me/gin-gonic-prepack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
21 Commits 1 Branch 0 Tags
d2dcd8c94b533b5a3223ec7a2c68be26400aa61d
Commit Graph

10 Commits

Author SHA1 Message Date
🐙PiperYxzzy
65c9309f43 Simple rate-limiting added 2022-05-04 20:36:35 +02:00
🐙PiperYxzzy
c190ac9c0d Admin create & login working 2022-05-03 19:09:38 +02:00
🐙PiperYxzzy
66c35e7e4a Adding admin creation, conf and other items 
* Config now added, accessible via config.Config
* Admin can now be generated via a randomized URL if there are no admins
in the system
* Added a shared floor to login attempts to block enumeration attacks
 2022-05-03 18:52:01 +02:00
🐙PiperYxzzy
3c1970698b Adding documentation 2022-05-01 22:57:21 +02:00
🐙PiperYxzzy
dbdd4cb650 Adding Live 2fa capacity 
* Some requests may be sensitive enough to require a secondary
two-factor authorization on the spot
* Examples: changing password, changing email address, viewing API
tokens etc
* This creates a core handler that can attach to any Auth-able method
which will require a "twofactorcode" query param before processing
 2022-05-01 22:34:07 +02:00
🐙PiperYxzzy
6e7b30be0a Added test suites for all current models 2022-05-01 20:49:03 +02:00
🐙PiperYxzzy
6c567cd58c Verify and password reset 
* Users can now request a password reset and reset with their token
 2022-05-01 19:20:47 +02:00
🐙PiperYxzzy
5903d52755 Restrict the cookie to the /adm and /sec paths appropriately 2022-05-01 13:37:01 +02:00
🐙PiperYxzzy
0af09dcc01 Fix signup risk of enumeration to test emails 
* Now, if a known email is used, it will still return the same result
* If a known email is used, we will ping the email address to know that
there was a signup attempt
 2022-05-01 13:25:09 +02:00
🐙PiperYxzzy
8ab45e2401 Login, JWT and auth overstructure 
* Signup -> Login -> JWT-Doot flow now works for users
* Administrators cannot currently sign up for obvious reasons
* Segmented the main.go methods into a core controller package
 2022-05-01 12:31:41 +02:00