* feat(auth): Added device session management
- Added the `handleSession` function to manage user device sessions and verify client identity
- Updated `auth.go` to call `handleSession` for device handling when a user logs in
- Added the `Session` model to database migrations
- Added `device.go` and `session.go` files to handle device session logic
- Updated `settings.go` to add device-related configuration items, such as the maximum number of devices, device eviction policy, and session TTL
* feat(session): Adds session management features
- Added `SessionInactive` error type in `device.go`
- Added session-related APIs in `router.go` to support listing and evicting sessions
- Added `ListSessionsByUser`, `ListSessions`, and `MarkInactive` methods in `session.go`
- Returns an appropriate error when the session state is `SessionInactive`
* feat(auth): Marks the device session as invalid.
- Import the `session` package into the `auth` module to handle device session status.
- Add a check in the login logic. If `device_key` is obtained, call `session.MarkInactive` to mark the device session as invalid.
- Store the invalid status in the context variable `session_inactive` for subsequent middleware checks.
- Add a check in the session refresh logic to abort the process if the current session has been marked invalid.
* feat(auth, session): Added device information processing and session management changes
- Updated device handling logic in `auth.go` to pass user agent and IP information
- Adjusted database queries in `session.go` to optimize session query fields and add `user_agent` and `ip` fields
- Modified the `Handle` method to add `ua` and `ip` parameters to store the user agent and IP address
- Added the `SessionResp` structure to return a session response containing `user_agent` and `ip`
- Updated the `/admin/user/create` and `/webdav` endpoints to pass the user agent and IP address to the device handler
* feat(setting): add role-based default and registration settings (closed #feat/register-and-statistics)
- Added `AllowRegister` and `DefaultRole` settings to site configuration.
- Integrated dynamic role options for `DefaultRole` using `op.GetRoles`.
- Updated `setting.go` handlers to manage `DefaultRole` options dynamically.
- Modified `const.go` to include new site settings constants.
- Updated dependencies in `go.mod` and `go.sum` to support new functionality.
* feat(register-and-statistics): add user registration endpoint
- Added `POST /auth/register` endpoint to support user registration.
- Implemented registration logic in `auth.go` with dynamic role assignment.
- Integrated settings `AllowRegister` and `DefaultRole` for registration flow.
- Updated imports to include new modules: `conf`, `setting`.
- Adjusted user creation logic to use `DefaultRole` setting dynamically.
* feat(register-and-statistics): add user registration endpoint (#register-and-statistics)
- Added `POST /auth/register` endpoint to support user registration.
- Implemented registration logic in `auth.go` with dynamic role assignment.
- Integrated `AllowRegister` and `DefaultRole` settings for registration flow.
- Updated imports to include new modules: `conf`, `setting`.
- Adjusted user creation logic to use `DefaultRole` dynamically.
* feat(register-and-statistics): enhance role management logic (#register-and-statistics)
- Refactored CreateRole and UpdateRole functions to handle default role.
- Added dynamic role assignment logic in 'role.go' using conf settings.
- Improved request handling in 'handles/role.go' with structured data.
- Implemented default role logic in 'db/role.go' to update non-default roles.
- Modified 'model/role.go' to include a 'Default' field for role management.
* feat(register-and-statistics): enhance role management logic
- Refactor CreateRole and UpdateRole to handle default roles.
- Add dynamic role assignment using conf settings in 'role.go'.
- Improve request handling with structured data in 'handles/role.go'.
- Implement default role logic in 'db/role.go' for non-default roles.
- Modify 'model/role.go' to include 'Default' field for role management.
* feat(register-and-statistics): improve role handling logic
- Switch from role names to role IDs for better consistency.
- Update logic to prioritize "guest" for default role ID.
- Adjust `DefaultRole` setting to use role IDs.
- Refactor `getRoleOptions` to return role IDs as a comma-separated string.
* feat(register-and-statistics): improve role handling logic
* fix: potential XSS vulnerabilities
* feat: support filter and render for readme.md
* chore: set ReadMeAutoRender to true
* fix attachFileName undefined
---------
Co-authored-by: Andy Hsu <i@nn.ci>
* refactor(cmd): use std `runtime` package to get go version info
- Remove the `GoVersion` variable.
- Remove overriding `GoVersion` by ldflags in `build.sh`.
- Get go version, OS and arch from the constants in the std `runtime` package instead of compile time.
* chore(ci): remove `GoVersion` flag from workflows
Remove GoVersion flag from beta_release.yml and build.yml workflows.
> Reduce compile-time dependencies.
* Feat(offline-download): allow using thunder offline download tool in any storage
* Feat(offline-download): allow using 115 offline download tool in any storage
* Feat(offline-download): allow using pikpak offline download tool in any storage
* style(offline-download): unify offline download tool names
* feat(offline-download): show available offline download tools only
* Fix(offline-download): update unmodified tool names.
---------
Co-authored-by: Andy Hsu <i@nn.ci>
* feat(patch): upgrade patch module
* chore(patch): add docs
* fix(patch): skip and rewrite invalid last launched version
* fix(patch): turn two functions into patches
* feat: support webauthn login
* manually merge
* fix: clear user cache after updating authn
* decrease db size of Authn
* change authn type to text
* simplify code structure
---------
Co-authored-by: Andy Hsu <i@nn.ci>
from this commit, if you want reverse proxy to sub-directory like `alist` with `nginx`, you need config:
```nginx
location /alist/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_redirect off;
proxy_pass http://127.0.0.1:5244/alist/;
# the max size of file to upload
client_max_body_size 20000m;
}
```
* feat(qbittorrent): authorization and logging in support
* feat(qbittorrent/client): support `AddFromLink`
* refactor(qbittorrent/client): check authorization when getting a new client
* feat(qbittorrent/client): support `GetInfo`
* test(qbittorrent/client): update test cases
* feat(qbittorrent): init qbittorrent client on bootstrap
* feat(qbittorrent): support setting webui url via gin
* feat(qbittorrent/client): support deleting
* feat(qbittorrent/client): parse `TorrentStatus` enum when unmarshalling json in `GetInfo()`
* feat(qbittorrent/client): support getting files by id
* feat(qbittorrent): support adding qbittorrent tasks via gin
* refactor(qbittorrent/client): return a `Client` interface in `New()` instead of `*client`
* refactor: task handle
* chore: fix typo
* chore: change path
---------
Co-authored-by: Andy Hsu <i@nn.ci>
千石