This website requires JavaScript.
Explore
Help
Sign In
dkam
/
clinch
Watch
1
Star
0
Fork
0
You've already forked clinch
Code
Issues
4
Pull Requests
Actions
Packages
Projects
Releases
Wiki
Activity
Files
9d402fcd9252ffc87a52cd7ab85ad607584b1af5
clinch
/
app
/
controllers
History
Dan Milne
9d402fcd92
Some checks failed
CI / scan_ruby (push)
Has been cancelled
Details
CI / scan_js (push)
Has been cancelled
Details
CI / lint (push)
Has been cancelled
Details
CI / test (push)
Has been cancelled
Details
CI / system-test (push)
Has been cancelled
Details
Clean up and secure web_authn controller
2025-12-31 11:44:11 +11:00
..
admin
PKCE is now default enabled. You can now create public / no-secret apps OIDC apps
2025-12-31 09:22:18 +11:00
api
Default deny forward_auth requests
2025-12-30 16:04:01 +11:00
concerns
Improve some front end views. More descriptive error condition reporting. Updates to CLINCH_HOST for better WEBAUTHN
2025-11-12 16:24:05 +11:00
active_sessions_controller.rb
Add backchannel logout, per application logout.
2025-11-27 16:38:27 +11:00
application_controller.rb
Bug fix for domain names with empty string instead of null. Form errors and some security fixes
2025-11-09 12:22:41 +11:00
dashboard_controller.rb
Fix CSP errors - migrate inline JS to stimulus controllers. Add a URL for applications so users can discover them
2025-11-04 17:06:53 +11:00
invitations_controller.rb
More tests
2025-10-28 08:27:19 +11:00
oidc_controller.rb
Add rails encryption for totp - allow configuration of encryption secrets from env, or derive them from SECRET_KEY_BASE. Don't leak email address via web_authn, rate limit web_authn, escape oidc state value, require password for changing email address, allow settings the hmac secret for token prefix generation
2025-12-31 10:33:56 +11:00
passwords_controller.rb
Add OIDC fixes, add prefered_username, add application-user claims
2025-11-25 16:29:40 +11:00
profiles_controller.rb
Add rails encryption for totp - allow configuration of encryption secrets from env, or derive them from SECRET_KEY_BASE. Don't leak email address via web_authn, rate limit web_authn, escape oidc state value, require password for changing email address, allow settings the hmac secret for token prefix generation
2025-12-31 10:33:56 +11:00
sessions_controller.rb
Add backchannel logout, per application logout.
2025-11-27 16:38:27 +11:00
totp_controller.rb
Add pairwise SID with a UUIDv4, a significatant upgrade over User.id.to_s. Complete allowing admin to enforce TOTP per user
2025-11-23 11:16:06 +11:00
users_controller.rb
User registation working. Sidebar built. Dashboard built. TOTP enable works - TOTP login works
2025-10-23 18:07:27 +11:00
webauthn_controller.rb
Clean up and secure web_authn controller
2025-12-31 11:44:11 +11:00
