Steven Masley
9b5ee8f267
feat: Implement (but not enforce) CSRF for FE requests ( #3786 )
...
Future work is to enforce CSRF
Co-authored-by: Presley Pizzo <presley@coder.com>
2022-09-13 15:26:46 -04:00
Steven Masley
9ab437d6e2
feat: Add serving applications on subdomains and port-based proxying ( #3753 )
...
Co-authored-by: Dean Sheather <dean@deansheather.com>
2022-09-14 03:31:33 +10:00
Jon Ayers
053fe6ff61
feat: add panic recovery middleware ( #3687 )
2022-08-29 17:00:52 -05:00
Kyle Carberry
c3f946737c
fix: Strip session_token cookie from app proxy requests ( #3528 )
...
Fixes coder/security#1 .
2022-08-17 17:09:45 +00:00
Mathias Fredriksson
c0cc8b9935
fix: Improve friendly validation error messages ( #3390 )
...
* fix: Add validations to `(*codersdk.Error).Friendly`
* fix: Add named validators for template and workspace name
2022-08-09 14:25:23 +03:00
Kyle Carberry
3d0febdd90
feat: Add OIDC authentication ( #3314 )
...
* feat: Add OIDC authentication
* Extract username into a separate package and add OIDC tests
* Add test case for invalid tokens
* Add test case for username as email
* Add OIDC to the frontend
* Improve comments from self-review
* Add authentication docs
* Add telemetry
* Update docs/install/auth.md
Co-authored-by: Ammar Bandukwala <ammar@ammar.io>
* Update docs/install/auth.md
Co-authored-by: Ammar Bandukwala <ammar@ammar.io>
* Remove username package
Co-authored-by: Ammar Bandukwala <ammar@ammar.io>
2022-07-31 23:05:35 -05:00
Jon Ayers
7e9819f2a8
ref: move httpapi.Reponse into codersdk ( #2954 )
2022-07-12 19:15:02 -05:00
Abhineet Jain
90815e5119
feat: improve Users filter API ( #2645 )
2022-06-24 23:55:28 +00:00
Steven Masley
d21ab2115d
feat: Backend api for filtering users using filter query string ( #2553 )
...
* User search query string
2022-06-24 10:02:23 -05:00
Steven Masley
251316751e
feat: Return more 404s vs 403s ( #2194 )
...
* feat: Return more 404s vs 403s
* Return vague 404 in all cases
2022-06-14 10:14:05 -05:00
Steven Masley
dc1de58857
feat: workspace filter query supported in backend ( #2232 )
...
* feat: add support for template in workspace filter
* feat: Implement workspace search filter to support names
* Use new query param parser for pagination fields
* Remove excessive calls, use filters on a single query
Co-authored-by: Garrett <garrett@coder.com>
2022-06-14 08:46:33 -05:00
Steven Masley
af401e3fe1
chore: Linter rule for properly formatted api errors ( #2123 )
...
* chore: Linter rule for properly formatted api errors
* Add omitempty to 'Detail' field
2022-06-07 14:33:06 +00:00
Presley Pizzo
6d966963da
refactor: rename errors to validations ( #2105 )
...
* Update validation error unpacking
* Rename validations on backend
* Format
2022-06-07 09:31:15 -04:00
Steven Masley
c9a4642a12
chore: Update BE http errors to be ui friendly ( #1994 )
...
* chore: More UI friendly errors
Mainly capitlization + messages prefix error
2022-06-03 21:48:09 +00:00
Abhineet Jain
9929189c45
feat: add tag and value in validation error details ( #1760 )
...
* add tag and value in validation error details
* fix unit tests and linter
* add quotes around value
* fix unit tests
2022-05-27 10:13:13 -04:00
Steven Masley
4ad5ac2d4a
feat: Rbac more coderd endpoints, unit test to confirm ( #1437 )
...
* feat: Enforce authorize call on all endpoints
- Make 'request()' exported for running custom requests
* Rbac users endpoints
* 401 -> 403
2022-05-17 13:43:19 -05:00
Bruno Quaresma
3311c2f65d
refactor: replace Code by Detail in the http API error ( #1011 )
2022-04-18 11:02:54 -05:00
Garrett Delfosse
d9d4599ba9
chore: idea: unify http responses further ( #941 )
2022-04-12 10:17:33 -05:00
Colin Adler
dc46ff407b
fix: ensure websocket close messages are truncated to 123 bytes ( #779 )
...
It's possible for websocket close messages to be too long, which cause
them to silently fail without a proper close message. See error below:
```
2022-03-31 17:08:34.862 [INFO] (stdlib) <close_notjs.go:72> "2022/03/31 17:08:34 websocket: failed to marshal close frame: reason string max is 123 but got \"insert provisioner daemon:Cannot encode []database.ProvisionerType into oid 19098 - []database.ProvisionerType must implement Encoder or be converted to a string\" with length 161"
```
2022-04-01 18:17:45 +00:00
Steven Masley
591523a078
chore: Move httpapi, httpmw, & database into `coderd` ( #568 )
...
* chore: Move httpmw to /coderd directory
httpmw is specific to coderd and should be scoped under coderd
* chore: Move httpapi to /coderd directory
httpapi is specific to coderd and should be scoped under coderd
* chore: Move database to /coderd directory
database is specific to coderd and should be scoped under coderd
* chore: Update codecov & gitattributes for generated files
* chore: Update Makefile
2022-03-25 16:07:45 -05:00