e3d2b6a408
Block user through HTTP API ( #846 )
...
The new functionality allows blocking a user in the Management service.
Blocked users lose access to the Dashboard, aren't able to modify the network map,
and all of their connected devices disconnect and are set to the "login expired" state.
Technically all above was achieved with the updated PUT /api/users endpoint,
that was extended with the is_blocked field.
2023-05-11 18:09:36 +02:00
59372ee159
API cleanup ( #824 )
...
removed all PATCH endpoints
updated path parameters for all endpoints
removed not implemented endpoints for api doc
minor description updates
2023-05-03 00:15:25 +02:00
f1da4fd55d
using old isAdmin function to create account
2023-05-02 16:49:29 +02:00
6fec0c682e
Merging full service user feature into main ( #819 )
...
Merging full feature branch into main.
Adding full support for service users including backend objects, persistence, verification and api endpoints.
2023-04-22 12:57:51 +02:00
6aba28ccb7
remove UTC from some not store related operations
2023-04-10 10:54:23 +02:00
489892553a
use UTC everywhere in server
2023-04-03 15:09:35 +02:00
d3de035961
error responses always lower case + duplicate error response fix
2023-04-01 11:04:21 +02:00
931c20c8fe
fix test name
2023-03-31 12:45:10 +02:00
2eaf4aa8d7
add test for auth middleware
2023-03-31 12:44:22 +02:00
110067c00f
change order for access control checks and aquire account lock after global lock
2023-03-31 12:03:53 +02:00
32c96c15b8
disable linter errors by comment
2023-03-31 10:30:05 +02:00
ca1dc5ac88
disable access control for token endpoint
2023-03-30 19:03:44 +02:00
f273fe9f51
revert codacy
2023-03-30 18:54:55 +02:00
e08af7fcdf
codacy
2023-03-30 17:46:21 +02:00
454240ca05
comments for codacy
2023-03-30 17:32:44 +02:00
1343a3f00e
add test + codacy
2023-03-30 16:43:39 +02:00
6c8bb60632
fix merge
2023-03-30 16:06:46 +02:00
4d7029d80c
Merge branch 'main' into feature/add_pat_middleware
...
# Conflicts:
# management/server/grpcserver.go
# management/server/http/middleware/jwt.go
2023-03-30 16:06:21 +02:00
909f305728
Merge pull request #766 from netbirdio/feature/add_rest_endpoints_for_pat
...
Feature/add rest endpoints for pat
2023-03-30 15:55:48 +02:00
9b000b89d5
Merge branch 'feature/add_rest_endpoints_for_pat' into feature/add_pat_middleware
...
# Conflicts:
# management/server/mock_server/account_mock.go
2023-03-30 14:02:58 +02:00
5c1acdbf2f
move validation into account manager + func for get requests
2023-03-30 13:58:44 +02:00
db3a9f0aa2
refactor jwt token validation and add PAT to middleware auth
2023-03-30 10:54:09 +02:00
ecc4f8a10d
fix Pat handler test
2023-03-29 19:13:01 +02:00
03abdfa112
return empty object on all handlers instead of empty string
2023-03-29 18:46:40 +02:00
3bab745142
last_used can be nil
2023-03-29 17:46:09 +02:00
726ffb5740
add comments for exported functions
2023-03-29 15:06:54 +02:00
42ba0765c8
fix linter
2023-03-28 14:54:06 +02:00
514403db37
use object instead of plain token for create response + handler test
2023-03-28 14:47:15 +02:00
6a75ec4ab7
fix http error codes
2023-03-27 17:42:05 +02:00
b66e984ddd
set limits for expiration
2023-03-27 17:28:24 +02:00
c65a934107
refactor to use name instead of description
2023-03-27 16:28:49 +02:00
a27fe4326c
Add JWT middleware validation failure log ( #760 )
...
We will log the middleware log now, but in the next
releases we should provide a generic error that can be
parsed by the dashboard.
2023-03-23 18:26:41 +01:00
de8608f99f
add rest endpoints and update openapi doc
2023-03-21 16:02:19 +01:00
3bfa26b13b
Feat rego default policy ( #700 )
...
Converts rules to Rego policies and allow users to write raw policies to set up connectivity and firewall on the clients.
2023-03-13 18:14:18 +04:00
60f67076b0
change methods to not link
2023-02-28 18:17:55 +01:00
c645171c40
split api code into smaller pieces
2023-02-28 18:08:02 +01:00
8a130ec3f1
add comments to fix codacy
2023-02-28 16:51:30 +01:00
c26cd3b9fe
add comments for constructors and fix typo
2023-02-28 15:46:08 +01:00
9d7b515b26
changed the naming convention for all handling objects and methods to have unified way
2023-02-28 15:27:43 +01:00
f1f90807e4
changed the naming convention for all handling objects and methods to have unified way
2023-02-28 15:01:24 +01:00
c962d29280
Fix login expiration enum in OpenAPI ( #694 )
...
Add missing OpenAPI enums for the peer login expiration events
2023-02-16 15:36:36 +01:00
fe63a64b6e
Add Account HTTP API ( #691 )
...
Extend HTTP API with Account endpoints to configure global peer login expiration.
GET /api/accounts
PUT /api/account/{id}/
The GET endpoint returns an array of accounts with
always one account in the list. No exceptions.
The PUT endpoint updates account settings:
PeerLoginExpiration and PeerLoginExpirationEnabled.
PeerLoginExpiration is a duration in seconds after which peers' logins will expire.
2023-02-16 12:00:41 +01:00
d31219ba89
Update peer status when login expires ( #688 )
...
Extend PeerStatus with an extra field LoginExpired, that can be stored in the database.
2023-02-15 11:27:22 +01:00
756ce96da9
Add login expiration fields to peer HTTP API ( #687 )
...
Return login expiration related fields in the Peer HTTP GET endpoint.
Support enable/disable peer's login expiration via HTTP PUT.
2023-02-14 10:14:00 +01:00
00a8092482
Add GET peer HTTP API endpoint ( #670 )
2023-02-07 20:11:08 +01:00
3ec8274b8e
Feature: add custom id claim ( #667 )
...
This feature allows using the custom claim in the JWT token as a user ID.
Refactor claims extractor with options support
Add is_current to the user API response
2023-02-03 21:47:20 +01:00
9adadfade4
Use Peer.ID instead of Peer.Key as peer identifier ( #664 )
...
Replace Peer.Key as internal identifier with a randomly generated Peer.ID
in the Management service.
Every group now references peers by ID instead of a public key.
Every route now references peers by ID instead of a public key.
FileStore does store.json file migration on startup by generating Peer.ID and replacing
all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
9e408b5bbc
Add more activity events ( #663 )
2023-01-25 16:29:59 +01:00
12ae2e93fc
Adding DNS settings for accounts ( #655 )
...
Allow users to set groups in which the DNS management is disabled
Added API, activity store, and network map sync test
2023-01-17 17:34:40 +01:00
5c0b8a46f0
Add system activity tracking and event store ( #636 )
...
This PR adds system activity tracking.
The management service records events like
add/remove peer, group, rule, route, etc.
The activity events are stored in the SQLite event store
and can be queried by the HTTP API.
2023-01-02 15:11:32 +01:00
