f75a54cd1e
feat: Support x-forwarded-for headers for IPs ( #4684 )
...
* feat: Support x-forwarded-for headers for IPs
Fixes #4430 .
* Fix realip accepting headers
* Fix unused headers
2022-10-23 13:21:49 -05:00
423ac04156
coderd: tighten /login rate limiting ( #4432 )
...
* coderd: tighten /login rate limit
* coderd: add Bypass rate limit header
2022-10-20 17:01:23 +00:00
d0b1c36d51
fix: prevent refreshing tokens that don't exist ( #4661 )
...
- When logging in with Google OIDC refresh tokens are not
provided unless explicitly asked for. This PR updates
the logic to avoid attempting to refresh the token if
a refresh token does not exist.
A session should only be dependent on a valid Coder API
key, the state of its OAuth token (beyond initial authentication)
should be irrelevant.
2022-10-20 00:25:57 -05:00
3cb2d52a08
fix: issue with token auth ( #4483 )
2022-10-11 15:58:28 +00:00
6deef06ad2
feat: secure and cross-domain subdomain-based proxying ( #4136 )
...
Co-authored-by: Kyle Carberry <kyle@carberry.com >
2022-09-22 22:30:32 +00:00
5de6f86959
feat: trace httpapi.{Read,Write} ( #4134 )
2022-09-21 17:07:00 -05:00
29d804e692
feat: add API key scopes and application_connect scope ( #4067 )
2022-09-19 17:39:02 +00:00
9b5ee8f267
feat: Implement (but not enforce) CSRF for FE requests ( #3786 )
...
Future work is to enforce CSRF
Co-authored-by: Presley Pizzo <presley@coder.com >
2022-09-13 15:26:46 -04:00
c3eea98db0
fix: use unique ID for linked accounts ( #3441 )
...
- move OAuth-related fields off of api_keys into a new user_links table
- restrict users to single form of login
- process updates to user email/usernames for OIDC
- added a login_type column to users
2022-08-17 18:00:53 -05:00
7e9819f2a8
ref: move httpapi.Reponse into codersdk ( #2954 )
2022-07-12 19:15:02 -05:00
2c89e07e12
fix: Redirect to login when unauthenticated and requesting a workspace app ( #2903 )
...
Fixes #2884 .
2022-07-11 13:46:01 -05:00
4851d932c4
fix: Split host and port before storing IP ( #2594 )
...
The IP was always nil prior, and this fixes the test to
check for that as well!
2022-06-26 21:22:03 +00:00
b7eeb436ad
feat: Add ip_address to API keys ( #2580 )
...
Fixes #2561 .
2022-06-22 17:32:21 +00:00
af401e3fe1
chore: Linter rule for properly formatted api errors ( #2123 )
...
* chore: Linter rule for properly formatted api errors
* Add omitempty to 'Detail' field
2022-06-07 14:33:06 +00:00
26a2a169df
fix: Suspended users cannot authenticate ( #1849 )
...
* fix: Suspended users cannot authenticate
- Merge roles and apikey extract httpmw
- Add member account to make dev
- feat: UI Shows suspended error logging into suspended account
- change 'active' route to 'activate'
2022-05-31 08:06:42 -05:00
0706c60445
chore: Add watch workspace endpoint ( #1493 )
2022-05-18 16:16:26 -05:00
7496c3da81
feat: Add GitHub OAuth ( #1050 )
...
* Initial oauth
* Add Github authentication
* Add AuthMethods endpoint
* Add frontend
* Rename basic authentication to password
* Add flags for configuring GitHub auth
* Remove name from API keys
* Fix authmethods in test
* Add stories and display auth methods error
2022-04-23 22:58:57 +00:00
591523a078
chore: Move httpapi, httpmw, & database into coderd ( #568 )
...
* chore: Move httpmw to /coderd directory
httpmw is specific to coderd and should be scoped under coderd
* chore: Move httpapi to /coderd directory
httpapi is specific to coderd and should be scoped under coderd
* chore: Move database to /coderd directory
database is specific to coderd and should be scoped under coderd
* chore: Update codecov & gitattributes for generated files
* chore: Update Makefile
2022-03-25 16:07:45 -05:00
Kyle Carberry