Martchus
/
syncthing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
syncthing/lib
History
Jakob Borg aa901790b9
lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284) 
This adds a "token manager" which handles storing and checking expired
tokens, used for both sessions and CSRF tokens. It removes the old,
corresponding functionality for CSRFs which saved things in a file. The
result is less crap in the state directory, and active login sessions
now survive a Syncthing restart (this really annoyed me).

It also adds a boolean on login to create a longer-lived session cookie,
which is now possible and useful. Thus we can remain logged in over
browser restarts, which was also annoying... :)

<img width="1001" alt="Screenshot 2023-12-12 at 09 56 34"
src="https://github.com/syncthing/syncthing/assets/125426/55cb20c8-78fc-453e-825d-655b94c8623b">

Best viewed with whitespace-insensitive diff, as a bunch of the auth
functions became methods instead of closures which changed indentation.
 		2024-01-04 10:07:12 +00:00
..
api lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284) 2024-01-04 10:07:12 +00:00
assets lib/assets: MIME types, time formats (#8351) 2022-05-22 22:10:18 +02:00
beacon lib/beacon, lib/discover: Send IPv4 limited broadcast when address listing fails (fixes #1628) (#9087) 2023-09-12 14:28:17 +02:00
build lib/build: Allow semver build in version regex (fixes #9267) (#9316) 2024-01-02 20:43:22 +01:00
config Hide log out button when auth is not enabled (#9158) 2023-10-15 14:10:41 +02:00
connections lib/connections: Skip allocation in check for missing port (#9297) 2023-12-20 11:59:11 +01:00
db all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
dialer lib: Removal global connection registry (#8254) 2022-04-09 16:04:56 +02:00
discover lib/beacon, lib/discover: Send IPv4 limited broadcast when address listing fails (fixes #1628) (#9087) 2023-09-12 14:28:17 +02:00
events all: Add Prometheus-style metrics to expose some internal performance counters (fixes #5175) (#9003) 2023-08-04 19:57:30 +02:00
fs lib/fs: Reduce memory usage in xattrs handling (#9251) 2023-12-04 12:48:17 +01:00
httpcache cmd/stupgrades: Cache should apply to HEAD as well as GET 2023-02-22 12:22:52 +01:00
ignore all: Grand test refactor (fixes #8779, fixes #8799) 2023-05-09 10:01:57 +00:00
locations lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284) 2024-01-04 10:07:12 +00:00
logger cmd/syncthing, lib/logger: Add date to default log format (fixes #8272) (#8273) 2022-04-15 07:46:14 +04:00
model lib/model: Only handle relevant folder summaries (kqueue) (fixes #9183) (#9288) 2023-12-13 12:34:24 +01:00
nat lib/nat: Fix test build failure (ref #9010) 2023-12-11 10:13:14 +01:00
netutil all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
osutil lib/osutil, lib/upnp: Check FlagRunning (fixes #8767) (#9047) 2023-08-21 14:49:28 +00:00
pmp lib/nat, lib/upnp: IPv6 UPnP support (#9010) 2023-12-11 07:36:18 +01:00
protocol gui: Keep short deviceID length consistent + xrefs (fixes #9313) (#9314) 2024-01-02 17:31:57 +01:00
rand all: Remove unused method receivers (#8462) 2022-07-28 17:32:45 +02:00
rc all: Remove unused method receivers (#8462) 2022-07-28 17:32:45 +02:00
relay cmd/strelaysrv: Add optional auth token (fixes #3987) (#8561) 2022-10-01 20:41:02 +01:00
scanner gui, lib/scanner: Improve scan progress indication (ref #8331) (#9308) 2023-12-31 23:01:16 +01:00
semaphore all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
sha256 all: Use crypt/rand through its buffered version, but not in benchmarks (#7420) 2021-03-02 19:17:20 +01:00
signature all: Use crypt/rand through its buffered version, but not in benchmarks (#7420) 2021-03-02 19:17:20 +01:00
sliceutil all: Support multiple device connections (fixes #141) (#8918) 2023-09-06 12:52:01 +02:00
stats all: Truncate some timestamps (fixes #7457) (#7459) 2021-03-12 10:35:10 +01:00
stringutil all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
structutil all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
stun all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
svcutil all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
sync lib/model: Use a single lock (phase two: cleanup) (#9276) 2023-12-11 22:06:45 +01:00
syncthing lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284) 2024-01-04 10:07:12 +00:00
testutil all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
tlsutil lib/tlsutil: Use crypto.Signer interface (#8526) 2022-09-09 14:22:38 +02:00
upgrade lib/upgrade: Extract signing key to embedded file (fixes #9247) (#9296) 2023-12-18 19:47:57 +00:00
upnp lib/nat, lib/upnp: IPv6 UPnP support (#9010) 2023-12-11 07:36:18 +01:00
ur all: Remove lib/util package (#9049) 2023-08-21 19:44:33 +02:00
versioner lib/versioner: Don't complain when folder is stopping (#9097) 2023-09-11 23:10:18 +02:00
watchaggregator lib/config: Allow sub-second watcher delay (fixes #7859) (#7864) 2023-03-18 08:50:38 +01:00
weakhash all: Remove usage of deprecated io/ioutil (#7971) 2021-11-22 08:59:47 +01:00