tiny-forge

alexei.dolgolyov/tiny-forge

Fork 0

Commit Graph

Author	SHA1	Message	Date
alexei.dolgolyov	791cd4d6af	feat: rename Docker Watcher to Tinyforge Build / build (push) Successful in 12m20s Details Rebrand the project as Tinyforge to reflect its evolution from a Docker container watcher into a self-hosted mini CI/deployment platform. Rename covers: Go module path, Docker labels, DB/config filenames, JWT issuer, Dockerfile binary, docker-compose, CI workflows, frontend i18n, README with static sites docs, and all code comments.	2026-04-12 21:30:39 +03:00
alexei.dolgolyov	98ee2bcd9a	feat: auth system hardening with token revocation, password management, and error sanitization - Add token revocation with in-memory blacklist and periodic cleanup (SEC-M1) - Add POST /api/auth/logout endpoint - Fix OIDC auth_token cookie to HttpOnly with exchange endpoint (SEC-H3) - Add password complexity validation (min 8 chars) (SEC-M2) - Prevent admin self-deletion (SEC-M3) - Add PUT /api/auth/users/{uid} for role/email updates (FUNC-M1) - Add PUT /api/auth/users/{uid}/password for password changes (FUNC-H1) - Sanitize error messages in auth handlers (SEC-M4)	2026-04-04 12:43:45 +03:00
alexei.dolgolyov	32de5b26a8	feat(docker-watcher): phase 12 - hardening Blue-green zero-downtime deploys, promote flow validation. Dual auth: local (bcrypt + JWT) and OAuth2/OIDC (any provider). Auth middleware, login page, auth settings UI. Structured logging (slog JSON), config export to YAML. Graceful shutdown with deploy draining. Multi-stage Dockerfile and production docker-compose.yml. Swap phase order: Volumes & Env before UI Polish.	2026-03-27 23:20:56 +03:00

Author

SHA1

Message

Date

alexei.dolgolyov

791cd4d6af

feat: rename Docker Watcher to Tinyforge

Build / build (push) Successful in 12m20s

Details

Rebrand the project as Tinyforge to reflect its evolution from a Docker
container watcher into a self-hosted mini CI/deployment platform.

Rename covers: Go module path, Docker labels, DB/config filenames,
JWT issuer, Dockerfile binary, docker-compose, CI workflows, frontend
i18n, README with static sites docs, and all code comments.

2026-04-12 21:30:39 +03:00

alexei.dolgolyov

98ee2bcd9a

feat: auth system hardening with token revocation, password management, and error sanitization

- Add token revocation with in-memory blacklist and periodic cleanup (SEC-M1)
- Add POST /api/auth/logout endpoint
- Fix OIDC auth_token cookie to HttpOnly with exchange endpoint (SEC-H3)
- Add password complexity validation (min 8 chars) (SEC-M2)
- Prevent admin self-deletion (SEC-M3)
- Add PUT /api/auth/users/{uid} for role/email updates (FUNC-M1)
- Add PUT /api/auth/users/{uid}/password for password changes (FUNC-H1)
- Sanitize error messages in auth handlers (SEC-M4)

2026-04-04 12:43:45 +03:00

alexei.dolgolyov

32de5b26a8

feat(docker-watcher): phase 12 - hardening

Blue-green zero-downtime deploys, promote flow validation.
Dual auth: local (bcrypt + JWT) and OAuth2/OIDC (any provider).
Auth middleware, login page, auth settings UI.
Structured logging (slog JSON), config export to YAML.
Graceful shutdown with deploy draining.
Multi-stage Dockerfile and production docker-compose.yml.
Swap phase order: Volumes & Env before UI Polish.

2026-03-27 23:20:56 +03:00

3 Commits