ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2026-06-26 12:20:36 +02:00
Code Issues Packages Releases Activity
2,823 Commits 7 Branches 18 Tags
feat/33-use-cc-also-for-server-side-monitoring
Commit Graph

35 Commits

Author SHA1 Message Date
moebiusband 83d04dff17 feat(auth): replace .env/godotenv secret handling with config-based secrets 
Secrets (JWT keys, LDAP sync password, OIDC client id/secret, cross-login
keys) are now configured directly in config.json under the auth section
where they are used. Each secret can still be supplied via its existing
environment variable, which takes precedence over the config value.

The godotenv dependency, the .env file, configs/env-template.txt and the
loadEnvironment() bootstrap step are removed. -init now writes the demo
JWT keys into config.json instead of a .env file.

Closes #283

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: 3a7cb814c53f
 2026-06-17 12:28:17 +02:00
moebiusband 1d4c79c821 Unify JSON attribute naming ot use kebab style case. Cleanup configuration. 2026-01-20 09:47:13 +01:00
moebiusband 2ebab1e2e2 Reformat with gofumpt 2026-01-13 09:50:57 +01:00
moebiusband 8576ae458d Switch to cc-lib v2 2025-12-24 09:24:18 +01:00
moebiusband 340efd7926 Refactor auth package 
Fix security issues
Remove redundant code
Add documentation
Add units tests
 2025-11-19 16:54:01 +01:00
moebiusband 4fc78bc382 Refactor variable namings and doc comments 2025-09-27 09:27:36 +02:00
moebiusband 0754ba5292 Port configuration to ccConfig scheme 
Decentralize config validation
Modularize configuration handling
 2025-07-07 13:09:12 +02:00
moebiusband 639e1b9c6d Port to cc-lib. Extend legal header. 2025-06-30 12:06:35 +02:00
moebiusband fb8bbea99d Remove year in copyright notice 2024-04-11 23:04:30 +02:00
moebiusband 1e5f2944cf Upgrade dependencies. Port to jwt-auth v5. 2024-03-21 22:02:59 +01:00
moebiusband 32b0c8bdd7 Refactor and cleanup Auth configuration 2023-08-18 10:43:06 +02:00
moebiusband 56d559fdd7 Fix bug with jwt max-age option 2023-08-18 09:19:30 +02:00
moebiusband cfcf939339 Add config to jwt again 2023-08-18 08:57:56 +02:00
moebiusband d51be5c308 Formatting and minor fixes 2023-08-18 08:49:25 +02:00
moebiusband 15231bc683 Cleanup and adapt to new structure 2023-08-17 12:34:30 +02:00
moebiusband 87ce4f63d4 Refactor auth module 
Separate parts
Add user repository
Add user schema
 2023-08-17 10:29:00 +02:00
moebiusband 4a2afc7a5a Add LDAPSyncOnLogin option 
Cleanup
Extend docs
Remove obsolete Expiration attribute
 2023-08-14 12:40:21 +02:00
moebiusband 19d645f65c Readd URL token and cleanup 
Fix session values.
 2023-08-12 09:02:41 +02:00
moebiusband b8273a9b02 refactor auth module 
Restructure module
Separate JWT auth variants
Cleanup code
Fixes #189
 2023-08-11 10:00:23 +02:00
moebiusband 04e8279ae4 Change log level for JWT Cross login warning to debug 2023-07-19 09:04:27 +02:00
moebiusband df9fd77d06 Refactor auth and add docs 
Cleanup and reformat
 2023-07-05 09:50:44 +02:00
Christoph Kluge f37e7c26f6 Rework roles as enum, change AuthSource to enum 2023-03-06 11:44:38 +01:00
Christoph Kluge a885e69125 Adapt loglevel for logs, shorten strings, fix formats, streamline 
- Switched to Warn for most errors, reduces bloat, improves log control
 2023-02-01 11:58:27 +01:00
Christoph Kluge b77bd078e5 Add log messages to error events w/o log message, primaryly error level 
- "log spam" to be controlled via loglevel flag on startup
 2023-01-31 18:28:44 +01:00
Christoph Kluge 79a949b55e Rework pkg/log, add 'loglevel' and 'logdate' flags, streamline 
- removes some previously added manual location strings: now handled by pkg/log depending on loglevel
- kept manual string locations on fmt print functions
- add 'notice' and 'critical' loglevels
- add 'Panic' and 'Panicf' functions to log panics
- adresses issue #26
 2023-01-23 18:48:06 +01:00
Christoph Kluge 24a4244f19 add more information to existing errors logs and panics 
- '$ROOT/$FILE' for better localization in the code
- add text where none was given
- fix unnecessary sprintf nesting in influxv2 and prometheus metricrepo logging
 2023-01-19 16:59:14 +01:00
Michael Schwarz f817ac5240 Accept externally generated JWTs provided via cookie 
If there is an external service like an AuthAPI that can generate JWTs and
  hand them over to ClusterCockpit via cookies, CC can be configured to
  accept them
 2022-10-19 13:36:13 +02:00
Jan Eitzinger 8856f26fb0 Reformat and Refactor packages. Rebuild GraphQL. 2022-09-07 12:24:45 +02:00
Jan Eitzinger 26df1e7c14 Add copyright and license header. Update license year 2022-07-29 06:29:21 +02:00
Lou Knauer d4b1b32ca0 token based login: fix re-logins 2022-07-26 13:50:54 +02:00
Lou Knauer e500c1515e Allow login via token in URL 2022-07-25 10:36:20 +02:00
Lou Knauer a48e94ab3e bugfixes in auth/ 2022-07-25 09:33:36 +02:00
Lou Knauer 2d57e4cfe8 Change to HS256 as login token alg 2022-07-25 09:03:48 +02:00
Lou Knauer f0530f2908 Different keypair for token based login 2022-07-13 15:04:11 +02:00
Lou Knauer 04574db32f Integrate new auth interface 2022-07-07 14:08:37 +02:00