botserver

GeneralBots/botserver

Fork 0

Commit graph

Author	SHA1	Message	Date
Rodrigo Rodriguez (Pragmatismo)	a2783f9b32	Fix 5 errors and 32 warnings: calendar, compliance, billing_alert_broadcast, unused vars	2026-01-13 22:21:25 -03:00
Rodrigo Rodriguez (Pragmatismo)	b4003e3e0a	fix(auth): align auth middleware anonymous paths with RBAC config - Remove broad /api/auth anonymous path that was matching /api/auth/me - Add specific anonymous paths: /api/auth/login, /api/auth/refresh, /api/auth/bootstrap - Remove /api/auth/logout, /api/auth/2fa/* from anonymous (require auth) - Fix /api/auth/me returning 401 for authenticated users	2026-01-10 17:31:50 -03:00
Rodrigo Rodriguez (Pragmatismo)	479950945b	feat(auth): Add OTP password display on bootstrap and fix Zitadel login flow - Add generate_secure_password() for OTP generation during admin bootstrap - Display admin credentials (username/password) in console on first run - Save credentials to ~/.gb-setup-credentials file - Fix Zitadel client to support PAT token authentication - Replace OAuth2 password grant with Zitadel Session API for login - Fix get_current_user to fetch user data from Zitadel session - Return session_id as access_token for proper authentication - Set email as verified on user creation to skip verification - Add password grant type to OAuth application config - Update directory_setup to include proper redirect URIs	2026-01-06 22:56:35 -03:00

Author

SHA1

Message

Date

Rodrigo Rodriguez (Pragmatismo)

a2783f9b32

Fix 5 errors and 32 warnings: calendar, compliance, billing_alert_broadcast, unused vars

2026-01-13 22:21:25 -03:00

Rodrigo Rodriguez (Pragmatismo)

b4003e3e0a

fix(auth): align auth middleware anonymous paths with RBAC config

- Remove broad /api/auth anonymous path that was matching /api/auth/me
- Add specific anonymous paths: /api/auth/login, /api/auth/refresh, /api/auth/bootstrap
- Remove /api/auth/logout, /api/auth/2fa/* from anonymous (require auth)
- Fix /api/auth/me returning 401 for authenticated users

2026-01-10 17:31:50 -03:00

Rodrigo Rodriguez (Pragmatismo)

479950945b

feat(auth): Add OTP password display on bootstrap and fix Zitadel login flow

- Add generate_secure_password() for OTP generation during admin bootstrap
- Display admin credentials (username/password) in console on first run
- Save credentials to ~/.gb-setup-credentials file
- Fix Zitadel client to support PAT token authentication
- Replace OAuth2 password grant with Zitadel Session API for login
- Fix get_current_user to fetch user data from Zitadel session
- Return session_id as access_token for proper authentication
- Set email as verified on user creation to skip verification
- Add password grant type to OAuth application config
- Update directory_setup to include proper redirect URIs

2026-01-06 22:56:35 -03:00

3 commits