coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
116 Commits 5 Branches 0 Tags
a02669118adaf6fb57f66ffc8882e65c81115f04
Commit Graph

5 Commits

Author SHA1 Message Date
coryHawkvelt 63a3109a82 oidc-client mk1 2026-04-27 02:44:32 +09:30
coryHawkvelt 60799bbc52 fix(cors): handle wildcard origin with credentials and add unit tests 
- Refactor CORS middleware to echo request origin when wildcard + credentials
  is configured (browsers reject Access-Control-Allow-Origin: * with
  Access-Control-Allow-Credentials: true)
- Add _is_origin_allowed() and _cors_origin_header() helpers
- Use CORS_SUPPORTS_CREDENTIALS config consistently
- Ensure consistent Access-Control-Allow-Headers in all CORS paths
- Fix redirect validation in get_token() to allow wildcard CORS origins
- Add 46 unit tests covering encryption round-trips, idempotency, key
  derivation, thread safety, CORS origin matching, and preflight responses
 2026-04-26 01:12:39 +09:30
JamesBhattarai a0d4e59c24 Feat(Chore): Verify Flow, Invites, Suspend, Depart Cert Policy 
feat: add password reset and email verification flow
feat: add org invite listing, cancellation, and invite link fallback
feat: add user suspend/unsuspend with audit logging
feat: add department certificate policy (expiry, extensions)
feat: enforce dept cert policy on SSH certificate signing
feat: wire up OIDC consent and token flow (replace mocks)
feat: rework CLI auth bridge to use frontend login flow
feat: add admin OAuth provider management (CRUD)
chore: refactor model import paths after module reorganisation
chore: clean up config, decorators, and dev tooling
 2026-03-01 20:42:48 +05:45
coryHawkvelt af0281281a web authn working! 2026-01-16 11:25:27 +10:30
coryHawkvelt 2c0aaf484b move app to gatehouse-app 2026-01-15 03:40:29 +10:30