rtrox / lybbrio Goto Github PK
View Code? Open in Web Editor NEWLybbr.io: A modern web app for Calibre
License: GNU Affero General Public License v3.0
Lybbr.io: A modern web app for Calibre
License: GNU Affero General Public License v3.0
null
Should be done after LYB-9, and is a convenience config for OAuth2.
From SyncLinear.com | LYB-10
allow a proxy to handle authentication, and trust configurable headers for Username, Email, Groups, Roles.
From SyncLinear.com | LYB-12
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates encountered an error and will be retried. Click on a checkbox below to force a retry now.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
go.mod
go 1.21.4
github.com/go-chi/chi v1.5.5
github.com/go-chi/render v1.0.3
github.com/gookit/validate v1.5.1
github.com/knadh/koanf v1.5.0
github.com/mpalmer/gorm-zerolog v0.1.0
github.com/prometheus/client_golang v1.17.0
github.com/rs/zerolog v1.31.0
github.com/segmentio/ksuid v1.0.4
github.com/spf13/cobra v1.8.0
github.com/spf13/pflag v1.0.5
github.com/stretchr/testify v1.8.4
github.com/swaggo/http-swagger/v2 v2.0.2
github.com/swaggo/swag v1.16.2
github.com/tj/assert v0.0.3
gorm.io/driver/sqlite v1.5.4
gorm.io/gorm v1.25.5
JWT Middleware should look for a JWT on each request, either via Cookie or Header. If the JWT is found, resolve it to a user, and write the claims & token to the Context object in the web request. If a JWT is NOT found, redirect to the configured login mechanism.
Not Included:
From SyncLinear.com | LYB-7
To Create and Test the JWT Creation Flow, start with a "StaticAuth" class, which will eventually be deleted, or hidden behind a "dev-mode" flag. StaticAuth accepts a plaintext user & password.
Success Criteria:
Stretch:
From SyncLinear.com | LYB-6
Success Criteria:
From SyncLinear.com | LYB-1
Authentication will happen via "AuthProviders", which are able to handle login events. Logging in should create a JWT, and a middleware should handle populating the User object & their claims to the context from the JWT.
Example here:
https://github.com/rtrox/spotify-sentry/tree/main/internal/auth
auth middleware, though, should end up in the middleware
package.
From SyncLinear.com | LYB-5
This provider has Lybbr.io acting as the source of truth for users. creation/update/deletion endpoints will be needed for users, as well as password handling, including encryption (bcrypt unless there is something newer to user).
From SyncLinear.com | LYB-13
Right now, we're using WithContext
in each handler โ this is super error prone, as it's easy to miss a call site. Move context to be a required parameter in the Store methods directly to prevent this bug.
From SyncLinear.com | LYB-27
Success Criteria:
Users can be authenticated via OAuth2. If an authenticated OAuth2 request does not resolve to an existing user, a user should be created automatically. the OAuth2 provider will be expected to handle limiting authentication to specific users if needed.
Out of Scope:
From SyncLinear.com | LYB-9
To be filled out with tasks as we get closer. This epic covers creating lybbrio role types or action types, encapsulating these roles/actions in JWT Claims, and sourcing those roles/actions from providers.
From SyncLinear.com | LYB-14
There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.
Location: .github/renovate.json5
Error type: Invalid JSON5 (parsing failed)
Message: JSON5.parse error: JSON5: invalid character '\"' at 33:3
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates are currently rate-limited. Click on a checkbox below to force their creation now.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
Dockerfile
golang 1.22-alpine
.github/workflows/docker-image.yaml
actions/checkout v4
docker/metadata-action v5
docker/setup-qemu-action v3
docker/setup-buildx-action v3
docker/login-action v3
docker/build-push-action v5
actions/upload-artifact v4
actions/download-artifact v4
docker/setup-buildx-action v3
docker/login-action v3
docker/metadata-action 232fc64e3a4e54539e087c5976439ea54be0959d
.github/workflows/on-tag.yaml
actions/checkout v4
rickstaa/action-contains-tag v1
actions/checkout v4
actions/setup-go v5
goreleaser/goreleaser-action v5
.github/workflows/tests.yaml
actions/checkout v4
dorny/paths-filter v2
actions/checkout v4
actions/setup-python v5
pre-commit/action v3.0.1
actions/checkout v4
actions/setup-go v5
actions/setup-go v5
golangci/golangci-lint-action v3
actions/checkout v4
dorny/paths-filter v2
actions/setup-go v5
go.mod
go 1.21
entgo.io/contrib v0.4.5
entgo.io/ent v0.12.5
github.com/99designs/gqlgen v0.17.43
github.com/go-chi/chi/v5 v5.0.11
github.com/go-chi/render v1.0.3
github.com/go-playground/validator/v10 v10.17.0
github.com/golang-jwt/jwt/v5 v5.2.0
github.com/google/uuid v1.6.0
github.com/hashicorp/go-multierror v1.1.1
github.com/jackc/pgx/v5 v5.5.5
github.com/knadh/koanf/providers/confmap v0.1.0
github.com/knadh/koanf/providers/env v0.1.0
github.com/knadh/koanf/providers/posflag v0.1.0
github.com/knadh/koanf/v2 v2.1.0
github.com/magefile/mage v1.15.0
github.com/mattn/go-sqlite3 v1.14.22
github.com/mpalmer/gorm-zerolog v0.1.0
github.com/prometheus/client_golang v1.18.0
github.com/rs/zerolog v1.32.0
github.com/segmentio/ksuid v1.0.4
github.com/spf13/cobra v1.8.0
github.com/spf13/pflag v1.0.5
github.com/stretchr/testify v1.8.4
github.com/tj/assert v0.0.3
github.com/vektah/gqlparser/v2 v2.5.11
golang.org/x/crypto v0.21.0
golang.org/x/net v0.21.0
gorm.io/driver/sqlite v1.5.4
gorm.io/gorm v1.25.7
render.Render
returns an error, which we're currently not checking. Fix it.
From SyncLinear.com | LYB-21
This is obviously going to need some work to migrate to new APIs/Methods.
From SyncLinear.com | LYB-23
Requests to /api/*
which error should return JSONified errors. This should be handled at the router level to ensure missing routes and other higher-order errors are JSONified. This should be confined to /api/*
to ensure web routes can have pretty error pages.
From SyncLinear.com | LYB-20
Same as LYB-10, Convenience config wrapper for Oauth2.
From SyncLinear.com | LYB-11
Create a mechanism for creating & storing API Keys for users. These API Keys should be encrypted at rest, but retrievable by the user. API Keys are resolved to users, and JWTs Generated.
From SyncLinear.com | LYB-8
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.