:00
Georges-Antoine Assi
a35701396c Merge branch 'master' into rom-hashing-background-task 2025-01-25 23:30:15 -05:00
Georges-Antoine Assi
6927a976df improved check 2025-01-22 18:55:57 -05:00
Georges-Antoine Assi
0bc093996f [ROMM-1505] Skip CSRF checks when request has Authorization header 2025-01-20 19:10:08 -05:00
Georges-Antoine Assi
696a1c6122 Merge branch 'master' into rom-hashing-background-task 2025-01-15 21:51:23 -05:00
Michael Manganiello
8c8cd759d9 misc: Add tests 2025-01-09 01:48:14 -03:00
Michael Manganiello
7fedaca59a fix: Improve OIDC email verified check 
The OIDC email verified check now fails if the email is explicitly
unverified, or if the `email_verified` claim is supported and the email
is not explicitly verified.

Previously, the OIDC implementation failed for any OIDC provider that
did not include the `email_verified` claim in the userinfo response.
Providers like Synology do not include this claim, so the check always
failed with error "Email is not verified."

I haven't found a formal specification for the `email_verified` claim,
and how it should be handled, but this implementation should be more
robust and work with more OIDC providers.

Fixes #1446.
 2025-01-09 00:55:20 -03:00
Michael Manganiello
865370ec13 misc: Move auth constants to separate file 
This simplifies avoiding circular imports when trying to use auth
handlers.
 2025-01-08 22:16:31 -03:00
Georges-Antoine Assi
4473b6e498 fix formatting and tests 2024-12-28 10:11:36 -05:00
Anthony Uk
d96f11d56f Fix preferred_username 2024-12-28 07:11:23 +01:00
Anthony Uk
920aee5095 Rework OIDC base_handler 2024-12-28 07:05:29 +01:00
Georges-Antoine Assi
84813bd962 Merge branch 'master' into rom-hashing-background-task 2024-12-27 12:02:04 -05:00
zurdi
f6673dd707 fix: Use preferred_username for new user creation instead of email prefix 2024-12-27 15:43:37 +00:00
zurdi
ff03d8e125 refactor: Remove OIDC_CREATE_USER configuration and generate an uuid in a OIDC created user password 2024-12-27 14:49:23 +00:00
zurdi
ffbebc2f46 fix: Rename CREATE_OIDC_USER to OIDC_CREATE_USER for consistency 2024-12-27 12:32:49 +00:00
zurdi
e52ebcbc5a feat: Add CREATE_OIDC_USER configuration to enable automatic user creation 2024-12-27 12:04:49 +00:00
Georges-Antoine Assi
dbb3b6083b only json() once 2024-12-23 14:03:24 -05:00
Georges-Antoine Assi
8332c7b27b fetch jwks_url from server metadata endppoint 2024-12-23 09:34:38 -05:00
Georges-Antoine Assi
c9bc15c100 fix auth tests 2024-12-22 14:17:12 -05:00
Georges-Antoine Assi
7bde4aee70 complete the rst of the files 2024-12-20 23:45:25 -05:00
Georges-Antoine Assi
37db255328 refactor oidc handler and fix tests 2024-12-18 10:49:45 -05:00
Georges-Antoine Assi
34d49e6494 changes from self review 2024-12-13 11:33:39 -05:00
Georges-Antoine Assi
2d5bc34e9c add tests for oidc handler 2024-12-12 17:37:30 -05:00
Georges-Antoine Assi
82ac766c9e oidc login using email 2024-12-12 10:08:27 -05:00
Georges-Antoine Assi
0e2866f0f5 dont setup OIDC if disabled 2024-12-11 23:20:21 -05:00
Georges-Antoine Assi
cae4089ccf add email field 2024-12-09 19:57:13 -05:00
Georges-Antoine Assi
b7dac4743a Merge branch 'master' into openid-connect 2024-12-07 22:19:24 -05:00
Zurdi
219145e000 Update middleware based on review 2024-12-02 18:56:58 +01:00
zurdi
caa24433b1 refactor: improve user authentication handling without requesting to database 2024-12-02 15:37:13 +00:00
zurdi
44afc718a6 refactor: check user existence only for /api/heartbeat endpoint 2024-12-02 15:09:36 +00:00
zurdi
bf41d9ff05 fixed total crash on a fresh installation having session cookies from previous installation 2024-11-28 12:30:13 +00:00
Georges-Antoine Assi
1866cfdbae revert one oauth to oidc change 2024-11-27 23:39:53 -05:00