dkam/clinch
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
4d1bc1ab66dbb749cc553ba997105439de8545bf
clinch/config/routes.rb
Dan Milne ddcb297c74
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details
Add comprhensive csp polices and reporting endpoint. Add environment support require for protecting against rebinding attacks on ip addresses
2025-10-29 15:37:53 +11:00

84 lines
2.7 KiB
Ruby
Raw Blame History

Rails.application.routes.draw do
resource :session
resources :passwords, param: :token
resources :invitations, param: :token, only: [:show, :update]
mount ActionCable.server => "/cable"
# Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html
# Reveal health status on /up that returns 200 if the app boots with no exceptions, otherwise 500.
# Can be used by load balancers and uptime monitors to verify that the app is live.
get "up" => "rails/health#show", as: :rails_health_check
# Authentication routes
get "/signup", to: "users#new", as: :signup
post "/signup", to: "users#create"
get "/signin", to: "sessions#new", as: :signin
post "/signin", to: "sessions#create"
delete "/signout", to: "sessions#destroy", as: :signout
get "/totp-verification", to: "sessions#verify_totp", as: :totp_verification
post "/totp-verification", to: "sessions#verify_totp"
# OIDC (OpenID Connect) routes
get "/.well-known/openid-configuration", to: "oidc#discovery"
get "/.well-known/jwks.json", to: "oidc#jwks"
get "/oauth/authorize", to: "oidc#authorize"
post "/oauth/authorize/consent", to: "oidc#consent", as: :oauth_consent
post "/oauth/token", to: "oidc#token"
get "/oauth/userinfo", to: "oidc#userinfo"
get "/logout", to: "oidc#logout"
# ForwardAuth / Trusted Header SSO
namespace :api do
get "/verify", to: "forward_auth#verify"
post "/csp-violation-report", to: "csp#violation_report"
end
# Authenticated routes
root "dashboard#index"
resource :profile, only: [:show, :update] do
member do
delete :revoke_consent
delete :revoke_all_consents
end
end
resources :sessions, only: [] do
member do
delete :destroy, action: :destroy_other
end
end
# TOTP (2FA) routes
get '/totp/new', to: 'totp#new', as: :new_totp
post '/totp', to: 'totp#create', as: :totp
delete '/totp', to: 'totp#destroy'
get '/totp/backup_codes', to: 'totp#backup_codes', as: :backup_codes_totp
post '/totp/verify_password', to: 'totp#verify_password', as: :verify_password_totp
# Admin routes
namespace :admin do
root "dashboard#index"
resources :users do
member do
post :resend_invitation
end
end
resources :applications do
member do
post :regenerate_credentials
get :roles
post :create_role
patch :update_role
post :assign_role
post :remove_role
end
end
resources :groups
resources :forward_auth_rules
end
# Render dynamic PWA files from app/views/pwa/* (remember to link manifest in application.html.erb)
# get "manifest" => "rails/pwa#manifest", as: :pwa_manifest
# get "service-worker" => "rails/pwa#service_worker", as: :pwa_service_worker
end
Reference in New Issue View Git Blame Copy Permalink