AcadeNice/AcadeDoc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
996 commits 2 branches 0 tags 9.3 MiB
Commit graph

22 commits

Author SHA1 Message Date
Corentin
06c46f7b9b fix(oidc): defaut OIDC_SCOPES align Authentik (sans 'groups') 
Authentik n'expose pas un scope 'groups' standard — demander ce scope
inconnu peut faire echouer l'authorize selon la config provider. Les
groups arrivent dans le claim 'groups' du scope 'profile' par defaut.

Defaut passe de 'openid email profile groups' vers 'openid email profile'.
Update env.example + ACADENICE_PATCHES.md doc associee.
 2026-05-07 21:28:40 +02:00
Corentin
07d0b66fda feat(auth): Bloc 4b — OIDC client Authentik via openid-client (active par OIDC_ENABLED env) 
Ajoute un flow d'authentification OIDC via Authentik (ou tout IdP conforme),
desactive par defaut. Le code est dormant tant que OIDC_ENABLED=true n'est
pas pose.

Server :
- apps/server/src/core/auth/oidc/oidc.module.ts (nouveau)
- apps/server/src/core/auth/oidc/oidc.service.ts (discovery + PKCE + callback + JIT provisioning)
- apps/server/src/core/auth/oidc/oidc.controller.ts (routes /api/auth/oidc/{login,callback,status})
- apps/server/src/core/auth/oidc/oidc.service.spec.ts (8 tests Jest, openid-client mocke)
- apps/server/src/integrations/environment/environment.service.ts : +9 getters OIDC
- apps/server/src/core/core.module.ts : +OidcModule dans imports

Client :
- apps/client/src/features/auth/queries/oidc-query.ts (hook useOidcStatus)
- apps/client/src/features/auth/components/oidc-login-button.tsx (bouton conditionnel)
- apps/client/src/features/auth/components/login-form.tsx : +OidcLoginButton

Securite :
- PKCE S256 obligatoire
- State CSRF en cookie httpOnly signe (5 min)
- Verification JWKS auto via openid-client v6
- Refetch userInfo apres echange du code
- JIT provisioning strict par defaut (OIDC_AUTO_PROVISION=false)

Lib : openid-client v6.8.2 (deja en deps), import lazy.

Documente dans ACADENICE_PATCHES.md (Patch 002) et .env.example.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-07 21:26:53 +02:00
Philip Okugbe
a6a7e4370a
feat(ee): PDF export api (#2112) 
* feat(ee): server side PDF export

* feat: pdf export queue

* sync

* sync
 2026-04-14 16:26:54 +01:00
Philip Okugbe
918f4508d2
feat: switch to pino for logs (#1855) 
- switch to json logs in production
- add option to support http logging
 2026-01-21 01:23:50 +00:00
Philip Okugbe
5a3377790e
feat: debug mode env variable (#1450) 2025-08-06 18:16:30 +01:00
Philipinho
8300c5b731 update env file 2025-03-23 13:14:20 +00:00
Philip Okugbe
72f64e7b10
revert sentry (#808) 
* revert sentry
* remove sentry env
 2025-02-27 15:58:32 +00:00
Philipinho
54d27af76a * Add SENTRY_DNS env variable 
* Commit lock file
 2025-02-26 17:38:25 +00:00
Philip Okugbe
040d6625df
fix: enforce 32-character minimum length for APP_SECRET (#702) 
* Enforce 32 characters minimum APP_SECRET length

* update APP_SECRET comment
 2025-02-06 17:46:32 +00:00
Philip Okugbe
d97baf5824
add env variable (#513) 2024-11-28 18:48:25 +00:00
Philip Okugbe
384f11f2b7
make file upload size limit configurable (#386) 2024-10-10 21:28:28 +01:00
Orion
9390b39e35
Implement nodemailer ignore tls property (#299) 2024-09-20 17:57:50 +01:00
sidnelui-krystal
c810d0b314
fix: added env variable for support for forcepathstyle on s3 (#181) 2024-08-20 13:05:59 +01:00
Philipinho
4967849e3a add SMTP_SECURE 2024-08-02 11:19:12 +02:00
Philipinho
bc7cd033f2 more env validations 2024-06-27 22:47:59 +01:00
Philipinho
a582d4786d make env validation errors clear 
* modify mail smtp variable names
 2024-06-27 17:55:17 +01:00
Philipinho
38ef610e5e fixes 
* integrate websocket redis adapter
* use APP_SECRET for jwt signing
* auto migrate database on startup in production
* add updatedAt to update db operations
* create enterprise ee package directory
* fix comment editor focus
* other fixes
 2024-06-07 17:29:34 +01:00
Philipinho
eefe63d1cd implement new invitation system 
* fix comments on the frontend
* move jwt token service to its own module
* other fixes and updates
 2024-05-14 22:55:11 +01:00
Philipinho
7f933addff Implement BullMQ for background job processing 
* new REDIS_URL environment variable
 2024-05-03 02:56:03 +01:00
Philipinho
4c573b9bc2 email integration 
* Nest email module with smtp, postmark and console log drivers
* react-email package
 2024-05-02 03:12:40 +01:00
Philipinho
f01b77dbd6 fixes 
* remove vite env for now
* remove unnecessary comment
 2024-04-25 22:36:03 +01:00
Philipinho
616da875cd move .env to root 2024-01-17 18:36:54 +01:00
Renamed from apps/server/.env.example (Browse further)