coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
43 Commits 5 Branches 0 Tags
05eb0922282119a1b1bae88f889cd983ad119799
Commit Graph

26 Commits

Author SHA1 Message Date
JamesBhattarai 05eb092228 Fix: DB Migration 2026-03-31 12:33:56 +05:45
JamesBhattarai a7915c9328 Fix: SSH key verification — accept raw armor + base64, clearer error messages 2026-03-22 16:06:14 +05:45
JamesBhattarai f334000da3 Feat: Implemented SUDO Department & API Key, CA Serial 2026-03-22 16:06:12 +05:45
JamesBhattarai ff976ee1cc Fix: Serial uniqueness 2026-03-22 16:05:52 +05:45
JamesBhattarai 7492c40668 Fix: Admin Expiry Hours 2026-03-22 16:05:52 +05:45
nexgen_mirrors 1789590167 feat(zerotier): add ZeroTier network governance module 
Add comprehensive ZeroTier integration for managing network access:

- Portal networks: manager-created ZeroTier network bindings
- Device registration: user-owned ZeroTier node endpoints
- Approval workflows: request/approve/revoke network access
- Activation sessions: time-limited network authorization
- Kill switch: emergency access revocation
- Reconciliation job: sync portal state with ZeroTier controller

Includes ZeroTier client SDK supporting both Central and self-hosted
controller APIs, with full CRUD operations for networks and members.
 2026-03-20 21:50:20 +10:30
JamesBhattarai cc9dc5064e Fix: Migration 
oidc_jwks_keys table doesn't exist
uix_org_provider_type constraint multiple use
transaction abort/never rolled back
 2026-03-05 11:35:09 +05:45
JamesBhattarai 7cb522b590 Feat(Chore, Fix): Refractor, Half Baked Deletion + Admin Privilege 
Refractor Codes into sub file/folders
Admin can remove users'/members mfa/2fa, unlink account from  oauth provider
Admin can  add/reset password
Different Email (OIDC + Manual)-Same Account; (Block Linking and authorize if available)
 2026-03-04 18:49:04 +05:45
JamesBhattarai ea1bacc794 Fix: Deletion Deadlocks (Owner, User) 2026-03-03 23:22:50 +05:45
JamesBhattarai 34f2dc070c Fix: CA host Sign via web 2026-03-03 18:02:45 +05:45
JamesBhattarai 5250d18eb0 Fix(Feat): CA, Audits, Rte Limit 
CA Encryption, Serials, Rate Limiter, Account suspension blocks login
Transfer Ownership & Delete Account
 2026-03-02 23:53:51 +05:45
JamesBhattarai be87fd90b1 Feat(Fix): CA manage Host/User Key 2026-03-01 20:42:48 +05:45
JamesBhattarai 9875216861 Feat(Fix): User & Org Setup Initial (Invite + Create on own) & Fix: User Suspension 2026-03-01 20:42:48 +05:45
JamesBhattarai a0d4e59c24 Feat(Chore): Verify Flow, Invites, Suspend, Depart Cert Policy 
feat: add password reset and email verification flow
feat: add org invite listing, cancellation, and invite link fallback
feat: add user suspend/unsuspend with audit logging
feat: add department certificate policy (expiry, extensions)
feat: enforce dept cert policy on SSH certificate signing
feat: wire up OIDC consent and token flow (replace mocks)
feat: rework CLI auth bridge to use frontend login flow
feat: add admin OAuth provider management (CRUD)
chore: refactor model import paths after module reorganisation
chore: clean up config, decorators, and dev tooling
 2026-03-01 20:42:48 +05:45
JamesBhattarai 07193a2d2e Chore: Refractor Models into organized file/folder 2026-03-01 20:42:48 +05:45
JamesBhattarai e79c584c50 Feat(Fix): Key Timezone, Expiry, Depart Link 2026-02-28 23:48:07 +05:45
JamesBhattarai b2212ab4d6 Feat: Added CA-merged with Securid-Principals, Depart, Client-CLI 2026-02-27 21:59:01 +05:45
JamesBhattarai 92fd57447d Chore(Feat): added principal,depart RBAC 2026-02-27 10:03:05 +05:45
JamesBhattarai 1ba5738d52 Feat: OIDC UI bridge, Microsoft SSO,, and schema session flaws 
- OAuth Callback to Use Gatehouse UI to login instead of Backend Served dull ui
- Setup Autoregister of user + org, on oauth
- Microsoft Oauth Support
- OIDCRefreshToken.access_token_id  had a narrow Column increased to VAR(255) and remove FK to sessions.id which had no use
- client_id and client.id mismatch ,backup-code consumption
 2026-02-26 23:18:31 +05:45
coryHawkvelt ae2421763a google login works 2026-01-21 03:09:46 +10:30
coryHawkvelt 4cf4a27c9a can link google accounts! 2026-01-20 15:54:00 +10:30
coryHawkvelt 900722d695 Force mfa if enabled at login 2026-01-16 17:51:04 +10:30
coryHawkvelt d063a0ca81 enable policies 2026-01-16 17:31:20 +10:30
coryHawkvelt b2e084db33 fix(webauthn): ensure provider_data JSON changes are detected by SQLAlchemy 
Add flag_modified() calls after modifying provider_data dictionary to
explicitly mark the field as changed. SQLAlchemy does not automatically
track mutations to JSON fields, which could result in changes not being
persisted to the database.
 2026-01-16 11:34:40 +10:30
coryHawkvelt af0281281a web authn working! 2026-01-16 11:25:27 +10:30
coryHawkvelt 2c0aaf484b move app to gatehouse-app 2026-01-15 03:40:29 +10:30