Patch 2025 10 18 01 #12
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added simple form validation for email and string length.
Added OIDC login based on Google. This implementation allows users to authenticate using their Google accounts, enhancing security and user convenience. Placed here so it can be shared across multiple application.
Added a new erryor type `UnauthorizedError` to handle unauthorized access attempts in the backend package.
b01
force-pushed
the
patch-2025-10-18-01
branch
from
305f050 to
fcbb55b
Compare
www/backend package, the ServiceManager Get method returned an error for
the interface{} and nil for the error. This commit fixes the return
values.
In the backend/template.go file, I noticed that several methods were missing their doc blocks. To enhance code clarity I duplicated the info into the interface.
Some messages had been swapped.
b01
force-pushed
the
patch-2025-10-18-01
branch
from
9171efd to
4fff258
Compare
GPG encryption and signing for user login data.
This tool can be applied to any project that needs to handle GPG-encrypted messages. It provides functions to using existing keys to encrypt or decrypt messages.
Added a description and summary.
More testing the login packages request handlers and authentication flows.
Added a light account management handler to the backend.
Just updated the formate and move hardcoded text around.
Updated to make more sense for their context.
b01
force-pushed
the
patch-2025-10-18-01
branch
2 times, most recently
from
3a4cbed to
86599fb
Compare
Added the Public varaible Suffix to add a suffix to the session file. Defaults to ".json".
b01
force-pushed
the
patch-2025-10-18-01
branch
from
86599fb to
885d66e
Compare
Removed session/tm/test-01 generate file from this repo.
The bucket storage object had a context set to canel in 10 seconds, which was too short. You also could not set it in the New method for initializing a bucket as storage. The only work-a-round was to initialize it then set the duration on the structure returned. This commit allows you to set it as paramter in its new function, though it breaks the current API, this is going in as a fix instead of a breaking change; As it was easy to miss and resulted unexpected behavior for developers.
The context was getting cancelled immediately because of using defer with cancel. This has been replace with the background context for now.
Removed from the www package the GetContextWithTimeout function, as it is was too simple and did not warrant its own function. The function simply created a context with a timeout, which can be done directly where needed. BREAKING CHANGE: Code that used GetContextWithTimeout must now create contexts with timeouts directly using context.WithTimeout.
This is the first draft of the backend package account and device management features. It includes the implementation of account instantiation and storage, along with device registration with the account.
Update the session ID generation to use UUID version 7. Before it used uuid.NewString function, which may not default to UUIDv7.
Resolved an issue where the backend package was not properly setting account information when making a new account. BREAKING CHANGE: Rename Publick Constants Contants that were meant to be used as a prefix where renamed the word "Prefix" at the beginning of the variable name.
Removed this package as it is no longer needed. Its functionality has replaced with storage.BucketStorage.
Added the ability to remove items from storage and sessions, enhancing data management capabilities.
Added more information in the README.md showing an example of the BucketStorage. Also refactored some code for bucket and local storage.
Some variables meant to be public were mistakenly declared constants. This commit changes them to variables to allow for dynamic assignment.
Saving google login info error on too many parameters.
To allows setting private fields.
This PrefixLogin constant is no longer needed. BREAKING CHANGE: Removed Public Constant PrefixLogin
Change to 0774 by default when writing to storage.
Updated sso dependency to allow passing in the device ID and session ID to the Google provider.
Removed Device field from account struct and updated related logic.
Needed the latest development version of Kohirens sso package.
The version of the sso package is more tested and considered stable.
golang.org/x/crypto Vulnerable to Denial of Service (DoS) via Slow or Incomplete Key. Upgraded to more secure version.
Develop a naming convention/pattern for pull services out the application.
Change the mothod on the capsule to use a byte array instead of a string.
Refactoed how login information is stored and retrieved to improve security and maintainability.
Using the inccorect variable when the account could not be looked up. This can be avoided in the future by seprating account lookup and registration logic.
Update NewWithDefaults function to panic on error. Not methods that initialize the backend call a method to load the GPG key for the app.
Storage was not set on the application itself. Causing errors if anything from the application tried to reference storage.
The method to have the applcition is now public so that it can be called when all requirements are met.
Added missing LoadGPG method to the test mock.
The callback outputs more details as it goes through the process of handling the Google login callback. This will help debug any future issues quickly.
Some calls to log methods were missing the first parameter which should be a string representing a template for the log message. This caused build warnings about missing arguments "non-constant format string in call". This commit adds the missing string parameters to the log calls to resolve the warnings and ensure that the log messages are properly formatted.
Further encode the encrypted value cookie for more obfuscation.
Renamed constant CallbackRedirect to LoginRedirect. This made more sense seeing that its purpose is to know where to redirect a client after login.
Updated the login package to handle adding a new device to the user's login information when they log in from a device that hasn't been previously recognized. This prevents them getting sent to an internal error page for a scenario that is not an error.
Needed to make tmp/accounts directories successfully during tests.
b01
force-pushed
the
patch-2025-10-18-01
branch
from
b143f2a to
26bdb64
Compare
RenderFiles and LoadFiles uses template.ParseFiles to load templates. Which allows loading multiple template files via list and support nested templates. This allows for better organization of templates and reuse of common components.
b01
force-pushed
the
patch-2025-10-18-01
branch
from
26bdb64 to
78480d3
Compare
Upgraded to Kohirens stdlib version 6.1.0.
Upgrade to latest development patch.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.