GitBucket
| 2026-06-07 |
Fix production auth: disable IP/UA binding (breaks reverse-proxy), add /api/v1/auth/* aliases, prepare PHP-FPM reload
Eugene Sukhodolskiy
committed
6 hours ago
|
|---|---|
|
Phase 4 cleanup & polish: param migration seeds, gnexus-ui-kit LoginPage styles, single .env
...
Eugene Sukhodolskiy
committed
7 hours ago
|
|
|
Phase 3 infrastructure hardening: IP/UA binding, nginx getallheaders fallback, auth rate limiting, permission cache
Eugene Sukhodolskiy
committed
7 hours ago
|
|
|
Phase 2 session stability: refresh queue, Bearer fallback, proactive refresh
Eugene Sukhodolskiy
committed
7 hours ago
|
|
|
Phase 1 auth security hotfixes: cookie-based session, bearer checks, router guard sync
...
Eugene Sukhodolskiy
committed
8 hours ago
|
|
|
Fix OAuth callback URL: insert access_token query string BEFORE hash fragment so Vue can read it via window.location.search
Eugene Sukhodolskiy
committed
8 hours ago
|
|
|
Fix AppController and EventsHandlers to use __DIR__ instead of app()->root_folder() for prod compatibility
Eugene Sukhodolskiy
committed
9 hours ago
|
|
|
Integrate Vue webclient into server: serve SPA from /, remove proxy.php, update auth redirects
Eugene Sukhodolskiy
committed
9 hours ago
|
|
| 2026-06-06 |
Fix UserResolver: use ThinBuilder::insert() return value
...
Eugene Sukhodolskiy
committed
22 hours ago
|
|
Add Bearer token persistence for cross-domain SPA auth
...
Eugene Sukhodolskiy
committed
23 hours ago
|
|
|
Add IP roaming reconciliation for active devices during network scan
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Fix logout: session_start + destroy cookie + redirect to local /login instead of /auth/login
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Make user card avatar/name clickable link to gnexus-auth profile
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Add GnUserCard drawer footer; fix proxy.php cookie forwarding and /auth/ whitelist
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Fix auth session persistence: add credentials:include to fetch and session_start to auth flow
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Fix E_WARNING in redirect: add exit after header() to prevent further output
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Fix .env resolution: fallback to parent dir if SHServ/.env missing GAUTH_*
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Add missing text_msgs aliases and dev proxy for auth endpoints
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Phase 4: Vue client auth store, Bearer token injection, router guards, login page
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Phase 2: Protect Areas, Scripts, Firmware REST API endpoints with permission checks
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Phase 2: Protect DevicesRESTAPIController endpoints with permission checks
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
|
|
| 2026-06-05 |
Fix text_msg call in remove_device: use FCONF instead of undefined app()-method
Eugene Sukhodolskiy
committed
1 day ago
|
|
Fix ErrorHandler to catch Throwable (not just Exception) and safe null-check in remove_device
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Move scan debug log to sys temp dir as well
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Move scan lock file to sys temp dir to avoid prod permission issues
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Allow deleting offline devices: make /reset best-effort, always remove from DB
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Increase scan batch size 8→32 to cut usleep overhead (~54s→37s)
Eugene Sukhodolskiy
committed
2 days ago
|
|
|
Fix scan speed: use CURLOPT_*_MS for sub-second timeouts (was ~3s per IP on Linux)
Eugene Sukhodolskiy
committed
2 days ago
|
|
|
Debug scan locking: add shutdown cleanup + connection_aborted checks + debug log
Eugene Sukhodolskiy
committed
2 days ago
|