Replace remaining SECUIRD_API reference with config.api.baseUrl in
LoginPage.tsx. This fixes the 'SECUIRD_API is not defined' error
when accessing /login?cli_token=... during CLI authentication flow.
Replace inline SECUIRD_API constant definitions with imported config
module across all auth pages. This consolidates API URL configuration
into a single source of truth.
Simplify OAuth login and account linking by removing the redirect_uri
parameter from initiateLogin and initiateLink functions. The backend
now handles callback URL construction internally.
Add comprehensive marketing content for ZeroTier Network Governance feature
including a dedicated landing page, navigation updates, and feature highlights
across the homepage and features page.
- Add new ZeroTierPage with feature documentation and use cases
- Add ZeroTier to navigation in MarketingLayout header and footer
- Update HomePage hero headline and add ZeroTier feature section
- Add ZeroTier features section to FeaturesPage
- Add ScrollToTop component for better navigation UX
- Move ApiDevTools to AuthenticatedLayout (dev mode only)
- Add SSR tests for marketing pages
- Update SSHCertificatesPage comparison table for clarity
- Add documentation link to MarketingLayout footer
Add signUrl property to config for CLI sign URL without /api/v1 suffix.
Update CLIGuidePage to use config.signUrl instead of hardcoded URL.
Update .env.example and add .swarm/ to .gitignore.
Add containerization support for production deployment:
- Multi-stage Dockerfile using Bun for build and nginx for serving
- docker-compose.yml for container orchestration
- nginx.conf with gzip compression, caching headers, and security headers
Add comprehensive marketing website with landing page, features, pricing,
demo, SSH certificates, and security pages. Update index.html with enhanced
SEO metadata, Open Graph tags, and structured data for the Secuird brand.
Add comprehensive ZeroTier integration and access control:
- NetworksPage for managing ZeroTier portal networks
- DevicesPage for device registration and membership management
- AccessPage for approval workflows, session management, and kill switch
- Complete API client with TypeScript types for ZeroTier entities
- Navigation updates with ZeroTier section in sidebar
Added OIDC Web Page Flow
Admin can add/reset password
Admin can remove users'/members mfa/2fa, unlink account from oauth provider
Chore: Text changes (Forgot Pass, CA)
Add ensureValidRpId helper to validate and correct rp.id for WebAuthn
operations, preventing authentication failures when the configured rp.id
doesn't match the current hostname. Also add OAuthProvider type and fix
type casting in LoginPage.
- Store authentication tokens explicitly before setting user state in login
and TOTP verification flows to prevent race conditions
- Add 'credentials: include' to WebAuthn endpoints for proper session
cookie handling
- Add comprehensive debug logging throughout authentication flow to trace
token lifecycle and API requests
- Update WebAuthn completeLogin to use fetch directly instead of request
helper to properly handle session cookies
- Add allowedHosts configuration to Vite dev server
Ensure Authorization header is preserved and credentials are included across all API calls after login by updating the global request flow to always include the auth token and cookies, preventing API requests from failing due to missing authentication.
X-Lovable-Edit-ID: edt-e27762ef-c64c-401b-9944-0d5bcb8ea624
Ensure fetch requests always include credentials to maintain session cookies after login and TOTP flows.
X-Lovable-Edit-ID: edt-bd4a695e-663c-4919-a238-aa222a5c0609
Enhance login and security UI with WebAuthn passkey support:
- Implement WebAuthn API integration for registration, login, and credential management.
- Wire up begin/complete registration and login flows, including credential handling and status checks.
- Extend API client with webauthn endpoints, status, and credential management; adjust token handling for 401s.
- Update Login and Security pages to support passkey enrollment, removal, and display of passkeys.
- Add WebAuthn utilities and adjust existing components to work with new flows.
X-Lovable-Edit-ID: edt-5876d103-501a-44d9-b117-e671b9995451
HawkveltGiteaAdmin
JamesBhattarai
nexgen_mirrors
coryHawkvelt
gpt-engineer-app[bot]