github Forceu/Gokapi v2.0.0-beta1
v2.0.0-beta1: Multi-User Support

pre-release18 hours ago

We are happy to announce that we have implemented multi-user support (along with some other features) and need your help to test it for bugs before release!

To install this beta with docker, please use the gokapi:latest-dev tag.

Upgrading

⚠️ Make sure that you have a backup of all data! This beta might break your instance. It is not possible to downgrade afterwards

Upgrading when using OAuth2/OIDC authentication:

  • A valid email must now be set for all users in the authentication backend
  • Authentication is now only done by email and can be restricted by user groups
  • Make sure that the env variable GOKAPI_ADMIN_USER is set when upgrading and contains the email of the super admin

Upgrading when using Header authentication:

  • If restricting the users by username, make sure that you remove any wildcards (*) for usernames in the setup before upgrading.
  • Make sure that the env variable GOKAPI_ADMIN_USER is set when upgrading and contains the username of the super admin (must be the same as passed in the header)

Upgrading when using no authentication:

  • If you are restricting access with a proxy, make sure that you block the following urls:
    • /admin
    • /apiKeys
    • /changePassword
    • /e2eInfo
    • /e2eSetup
    • /logs
    • /uploadChunk
    • /uploadStatus
    • /users

Breaking changes

Since v1.9 there have been a lot of changes to the API, please take note if you are using the API:

  • A valid API key is now always required, API authentication by session is not possible anymore
  • /chunk/complete and /files/duplicate now expect the parameters as header, instead of encoded url form
  • Parameter apiKeyToModify has been renamed to targetKey for /auth/modify, /auth/delete and /auth/friendlyname
  • If a user, api key or file is not found, but a plausible ID was submitted, error 404 instead of 400 is returned now
  • Before v2.0, if a boolean parameter was required, it was always false if anything else then "true" was sent, now it raises an error if any other value than 1, t, true, 0, f, or false is supplied
  • Some API calls might be restricted by user permissions now, consult the API documentation for more information
  • API keys now have a public ID as well, which can also be used for /auth/modify, /auth/delete and /auth/friendlyname as targetKey instead of the private ID
  • When uploading a file through the API, defaults of 14 days, max 1 download and no password will be used, unless the respective parameters were passed. In v1.9, the previous values were used.

Don't miss a new Gokapi release

NewReleases is sending notifications on new releases.