summaryrefslogtreecommitdiff
path: root/app/controllers/sessions/controller.go
AgeCommit message (Collapse)Author
2025-05-15refactor: delete code that is now handled by envoymo khan
2025-05-11fix: redirect to dashboard when already logged in at callback urlmo khan
2025-05-11refactor: use same cookie names as envoy pluginmo khan
2025-05-11feat: add endpoint to reflect JWT bodymo khan
2025-05-11test: test envoy and sparkle via testcontainersmo khan
2025-05-08refactor: move html render to data transfer objectmo khan
2025-05-08feat: test out a redirect page in stagingmo khan
2025-05-08feat: use a cookie prefix to lock down the session cookiemo khan
> __Host-: If a cookie name has this prefix, it's accepted in a > Set-Cookie header only if it's also marked with the Secure attribute, > was sent from a secure origin, does not include a Domain attribute, > and has the Path attribute set to /. In other words, the cookie is > domain-locked. https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies#cookie_prefixes
2025-05-08chore: write cookie validity to logmo khan
2025-05-08feat: clear the oauth state cookie after usagemo khan
2025-05-08chore: log the generated cookiemo khan
2025-05-07feat: check if cookie is validmo khan
2025-05-07fix: do not clear set-cookie headermo khan
2025-05-07fix: remove the csrf cookie after usagemo khan
2025-05-07chore: log the expiration of the access tokenmo khan
2025-05-07chore: log session cookie to understand why it is not being deliveredmo khan
2025-05-07fix: use same site lax mode to allow setting cooking on redirectmo khan
2025-05-07refactor: extract helper to log errors consistentlymo khan
2025-05-07refactor: delegate to cookie packagemo khan
2025-05-07refactor: move cookie to web packagemo khan
2025-05-07refactor: delegate to cookie package to write to response streammo khan
2025-05-07refactor: delegate to cookie packagemo khan
2025-04-30refactor: delegate to cookie.Reset to overload with optionsmo khan
2025-04-30refactor: extract Option[T] and cleaner API for creating cookiesmo khan
2025-04-30fix: the CSRF cookie needs to have a same site lax modemo khan
2025-04-28feat: validate the csrf tokenmo khan
2025-04-28feat: redirect to login page when session is establishedmo khan
2025-04-28refactor: remove struct fields that were moved to service typemo khan
2025-04-28refactor: move token exchange into service classmo khan
2025-04-28refactor: extract a session service classmo khan
2025-04-28feat: generate a nonce to validate the OAuth callbackmo khan
2025-04-28feat: add logout endpointmo khan
2025-04-28feat: use htmx to render partialsmo khan
2025-04-28fix: render 404 when not logged inmo khan
2025-04-25feat: print error to describe token exchange issuemo khan
2025-04-25docs: describe the session cookiemo khan
2025-04-21refactor: rename middlewaremo khan
2025-04-21refactor: extract oidc.RawIDToken typemo khan
2025-04-17chore: write error to logmo khan
2025-04-17chore: write error to logmo khan
2025-04-17test: remove the test oidc servermo khan
2025-04-15feat: create session cookie tied to access tokenmo khan
2025-04-15feat: store tokens in sessio cookiemo khan
2025-04-15feat: store tokens in a session cookiemo khan
2025-04-14feat: exchange an authorization code grant for an access and id tokenmo khan
2025-04-14test: add placeholder for missing testsmo khan
2025-04-14refactor: do not explicitly set the 301 status codemo khan
2025-04-14feat: connect the sessions controller to oidc providermo khan
2025-04-14fix: add audience parametermo khan
2025-04-14fix: add audience parametermo khan
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 17:37:05 +0000