feat(auth): implement authentication system

Browse Source

- Username/password login with bcrypt and session cookies
- API key authentication (X-Api-Key header or ?apikey query param)
- AUTH env var modes: on, local, off, oidc
- Generic OIDC support for external providers
- Session metadata tracking (IP, browser, device)
- Security settings page (password, sessions, API key)
- Login analysis with typo and attack detection
- Auth event logging throughout

...

This commit is contained in:

Sam Chau

2026-01-26 00:22:05 +10:30

parent 71a1c9e969

commit d2133aa457

41 changed files with 3984 additions and 2058 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

1130

docs/todo/auth.md Normal file

File diff suppressed because it is too large Load Diff