Tinyauth v3.0.0

Hello everyone! This is tinyauth v3.0.0 bringing support for both Nginx and Nginx Proxy Manager! You can now use tinyauth to protect all of your services running in it with just a few clicks! There is also a new feature allowing you to login to all tinyauth protected apps using HTTP basic auth so you can avoid cookies and login screens and immediately access your apps/APIs with code or command line. Lastly there are a lot of improvements in the codebase making it more readable.

Apart from the release, I would also like to invite everyone to tinyauth's discord server, a place where we can discuss about the project and self-hosting in general. If you are interested the link is available here.

Migration guide

To migrate to v3.0.0 you need to change your authentication paths.

If you are using traefik for your reverse proxy, change your forward auth URL to http://tinyauth:3000/api/auth/traefik

If you are using caddy for your reverse proxy, change your auth URL to http://tinyauth:3000/api/auth/caddy

The COOKIE_EXPIRY environment variable has been also renamed to SESSION_EXPIRY (--session-expiry).

New features

• Support for Nginx/Nginx Proxy Manager (https://tinyauth.doesmycode.work/docs/guides/nginx-proxy-manager)
• Authentication to apps using HTTP basic auth (https://tinyauth.doesmycode.work/docs/reference/api)

Improvements

• Handle null values from query parameters better in the frontend.
• The cookie contents also expire based on the SESSION_EXPIRY environment variable increasing security.

Fixes

• Fix the OAUTH_WHITELIST not allowing any users by default.
• Parse the redirect URI correctly to support older browsers.

Technical

• Add multiple comments throughout the codebase to make it more understandable.
• Add tests for the API and utils.

If you encounter any issues please let me know so I can fix them as soon as possible.