All notable changes to this project will be documented in this file.
- fixed IP address logging upon authentication to log the real client IP
- fixed JS/CSS caching problems with browsers
- /login route now redirects to a callback URL instead of returning a 200 status code when the user is already authenticated
- updated dependencies (including an update to TypeScript 5 and Golang 1.20.x). this also should fix some security vulnerabilities with golang.org/x/net
- performance optimization to mitigate argon2 performance hit
- added 'show password' functionality in the login form
- improved logging: application logs to 'auth.log' and 'app.log' now
- fixed long Docker container shutdown time
- fixed bug where any TOTP input was rejected
- Docker support
- support for HTTPS/TLS
- password parameter removed from user creation to avoid bash/zsh entries with plain text passwords
- expired cookies are automatically deleted from the database and cache now
- check for existing (LDAP) users before user creation
- updated security (argon2 is being used instead of bcrypt now)
- implemented cache for better performance
- cookie lifetime and secure attribute is now customizable in config.ini
- upon cookie expiration, the user will get a notice in the frontend now
- updated Go to version 1.19
- updated Go dependencies
- updated Node.js dependencies
- fixed an issue with the libc-dependency in the binaries, that prevented the application from running on older libc versions
- added /whoami API endpoint
- added LDAP support with go-ldap/ldap
- added Google reCAPTCHA v2 support for login form
- added TOTP support with pquerna/otp
- added QRencode support to display generated TOTP secrets in terminal
- changed/improved frontend form validation
- remove associated user cookies upon user deletion
- improved cookie security
- initial MVP implementation
- implemented frontend login form
- implemented authentication cookie
- implemented data persistence with etcd-io/bbolt
- implemented configuration parsing with go-ini/ini
- implemented webserver with gin-gonic/gin
- implemented CLI with urfave/cli