llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,024 Commits 27 Branches 1,251 Tags
Commit Graph

77 Commits

Author SHA1 Message Date
Yaodong Yu
e5a189e0f4
fix: remove isGlobalAdmin field in user (#2235) 
* refactor: remove isGlobalAdmin field in user

* fix: upload xlsx

* fix: remove field in account table
 2023-08-19 12:23:15 +08:00
Yaodong Yu
ea10f8e615
feat: make hard-coded authz adapter editable, rename adapter to ormer (#2149) 
* refactor: rename casbinAdapter to casdoorAdapter

* feat: add initEnforcer

* fix: router

* refactor: make hard-coded code configurable

* fix: data type

* feat: support sqlite3

* feat: disable delete and edit name for built in resources

* feat: optimize code

* fix: init

* fix: e2e

* fix: remove datasourcename

* fix: revert rename

* refactor: change all ORM's Adatper to Ormer

* refactor: name
 2023-07-29 15:07:04 +08:00
Yang Luo
a3b0f1fc74 feat: add owner to getUserByWechatId() 2023-06-21 21:29:53 +08:00
XDTD
cc456f265f
feat: fix LDAP user password checking logic in GetOAuthToken() (#1975) 2023-06-15 21:04:09 +08:00
yehong
02e692a300
feat: return most backend API errors to frontend (#1836) 
* feat: return most backend API errros to frontend

Signed-off-by: yehong <239859435@qq.com>

* refactor: reduce int type change

Signed-off-by: yehong <239859435@qq.com>

* feat: return err backend in token.go

Signed-off-by: yehong <239859435@qq.com>

---------

Signed-off-by: yehong <239859435@qq.com>
 2023-05-30 15:49:39 +08:00
XDTD
cb542ae46a
feat: fix org admin permissions (#1822) 2023-05-09 00:06:52 +08:00
Gucheng Wang
5280f872dc Speed up GetOAuthToken() 2023-03-27 14:05:44 +08:00
hsluoyz
117ee509cf
feat: fix name format in application login: GetClientCredentialsToken() (#1639) 2023-03-25 23:02:08 +08:00
June
dc7b66822d
feat: change token ExpiresIn to second (#1550) 2023-02-14 09:18:30 +08:00
Zayn Xie
9256791420
feat: app session control and db migrate (#1539) 
* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process (#1533)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process

* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process

* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process

---------

Co-authored-by: Zayn Xie <84443886+xiaoniuren99@users.noreply.github.com>

* fix: migrate err

* fix: migrate err

* feat: app session control and db migrate

* feat: app session control and db migrate

* feat: app session control and db migrate

---------

Co-authored-by: Zayn Xie <84443886+xiaoniuren99@users.noreply.github.com>
 2023-02-12 09:33:24 +08:00
June
6f7230e949
feat: support refresh token on GetOAuthToken (#1536) 2023-02-10 23:52:13 +08:00
Yaodong Yu
5d9b17542f
feat: end-user log out (#1356) 2023-01-17 22:57:05 +08:00
Gucheng Wang
a6e9084973 Remove duplicated i18n words 2023-01-06 20:12:32 +08:00
Gucheng Wang
f075d0fd74 Refactor out application.IsRedirectUriValid() 2022-12-21 00:35:33 +08:00
Liu
26acece8af
feat: add all other missing objects to init_data (#1407) 
* Add all other missing objects to init_data.json

* Format golang code

* feat: add all other missing objects to init_data

* feat: add all other missing objects to init_data
 2022-12-18 01:49:42 +08:00
Mr Forest
1bb3d2dea9
feat: refactor backend i18n (#1373) 
* fix: handle the dataSourceName when DB changes

* reduce duplication of code

* feat: refactor translation error message

* feat: use json intsead of ini file

* remove useless translation

* fix translate problems

* remove useless addition

* fix pr problems

* fix pr problems

* fix split problem

* use gofumpt to fmt code

* use crowdin to execute backend translation

* fix pr problems

* refactor: change translation file structure same as frontend

* delete useless output

* update go.mod
 2022-12-07 13:13:23 +08:00
Yaodong Yu
b337b908ea
feat: fix the bug that admin cannot upload avatar for other users (#1323) 2022-11-25 09:36:47 +08:00
Mr Forest
d86f3c88c7
feat: support i18n in backend err messages (#1232) 
* feat: support i18n in backend err messages

* use gofumpt to fmt code

* fix review problems

* support auto generate err message

* delete beego/i18n moudle

* fix Github action test problems

* fix review problems

* use gofumpt to format code

* use gofumpt to fmt code
 2022-10-23 15:16:24 +08:00
cofecatt
4c7f6fda37
fix: Add restriction to username when signing up (#1203) 2022-10-10 19:58:02 +08:00
conghuhu
a383af0ebc
feat: fix token info not contains roles and permissions (#1060) 
* fix: fix token info not contains roles and permissions

feat: remove repeated code for obtaining roles and permissions in user controller

* Update user.go

* Update user.go

* Update token.go

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2022-08-24 01:41:26 +08:00
Ryao
6676cc8ff3
fix: add JTI name to JWT token (#989) 
* feat: add jti to jwt

* fix

* fix
 2022-08-11 14:32:47 +08:00
Mikey
79119760f2
style: golint (#988) 2022-08-09 16:50:49 +08:00
Mikey
802995ed16
refactor: remove WeChat unionId to properties (#985) 2022-08-08 18:43:12 +08:00
q1anx1
2ea58cd639
chore(style): use gofumpt to fmt go code (#967) 2022-08-07 12:26:14 +08:00
aecra
f0431701c9
fix: fix OAuth error response (#835) 
* fix: fix OAuth error response

* fix: provide more detailed error messages for TokenError
 2022-07-01 14:53:34 +08:00
疯魔慕薇
a6a055cc83
Fix: ExpiresIn of token should be seconds. (#676) 
Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
 2022-04-18 10:57:51 +08:00
Yi Zhan
b92d03e2bb
feat: add wechat mini program support (#658) 
* feat: add wechat mini program support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: accept suggestions.

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error message and code level modification

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: simplify the use process

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-04-15 11:49:56 +08:00
Yi Zhan
9877174780
fix: add independent error message in token endpoint (#662) 
* fix: add independent error message in token endpoint

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: reduced use of variables

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error messages use the same variable

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-04-14 10:22:56 +08:00
Minh Ha
24459d852e
fix: comparing hashed password with plain text password during password grant (#627) 
* fix: use object.CheckPassword for password grant

* Apply suggestions from code review

fix: remove log per change request
 2022-03-30 00:37:38 +08:00
Yi Zhan
879ca6a488
fix: refresh_token api return old token (#623) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-27 23:10:05 +08:00
Yi Zhan
cd76e9372e
feat: delete the old token when refreshing token (#617) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-24 19:58:12 +08:00
Yixiang Zhao
8a9cc2eb8f
fix: change client_secret in refresh_token API as optional (#540) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-07 13:52:51 +08:00
Steve0x2a
1d0af9cf7b
fix: client_credentials' token miss some claims (#536) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-04 22:57:31 +08:00
Leon
178cf7945d
feat: improve token introspection endpoint (#534) 
* feat: add introspection endpoint to oidc discovery endpoint

* fix: let introspect endpoint handle formData as spec define.

Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-04 08:54:33 +08:00
Leon
ab5af979c8
feat: add Oauth 2.0 Token Introspection(rfc7662) endpoint support (#532) 
Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-03 17:48:47 +08:00
Steve0x2a
2a0dcd746f
feat: add token logout endpoint (#526) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 20:37:31 +08:00
Steve0x2a
22f5ad06ec
fix: Make secret optional when using PKCE (#525) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 13:15:14 +08:00
Steve0x2a
697b3e4998
feat: add implicit flow support (#520) 
* feat: add implicit flow support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: idp support in implicit flow

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-01 19:09:59 +08:00
Steve0x2a
2c97f8a8b7
feat: add two authentication flow types (#512) 
* feat: add two authentication flow types

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: delete implicit method

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: use a more appropriate name

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: apply suggestion

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: remove redundant code

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-27 14:05:07 +08:00
Steve0x2a
274096fe9d
fix: empty iss return (#503) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-18 12:36:11 +08:00
Gucheng Wang
db37f53d6c Update license headers. 2022-02-13 23:39:27 +08:00
Yang Luo
612b5f5c2e Improve message in GetOAuthToken(). 2022-02-08 20:52:20 +08:00
Steve0x2a
3c2f7b7fc8
feat: add protection against attacks (#460) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-29 00:32:57 +08:00
Gucheng Wang
479daf4fa4 Improve code format. 2022-01-28 17:45:41 +08:00
Steve0x2a
d129202b95
fix: no database check when using accessToken (#461) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-28 15:07:42 +08:00
Yixiang Zhao
5ec0c7a890
fix: fix the SQL injection vulnerability in field filter (#442) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-01-26 19:36:36 +08:00
Steve0x2a
051752340d
feat: add userinfo endpoint (#447) 
* feat: add userinfo endpoint

Signed-off-by: 0x2a <stevesough@gmail.com>

* feat: add scope support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: modify the endpoint of discovery

Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-26 11:56:01 +08:00
Steve0x2a
630b84f534
feat: add PKCE support (#434) 
* feat: add PKCE support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error output when challenge is empty

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-01-21 09:29:19 +08:00
Gucheng Wang
c22ab44894 Update import path. 2022-01-20 14:11:46 +08:00
Steve0x2a
ffc0a0e0d5
fix: refresh_token endpoint does not work (#410) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-01 15:20:49 +08:00