llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-02 11:20:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,778 Commits 28 Branches 1,283 Tags
09f98fd24a612df5d738eb5dfac88dd93adeb924
Commit Graph

715 Commits

Author SHA1 Message Date
DacongDA
4e17dae2c2 feat: fix unable to remove user from group bug (#3847) 2025-05-28 22:29:40 +08:00
DacongDA
0ad4d82d9c feat: fix GetGroups() API bug when parentGroup is in next page (#3843) 2025-05-28 18:31:52 +08:00
DacongDA
9190db1099 feat: fix bug that token endpoint doesn't return 400/401 when type is object.TokenError (#3808) 2025-05-20 10:39:55 +08:00
DacongDA
1173f75794 feat: return HTTP status 400 instead of 200 in GetOAuthToken() (#3807) 2025-05-20 01:05:43 +08:00
DacongDA
521f90a603 feat: fix access_token endpoint cannot read clientId in form when using device code flow (#3800) 2025-05-17 18:53:38 +08:00
DacongDA
f8f864c5b9 feat: add logged-in IDP provider info to access token (#3776) 2025-05-11 09:51:51 +08:00
DacongDA
383bf44391 feat: support OIDC device flow: "/api/device-auth" (#3757) 2025-04-30 23:42:26 +08:00
Gabriel Brecci
fc618b9bd5 feat: add validation for optional fields in IntrospectionToken for custom token types (#3717) 2025-04-09 22:27:19 +08:00
Gabriel Brecci
77ef5828dd feat(introspection): return correct active status for expired or revoked tokens (#3716) 2025-04-09 02:00:30 +08:00
DacongDA
c11f013e04 feat: return "Active: false" for expired token in IntrospectToken() (#3714) 2025-04-08 23:20:44 +08:00
WindSpiritSR
952538916d feat: check application existence in object.AddUser() (#3686) 2025-04-05 16:38:20 +08:00
Eng Zer Jun
18bb445e71 feat: update github.com/golang-jwt/jwt dependency to v5 (#3708) 2025-04-05 02:05:41 +08:00
DacongDA
cca88e2cb0 feat: fix bug that when email/sms mfa is not preferred, message will send to masked address (#3705) 2025-04-04 01:08:29 +08:00
DacongDA
b6f943e326 feat: support WebAuthn login without username and upgrade Go to 1.21 (#3695) 2025-04-01 16:35:59 +08:00
DacongDA
e55cd94298 feat: fix issue that user email is still unverified after signup (#3685) 2025-03-29 21:24:01 +08:00
WindSpiritSR
08f7a05e61 feat: fix MFA + LDAP bug in /check-user-password API (#3681) 2025-03-26 22:11:58 +08:00
DacongDA
141372cb86 feat: support face ID provider (#3666) 2025-03-19 22:57:35 +08:00
Anton Berezhnyi
3e7938e5f6 feat: don't panic when provider not found in Login() API (#3659) 2025-03-13 21:35:51 +08:00
DacongDA
85ca318e2f feat: can assign default group during signup (#3633) 2025-03-02 22:55:51 +08:00
WindSpiritSR
5692522ee0 feat: update user language when the language changed on login page (#3628) 2025-03-01 22:28:20 +08:00
hsluoyz
cb1882e589 feat: fix MFA bug, revert PR: "feat: don't send verification code if failed signin limit is reached" (#3627) 2025-03-01 12:58:28 +08:00
Cliff
f2e3037bc5 feat: don't send verification code if failed signin limit is reached (#3616) 2025-02-26 22:34:14 +08:00
Yang Luo
f8d44e2dca feat: set default CountryCode for user 2025-02-14 16:54:25 +08:00
DacongDA
9c39179849 feat: fix bug that user forbidden check will be skipped in OAuth login (#3580) 2025-02-13 13:14:44 +08:00
Coki
5661942175 feat: add CLI version cache and proxy support (#3565) 
* feat: add CLI version cache mechanism

* feat: add /api/refresh-engines to allowed endpoints in demo mode

* feat: add proxy support for cli downloader

* feat: add SafeGoroutine for CLIDownloader initialization

* refactor: optimize code structure
 2025-02-08 19:34:19 +08:00
Coki
7f9f7c6468 feat: add CLI tools auto-downloader and updater (#3559) 
* feat: add CLI downloader feature

* feat: add CLI refresh endpoint and scheduler

* feat: improve binary names mapping for different platforms and architectures

* fix: format binary names in getBinaryNames function

* fix: change file permission notation to octal in cli_downloader.go

* feat: add isDemoMode check for CLI downloader features
 2025-02-07 19:22:56 +08:00
hsluoyz
b3526de675 feat: add checkOrgMasterVerificationCode() 2025-02-06 23:46:22 +08:00
DacongDA
df295717f0 feat: can define what Casdoor pages an org admin can see via Organization.NavItems (#3539) 
* feat: support define what Casdoor pages an org admin can see

* feat: remove useless code

* fix: fix NavItemNodes i18next invalid

* fix: only global admin can edit navItems

* fix: move navItem tree to extra file
 2025-02-03 00:40:21 +08:00
Coki
92b5ce3722 feat: add identifier validation for security in RunCasbinCommand (#3535) 
* feat: add identifier validation for security in RunCasbinCommand

* refactor: update identifier validation to use SHA-256 hash and timestamp
 2025-01-29 18:30:06 +08:00
DacongDA
558b168477 feat: can verify OTP during OAuth login (#3531) 
* feat: support verify OTP during OAuth login

* fix: fail to login if mfa not enable

* fix: fail to login if mfa not enable

* fix: fix mfaRequired not valid in saml/auth
 2025-01-27 19:37:26 +08:00
DacongDA
a5a627f92e feat: optimize get-groups API and GroupListPage (#3518) 
* fix: optimize get-groups api and GroupListPage

* fix: fix linter issue
 2025-01-23 09:47:39 +08:00
hsluoyz
3d12ac8dc2 feat: improve HandleScim() 2025-01-22 16:15:19 +08:00
DacongDA
e1b3b0ac6a feat: allow user use other mfaType in mfa step and skip redundant MFA verification (#3499) 
* feat: allow user use other mfaType in mfa step and skip redundant MFA verification

* feat: improve format
 2025-01-21 20:16:18 +08:00
DacongDA
db551eb24a feat: LDAP user can reset password with old password and new password (#3516) 
* feat: support user reset password with old password and new password

* feat: merge similar code
 2025-01-20 21:42:05 +08:00
hsluoyz
17653888a3 feat: refactor the TestSmtpServer code 2025-01-20 03:17:09 +08:00
DacongDA
b96fa2a995 feat: skip GetUserCount() if there is no quota limit (#3491) 2025-01-10 22:28:25 +08:00
DacongDA
888a6f2feb feat: add regex to restrict Email addresses in OAuth provider (#3465) 
* feat: support use regex expression to limit email receiver address

* feat: limit in correct pos

* feat: promote code format

* feat: promote code format

* fix: fix linter issue
 2025-01-02 00:00:57 +08:00
Xin-Fax
b927c6d7b4 feat: support LDAP's SetPassword (#3395) 
* fix: Resolve the issue mentioned in #3392

* fix: Change checkLdapUserPassword to CheckLdapUserPassword.

* fix: the issue mentioned by hsluoyz.

* fix: Check if the user parameter is nil

* fix: use existing i18n message
 2024-12-09 16:06:24 +08:00
DacongDA
1d21c3fa90 feat: fix issue that introspectionResponse uses Bearer instead of raw tokenType (#3399) 2024-12-05 20:59:30 +08:00
DacongDA
6175fd6764 feat: make token_type_hint optional (#3397) 2024-12-04 20:10:15 +08:00
DacongDA
d522247552 feat: fix countryCode param bug in MFA login (#3384) 2024-11-29 21:46:06 +08:00
DacongDA
fe40910e3b feat: support stateless MFA setup (#3382) 2024-11-29 19:50:10 +08:00
Luckery
dff65eee20 feat: Force users to change their passwords after 3/6/12 months (#3352) 
* feat: Force users to change their passwords after 3/6/12 months

* feat: Check if the password has expired by using the last_change_password_time field added to the user table

* feat: Use the created_time field of the user table to aid password expiration checking

* feat: Rename variable
 2024-11-19 21:06:52 +08:00
Yang Luo
7ab5a5ade1 feat: add processArgsToTempFiles() to RunCasbinCommand() 2024-11-15 20:25:48 +08:00
Yang Luo
5cbd0a96ca Use json format for argString in RunCasbinCommand() 2024-11-15 18:27:25 +08:00
Yang Luo
7ccd8c4d4f feat: add RunCasbinCommand() API 2024-11-15 17:44:57 +08:00
ZhaoYP 2001
b0fa3fc484 feat: add Casbin CLI API to Casdoor (#3351) 2024-11-15 16:10:22 +08:00
Yang Luo
457c6098a4 feat: fix MFA empty CountryCode bug and show MFA error better in frontend 2024-11-04 16:17:24 +08:00
Cliff
69d26d5c21 feat: add-user/update-user API should check if username/id/email/phone has duplicated with existing user (#3295) 2024-10-18 22:18:37 +08:00
DacongDA
94e6b5ecb8 feat: fix bug in SetPassword() API (#3296) 2024-10-18 20:50:43 +08:00