llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 12:30:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,790 Commits 28 Branches 1,286 Tags
af231bf9468e69721ff290bcf13e07bee5e29e27
Commit Graph

1235 Commits

Author SHA1 Message Date
Brian Yu
b1b6ebe692 feat(jwt): add azp claim to ID token (#3570) 
Added the `azp` (Authorized Party) claim to various JWT token structures
including Claims, ClaimsShort, ClaimsWithoutThirdIdp, and ClaimsStandard.
Updated the generateJwtToken and getClaimsCustom functions to handle the
new claim. This change aligns with the OpenID Connect specification.
 2025-02-10 20:44:44 +08:00
Yang Luo
a0931e4597 feat: add userTypes to Organization 2025-02-09 17:12:13 +08:00
Cutsin
b7a818e2d3 feat: support AirWallex payment provider (#3558) 
* feat: support AirWallex payment provider

* chore: add some information due to AirWallex's risk control policy
 2025-02-07 19:19:30 +08:00
hsluoyz
1600a6799a feat: return error for updateUsedByCode() 2025-02-05 13:40:41 +08:00
DacongDA
df295717f0 feat: can define what Casdoor pages an org admin can see via Organization.NavItems (#3539) 
* feat: support define what Casdoor pages an org admin can see

* feat: remove useless code

* fix: fix NavItemNodes i18next invalid

* fix: only global admin can edit navItems

* fix: move navItem tree to extra file
 2025-02-03 00:40:21 +08:00
DacongDA
e3001671a2 feat: fix bug that can not delete user if user doesn't belong to any group (#3544) 2025-02-02 17:54:05 +08:00
DacongDA
bbe2162e27 feat: fix bug in GetTokenByTokenValue() (#3541) 2025-01-30 00:48:20 +08:00
hsluoyz
bad21fb6bb feat: check empty password in CheckPassword() 2025-01-28 21:13:59 +08:00
DacongDA
a5a627f92e feat: optimize get-groups API and GroupListPage (#3518) 
* fix: optimize get-groups api and GroupListPage

* fix: fix linter issue
 2025-01-23 09:47:39 +08:00
DacongDA
9701818a6e feat: delete groups for user while deleting user (#3525) 2025-01-23 09:46:33 +08:00
DacongDA
06986fbd41 feat: fix theme filter for other URLs like SAML (#3523) 
* fix: fix error cause by theme filter

* fix: add saml url to theme filter and use getGetOwnerAndNameFromIdWithError instead of using GetOwnerAndNameFromId

* fix: fix code error

* fix: add support for cas and pack judgement into a function

* fix: fix linter err
 2025-01-22 19:12:12 +08:00
DacongDA
db551eb24a feat: LDAP user can reset password with old password and new password (#3516) 
* feat: support user reset password with old password and new password

* feat: merge similar code
 2025-01-20 21:42:05 +08:00
DacongDA
18b49bb731 feat: can reset LDAP password with different password encryption methods (#3513) 2025-01-20 20:00:23 +08:00
hsluoyz
17653888a3 feat: refactor the TestSmtpServer code 2025-01-20 03:17:09 +08:00
DacongDA
e28d90d0aa feat: support CUCloud SMN notification provider (#3502) 2025-01-17 08:35:31 +08:00
DacongDA
4fc7600865 feat: skip update user ranking if ranking not in accountItem (#3500) 2025-01-14 22:43:49 +08:00
Wind Li
19f62a461b feat: fix SAML's redirectUrl and POST ProtocolBinding (#3498) 2025-01-13 20:55:37 +08:00
hsluoyz
fcfb73af6e feat: increase org password field length to 200 2025-01-09 20:07:49 +08:00
hsluoyz
43bebc03b9 feat: fix crash in roleChangeTrigger() 2025-01-09 16:41:56 +08:00
Cutsin
3feb6ce84d feat: add Kwai OAuth provider (#3480) 
* feat: add Kwai OAuth provider

* fix: incorrect parameter in getAuthUrl
 2025-01-08 00:09:16 +08:00
DacongDA
1813e8e8c7 feat: return goroutine error in get-dashboard API (#3479) 2025-01-07 10:35:45 +08:00
DacongDA
e5a2057382 feat: fix empty scope bug in RefreshToken API (#3467) 
* fix: fix scope will be empty when user not passing scope in refresh api

* fix: promote code format
 2025-01-02 12:53:17 +08:00
DacongDA
888a6f2feb feat: add regex to restrict Email addresses in OAuth provider (#3465) 
* feat: support use regex expression to limit email receiver address

* feat: limit in correct pos

* feat: promote code format

* feat: promote code format

* fix: fix linter issue
 2025-01-02 00:00:57 +08:00
IZUMI-Zu
b57b64fc36 feat: add origin field for mfaAccountTable (#3463) 2024-12-29 22:51:21 +08:00
DacongDA
8927e08217 feat: speed up GetDashboard() by only fetching last 30 days data (#3458) 
* feat: only check 30 days data

* refactor: refactor GetDashboard to reduce code line

* refactor: refactor GetDashboard to reduce code line

* refactor: remove unused where

* fix: fix error code
 2024-12-29 16:15:52 +08:00
DacongDA
0636069584 feat: only fetch created_time field to reduce data size in get-dashboard API (#3457) 2024-12-28 23:52:19 +08:00
Yang Luo
4d0f73c84e feat: fix Casdoor OAuth provider doesn't use domain field bug 2024-12-28 10:01:56 +08:00
nano
acc6f3e887 feat: escape the avatal URL in CAS response (#3434) 2024-12-20 17:11:58 +08:00
Xin-Fax
185ab9750a feat: fix VerificationRecord.IsUsed JSON Field Mapping 2024-12-18 13:56:54 +08:00
Cliff
48adc050d6 feat: can pass empty user id on user update (#3443) 2024-12-18 07:56:44 +08:00
DacongDA
0cf281cac0 feat: fix record's password regex bug (#3421) 2024-12-11 08:43:03 +08:00
XIAOZHUOWU
7322f67ae0 feat: add model, adapter and enforcer to the dashboard page chart (#3413) 
* [feature] Add more data (Model, Adapter, Enforcer) to the dashboard page chart #3379

* feat: add model, adapter, enforcer to dashboard
 2024-12-09 16:07:39 +08:00
Xin-Fax
b927c6d7b4 feat: support LDAP's SetPassword (#3395) 
* fix: Resolve the issue mentioned in #3392

* fix: Change checkLdapUserPassword to CheckLdapUserPassword.

* fix: the issue mentioned by hsluoyz.

* fix: Check if the user parameter is nil

* fix: use existing i18n message
 2024-12-09 16:06:24 +08:00
DacongDA
6175fd6764 feat: make token_type_hint optional (#3397) 2024-12-04 20:10:15 +08:00
Xinyu Ge
2d1736f13a feat: Add more data to the dashboard page chart #3365 (#3375) 
* test

* feat: #3365 add more dada to the dashboard page chart

* feat: #3365 Add more data to the dashboard page chart
 2024-11-26 09:16:35 +08:00
Luckery
dff65eee20 feat: Force users to change their passwords after 3/6/12 months (#3352) 
* feat: Force users to change their passwords after 3/6/12 months

* feat: Check if the password has expired by using the last_change_password_time field added to the user table

* feat: Use the created_time field of the user table to aid password expiration checking

* feat: Rename variable
 2024-11-19 21:06:52 +08:00
DacongDA
3c5985a3c0 fix: fix several bugs in samlRequest (#3358) 2024-11-17 00:14:04 +08:00
DacongDA
96f8b3d937 feat: fix SAML metadata URL and XML generation issue when enablePostBinding is enabled (#3354) 2024-11-16 15:35:30 +08:00
Yang Luo
af01c4226a feat: add Organization.PasswordExpireDays field 2024-11-15 11:33:28 +08:00
Yang Luo
a439c5195d feat: get token only by hash now, remove get-by-value backward-compatible code 2024-11-13 17:04:27 +08:00
Yang Luo
ba2e997d54 feat: fix CheckUpdateUser() logic to fix add-user error 2024-11-06 08:34:13 +08:00
Luckery
0818de85d1 feat: fix username checks when organization.UseEmailAsUsername is enabled (#3329) 
* feat: Username support email format

* feat: Only fulfill the first requirement

* fix: Improve code robustness
 2024-11-05 20:38:47 +08:00
Yang Luo
1832de47db feat: fix bug in CheckEntryIp() 2024-11-03 20:00:52 +08:00
Cliff
f7559aa040 feat: set created time if not presented in AddUser() API (#3315) 2024-10-24 23:06:05 +08:00
DacongDA
c0800b7fb3 feat: add util.IsValidOrigin() to improve CORS filter (#3301) 
* fix: CORS check issue

* fix: promote format

* fix: promote format

* fix: promote format

* fix: promote format

* Update application.go

* Update cors_filter.go

* Update validation.go

---------

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2024-10-20 20:09:21 +08:00
DacongDA
95e8bdcd36 feat: add initDataNewOnly to app.conf to skip overriding existing data in initDataFromFile() (#3294) 
* feat: support control whether overwrite existing data during initDataFromFile

* feat: change conf var name

* feat: change conf var name
 2024-10-18 00:08:08 +08:00
liuaiolos
6f1f93725e feat: fix GetAllActions()'s bug (#3289) 2024-10-16 21:55:06 +08:00
Yang Luo
dde936e935 feat: fix null application crash in CheckEntryIp() 2024-10-15 22:11:15 +08:00
Yang Luo
fb561a98c8 feat: fix null user crash in RefreshToken() 2024-10-15 21:38:33 +08:00
ZhaoYP 2001
7cd8f030ee feat: support IP limitation for user entry pages (#3267) 
* feat: support IP limitation for user entry pages

* fix: error message, ip whiteList, check_entry_ip

* fix: perform checks on the backend

* fix: change the implementation of checking IpWhitelist

* fix: add entryIpCheck in SetPassword and remove it from VerifyCode

* fix: remove additional error message pop-ups

* fix: add isRestricted and show ip error in EntryPage.js

* fix: error message

* Update auth.go

* Update check_ip.go

* Update check_ip.go

* fix: update return value of the check function from string to error

* fix: remoteAddress position

* fix: IP whitelist

* fix: clientIp

* fix:add util.GetClientIpFromRequest

* fix: remove duplicate IP and port separation codes and remove extra special characters after clientIp

* fix: gofumpt

* fix: getIpInfo and localhost

---------

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2024-10-15 20:40:14 +08:00