joaovitoriasilva/endurain v0.16.0-Alpha1

on GitHub

v0.16.0-Alpha1 - Alpha1 for v0.16.0 - Single Sign-On support

⚠️ Warning:

• This is not a final version, expect bugs and errors
• The DB has schema changes, however no impacts are expected. Nevertheless backup your DB before applying the update.
• MariaDB support is dropped. Use PostgreSQL as your DB. Check docs if need to migrate from MariaDB to PostgreSQL
• Your users sessions will be deleted on upgrade. Users will have to authenticate again

New Features:

Backend

• Drop MariaDB support
• Introduces support for external identity providers (SSO) #58
• New password hasher utility, replacing legacy bcrypt and password logic
• New token manager utility for JWT creation/validation
• Refresh tokens are now hashed before being stored -> safer (no JWT leakage)
• Hashed content now uses Argon2id. Users passwords are updated automatically on new login
• Switched file security module to external module - safeuploads
• Backend now correctly handles missing files or missing routes on requests
• New auth module, centralizing authentication (local and SSO)
• Dependency bump

Frontend

• Migrated some frontend components to TS
• Introduces support for external identity providers (SSO) #58
• Centralized and unified modal logic with new reusable Bootstrap modal composable
• Added new validationUtils.ts for validation helper functions
• Refactor asset imports to use centralized constants
• Dependency bump

Fixes:

• Frontend now correctly handles Refresh and CSRF refresh logic
• Fix for following back results in no modal shown #385
• Fix for can't click context menu after login #348
• General bug fixes
• Add TRADEMARK.md
• Update Docker compose example for Jaeger service to use new image and config