gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-06 13:14:24 +08:00
Code Issues Projects Releases Packages Wiki Activity
7015 commits 1586 branches 84 tags 295 MiB
Commit graph

1253 commits

Author SHA1 Message Date
Abhishek K
ebff185706
Revert "NM-38: User Config Fixes (#3559)" (#3562) 
This reverts commit 9d65c62860.
 2025-07-24 23:07:25 +05:30
Vishal Dalwadi
9d65c62860
NM-38: User Config Fixes (#3559) 
* Build(deps): bump gorm.io/datatypes from 1.2.5 to 1.2.6

Bumps [gorm.io/datatypes](https://github.com/go-gorm/datatypes) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/go-gorm/datatypes/releases)
- [Commits](https://github.com/go-gorm/datatypes/compare/v1.2.5...v1.2.6)

---
updated-dependencies:
- dependency-name: gorm.io/datatypes
  dependency-version: 1.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Build(deps): bump google.golang.org/api from 0.238.0 to 0.240.0 (#3541)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.238.0 to 0.240.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.238.0...v0.240.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-version: 0.240.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Build(deps): bump github.com/go-playground/validator/v10 (#3539)

Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.26.0 to 10.27.0.
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](https://github.com/go-playground/validator/compare/v10.26.0...v10.27.0)

---
updated-dependencies:
- dependency-name: github.com/go-playground/validator/v10
  dependency-version: 10.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(go): prevent idp user from being deleted; (#3538)

* fix(go): use correct method for pro;

fixes: User Config nodes are always reported online.

* fix(go): add device id to extclient;

* fix(go): try match device id;

* fix(go): set device id if not set;

* feat(go): return best match offline extclient;

* fix(go): match device id with owner and gateway;

* fix(go): remove check for rac id;

* fix(go): check status on get node status;

* fix(go): allow offline or unknown extclient;

* feat(go): add count db method;

* feat(go): revert change;

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Abhishek K <abhi281342@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-24 12:09:25 +05:30
Vishal Dalwadi
39ea1ed9fc
NM-20: Add more refined event logs. (#3552) 
* feat(go): add more refined event logs;

* feat(go): add more refined event logs;

* feat(go): add an api to validate user identity.

* feat(go): move validate-user-identity under user;
 2025-07-23 14:45:41 +05:30
Vishal Dalwadi
3551e8e24e
NET-1996: Add Support for TOTP Authentication. (#3517) 
* feat(git): ignore run configurations;

* feat(go): add support for TOTP authentication;

* fix(go): api docs;

* fix(go): static checks failing;

* fix(go): ignore mfa enforcement for user auth;

* feat(go): allow resetting mfa;

* feat(go): allow resetting mfa;

* feat(go): use library function;

* fix(go): signature;

* feat(go): allow only master user to unset user's mfa;

* feat(go): set caller when master to prevent panic;

* feat(go): make messages more user friendly;

* fix(go): run go mod tidy;

* fix(go): optimize imports;

* fix(go): return unauthorized on token expiry;

* fix(go): move mfa endpoints under username;

* fix(go): set is mfa enabled when converting;

* feat(go): allow authenticated users to use preauth apis;

* feat(go): set correct header value;

* feat(go): allow super-admins and admins to unset mfa;

* feat(go): allow user to unset mfa if not enforced;
 2025-06-26 08:29:13 +05:30
Abhishek K
aca911712b
avoid setting nil endpoint if peer using internet gw (#3529) 2025-06-25 19:17:57 +05:30
Aceix
2df02f747e
Merge pull request #3504 from gravitl/depracate-rac-autodisable 
chore: deprecate rac autodisable flag
 2025-06-24 23:43:44 +05:30
abhishek9686
b423b183e4 fix merge conflicts 2025-06-24 16:56:48 +05:30
Abhishek K
a07d4e8d86
Merge pull request #3522 from gravitl/NET-2080 
NET-2080: Fix unresponsive Users page
 2025-06-24 07:34:10 +05:30
Abhishek K
7808d29808
Merge pull request #3525 from gravitl/master 
Master
 2025-06-24 07:08:08 +05:30
Vishal Dalwadi
8971ecd2e9 feat(go): add access token count to ReturnUser model; 2025-06-23 22:43:39 +05:30
Abhishek K
0a47cc5461
Merge branch 'develop' into NET-1994 2025-06-23 17:50:21 +05:30
Abhishek K
9a623e8540
Merge pull request #3520 from gravitl/develop 
Develop
 2025-06-23 08:48:11 +05:30
Abhishek K
da024c230f
Merge pull request #3512 from gravitl/kwesi/net-2066-auto-apply-changes-on-desktop-app 
fix: update extclient ingress endpoint/port with host changes
 2025-06-23 08:45:32 +05:30
abhishek9686
2f5acf6742 sync changes on startup, add create relay calls on defaul host 2025-06-23 06:28:43 +05:30
abhishek9686
da2c19fd9d unset inet gw on gateway delete 2025-06-22 06:36:34 +05:30
the_aceix
91c5fe0cf3 fix: update extclient ingress endpoint/port with host changes 2025-06-20 11:21:28 +00:00
Vishal Dalwadi
1c20cf3682 fix(go): mask only if set; 2025-06-20 15:00:33 +05:30
abhishek9686
a31abf8f09 add inet gw validate check on update node api 2025-06-17 17:06:22 +05:30
abhishek9686
8ee37f5fab inet gws into gateways 2025-06-17 16:55:44 +05:30
abhishek9686
0761e73e43 collection loc info for desktop config if unset 2025-06-13 23:29:36 +05:30
abhishek9686
9804366f6e remove mac addr check 2025-06-13 07:22:36 +05:30
the_aceix
71dafa45cf feat: collect location from netdesk 2025-06-12 13:22:43 +00:00
Abhishek K
81d8e61eca
Merge branch 'release-v0.99.0' into patch/db-conn-pool 2025-06-10 09:51:13 +05:30
abhishek9686
6bec2164a0 fix masterkey auth 2025-06-07 07:11:38 +05:30
Vishal Dalwadi
da5115221f fix(go): workflow errors fixes; 2025-06-06 15:42:30 +05:30
Abhishek K
0f884d4f36
NET-2061: revert Inet gws, fix extclient comms with user policies (#3482) 
* revert inet gws from acl policies

* add egress range with metric for inet gw

* link pro inet funcs

* fix extclient comms with users

* remove TODO comments
 2025-06-05 22:42:16 +05:30
Abhishek K
0ff216dabd
NET-1932: Fix static node comms on CE (#3481) 
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

* add failover inet gw check

* optiomise egress calls

* auto create gw on inet egress node

* optimise egress calls

* add global user role check

* fix egress on inet gw

* remove addtional checks on inet policy

* add acl policy for static nodes on CE

* remove chained inet gws

* fix multi-inet issue

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-06-05 13:28:23 +05:30
Abhishek K
599a9c6f4a
NET-1932: handle non-inet egress ranges on inet gw (#3479) 
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

* add failover inet gw check

* optiomise egress calls

* auto create gw on inet egress node

* optimise egress calls

* add global user role check

* fix egress on inet gw

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-06-04 08:04:40 +05:30
Abhishek K
3bae08797f
NET-1932: add failover inet gw check (#3478) 
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

* add failover inet gw check

* optiomise egress calls

* auto create gw on inet egress node

* optimise egress calls

* add global user role check

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-06-03 22:54:55 +05:30
Abhishek K
5849e0e2e1
NET-1932: sort out acls into CE and PRO (#3460) 
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-06-02 13:05:10 +05:30
abhishek9686
84573787f8 add user info to events 2025-05-27 23:00:18 +05:30
abhishek9686
f538e80f76 fix enrollment key join on existing networks 2025-05-27 22:55:16 +05:30
Abhishek K
a1304b43d8
NET-2054: Auto Removal of Offline Nodes, fix enrollment key relay function (#3458) 
* check host ports on join

* if 443 not available fallback to 51821

* if 443 not available fallback to 51821

* add config for auto delete of offline nodes

* autocleanup offline nodes

* delete offline nodes on startup

* fix relay via join token
 2025-05-24 08:21:47 +05:30
abhishek9686
5ade7e9557 add sync,upragde,refresh keys events 2025-05-22 15:47:57 +05:30
abhishek9686
771d941868 copy user diff before update 2025-05-22 13:59:54 +05:30
Vishal Dalwadi
614cf77b5a
NET-1991: Add IDP sync functionality. (#3428) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* add server settings apis, add db table for settigs

* handle server settings updates

* switch to using settings from DB

* fix sever settings migration

* revet force migration for settings

* fix server settings database write

* fix revoked tokens to be unauthorized

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* fix merge conflicts

* fix server settings types

* bypass basic auth setting for super admin

* add TODO comment

* feat(go): add types for idp package;

* feat(go): import azure sdk;

* feat(go): add stub for google workspace client;

* feat(go): implement azure ad client;

* feat(go): sync users and groups using idp client;

* publish peer update on settings update

* feat(go): read creds from env vars;

* feat(go): add api endpoint to trigger idp sync;

* fix(go): sync member changes;

* fix(go): handle error;

* fix(go): set correct response type;

* feat(go): support disabling user accounts;

1. Add api endpoints to enable and disable user accounts.
2. Add checks in authenticators to prevent disabled users from logging in.
3. Add checks in middleware to prevent api usage by disabled users.

* feat(go): use string slice for group members;

* feat(go): sync user account status from idp;

* feat(go): import google admin sdk;

* feat(go): add support for google workspace idp;

* feat(go): initialize idp client on sync;

* feat(go): sync from idp periodically;

* feat(go): improvements for google idp;

1. Use the impersonate package to authenticate.
2. Use Pages method to get all data.

* chore(go): import style changes from migration branch;

1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.

* remove nat check on egress gateway request

* Revert "remove nat check on egress gateway request"

This reverts commit 0aff12a189.

* feat(go): add db middleware;

* feat(go): restore method;

* feat(go): add user access token schema;

* fix user auth api:

* re initalise oauth and email config

* feat(go): fetch idp creds from server settings;

* feat(go): add filters for users and groups;

* feat(go): skip sync from idp if disabled;

* feat(go): add endpoint to remove idp integration;

* feat(go): import all users if no filters;

* feat(go): assign service-user role on sync;

* feat(go): remove microsoft-go-sdk;

* feat(go): add display name field for user;

* fix(go): set account disabled correctly;

* fix(go): update user if display name changes;

* fix(go): remove auth provider when removing idp integration;

* fix(go): ignore display name if empty;

* feat(go): add idp sync interval setting;

* fix(go): error on invalid auth provider;

* fix(go): no error if no user on group delete;

* fix(go): check superadmin using platform role id;

* feat(go): add display name and account disabled to return user as well;

* feat(go): tidy go mod after merge;

* feat(go): reinitialize auth provider and idp sync hook;

* fix(go): merge error;

* fix(go): merge error;

* feat(go): use id as the external provider id;

* fix(go): comments;

* feat(go): add function to return pending users;

* feat(go): prevent external id erasure;

* fix(go): user and group sync errors;

* chore(go): cleanup;

* fix(go): delete only oauth users;

* feat(go): use uuid group id;

* export ipd id to in rest api

* feat(go): don't use uuid for default groups;

* feat(go): migrate group only if id not uuid;

* chore(go): go mod tidy;

---------

Co-authored-by: abhishek9686 <abhi281342@gmail.com>
Co-authored-by: Abhishek K <abhishek@netmaker.io>
Co-authored-by: the_aceix <aceixsmartx@gmail.com>
 2025-05-21 13:48:15 +05:30
Abhishek K
d7bad9865a
NET-2014: Audit Logging (#3455) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* add server settings apis, add db table for settigs

* handle server settings updates

* switch to using settings from DB

* fix sever settings migration

* revet force migration for settings

* fix server settings database write

* egress model

* fix revoked tokens to be unauthorized

* update egress model

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* fix merge conflicts

* fix server settings types

* bypass basic auth setting for super admin

* add TODO comment

* setup api handlers for egress revamp

* use single DB, fix update nat boolean field

* extend validaiton checks for egress ranges

* add migration to convert to new egress model

* fix panic interface conversion

* publish peer update on settings update

* revoke token generated by an user

* add user token creation restriction by user role

* add forbidden check for access token creation

* revoke user token when group or role is changed

* add default group to admin users on update

* chore(go): import style changes from migration branch;

1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.

* remove nat check on egress gateway request

* Revert "remove nat check on egress gateway request"

This reverts commit 0aff12a189.

* remove nat check on egress gateway request

* feat(go): add db middleware;

* feat(go): restore method;

* feat(go): add user access token schema;

* add inet gw status to egress model

* fetch node ids in the tag, add inet gw info clients

* add inet gw info to node from egress list

* add migration logic internet gws

* create default acl policies

* add egress info

* add egress TODO

* add egress TODO

* fix user auth api:

* add reference id to acl policy

* add egress response from DB

* publish peer update on egress changes

* re initalise oauth and email config

* set verbosity

* normalise cidr on egress req

* add egress id to acl group

* change acls to use egress id

* resolve merge conflicts

* fix egress reference errors

* move egress model to schema

* add api context to DB

* sync auto update settings with hosts

* sync auto update settings with hosts

* check acl for egress node

* check for egress policy in the acl dst groups

* fix acl rules for egress policies with new models

* add status to egress model

* fix inet node func

* mask secret and convert jwt duration to minutes

* enable egress policies on creation

* convert jwt duration to minutes

* add relevant ranges to inet egress

* skip non active egress routes

* resolve merge conflicts

* fix static check

* notify peers after settings update

* define schema for activity, add api handler to list network activity

* setup event channel and logger

* setup event logger, add event for user login

* change activity model to event

* add api error constants

* add logout event

* log user crud events

* add login events for oauth

* add user related events

* log events for invites and user approvals

* order user activity event by timestamp

* fix logout api

* add user and network events api, add addtional events triggers

* add filters to all events api

* fix events filter

* add diff to event logs

* update user logout api

* log settigns updates

* log events for network and host updates

* check for diff on events

* log host del event

* add user loc info to desktop app connection events

* fix authorize middleware check

* add gateway events

* resolve merge conflicts

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-05-21 13:13:20 +05:30
Abhishek K
307a3d1e4b
NET-1932: Merge egress and internet gateways (#3436) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* add server settings apis, add db table for settigs

* handle server settings updates

* switch to using settings from DB

* fix sever settings migration

* revet force migration for settings

* fix server settings database write

* egress model

* fix revoked tokens to be unauthorized

* update egress model

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* fix merge conflicts

* fix server settings types

* bypass basic auth setting for super admin

* add TODO comment

* setup api handlers for egress revamp

* use single DB, fix update nat boolean field

* extend validaiton checks for egress ranges

* add migration to convert to new egress model

* fix panic interface conversion

* publish peer update on settings update

* revoke token generated by an user

* add user token creation restriction by user role

* add forbidden check for access token creation

* revoke user token when group or role is changed

* add default group to admin users on update

* chore(go): import style changes from migration branch;

1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.

* remove nat check on egress gateway request

* Revert "remove nat check on egress gateway request"

This reverts commit 0aff12a189.

* remove nat check on egress gateway request

* feat(go): add db middleware;

* feat(go): restore method;

* feat(go): add user access token schema;

* add inet gw status to egress model

* fetch node ids in the tag, add inet gw info clients

* add inet gw info to node from egress list

* add migration logic internet gws

* create default acl policies

* add egress info

* add egress TODO

* add egress TODO

* fix user auth api:

* add reference id to acl policy

* add egress response from DB

* publish peer update on egress changes

* re initalise oauth and email config

* set verbosity

* normalise cidr on egress req

* add egress id to acl group

* change acls to use egress id

* resolve merge conflicts

* fix egress reference errors

* move egress model to schema

* add api context to DB

* sync auto update settings with hosts

* sync auto update settings with hosts

* check acl for egress node

* check for egress policy in the acl dst groups

* fix acl rules for egress policies with new models

* add status to egress model

* fix inet node func

* mask secret and convert jwt duration to minutes

* enable egress policies on creation

* convert jwt duration to minutes

* add relevant ranges to inet egress

* skip non active egress routes

* resolve merge conflicts

* fix static check

* update gorm tag for primary key on egress model

* create user policies for egress resources

* resolve merge conflicts

* get egress info on failover apis, add egress src validation for inet gws

* add additional validation checks on egress req

* add additional validation checks on egress req

* skip all resources for inet policy

* delete associated egress acl policies

* fix failover of inetclient

* avoid setting inet client asd inet gw

* fix all resource egress policy

* fix inet gw egress rule

* check for node egress on relay req

* fix egress acl rules comms

* add new field for egress info on node

* check acl policy in failover ctx

* avoid default host to be set as inet client

* fix relayed egress node

* add valid error messaging for egress validate func

* return if inet default host

* jump port detection to 51821

* check host ports on pull

* check user access gws via acls

* add validation check for default host and failover for inet clients

* add error messaging for acl policy check

* fix inet gw status

* ignore failover req for peer using inet gw

* check for allowed egress ranges for a peer

* add egress routes to static nodes by access

* avoid setting failvoer as inet client

* fix egress error messaging

* fix extclients egress comms

* fix inet gw acting as inet client

* return formatted error on update acl validation

* add default route for static nodes on inetclient

* check relay node acting as inetclient

* move inet node info to separate field, fix all resouces policy

* remove debug logs

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-05-21 12:50:21 +05:30
Aceix
506f73ebb9
Merge pull request #3441 from gravitl/nmctl-access-token 
feat: add support for user access tokens in nmctl
 2025-05-20 09:16:24 +05:30
Abhishek K
f9bc3a5386
Merge pull request #3440 from gravitl/master 
Master
 2025-04-30 03:02:05 +04:00
Abhishek K
85084f9dfe
check host ports on join (#3437) 2025-04-30 03:00:36 +04:00
Aceix
b0a8a07ebd
fix: add node status in response to create/delete gateway (#3425) 2025-04-30 02:57:53 +04:00
alingse
eb0dbf7ee4
fix call logic.FormatError with a nil value error (#3406) 
* fix call logic.FormatError with a nil value error

Signed-off-by: alingse <alingse@foxmail.com>

* fix call slog.Error with wrong error

---------

Signed-off-by: alingse <alingse@foxmail.com>
 2025-04-30 02:39:35 +04:00
Aceix
c9f3750499
fix: improve error response message (#3426) 2025-04-30 02:34:45 +04:00
Abhishek K
309e4795a1
NET-1950: Persist Server Settings in the DB (#3419) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* add server settings apis, add db table for settigs

* handle server settings updates

* switch to using settings from DB

* fix sever settings migration

* revet force migration for settings

* fix server settings database write

* fix revoked tokens to be unauthorized

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* fix merge conflicts

* fix server settings types

* bypass basic auth setting for super admin

* add TODO comment

* publish peer update on settings update

* chore(go): import style changes from migration branch;

1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.

* remove nat check on egress gateway request

* Revert "remove nat check on egress gateway request"

This reverts commit 0aff12a189.

* feat(go): add db middleware;

* feat(go): restore method;

* feat(go): add user access token schema;

* fix user auth api:

* re initalise oauth and email config

* set verbosity

* sync auto update settings with hosts

* sync auto update settings with hosts

* mask secret and convert jwt duration to minutes

* convert jwt duration to minutes

* notify peers after settings update

* compare with curr settings before updating

* send host update to devices on auto update

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-04-30 02:34:10 +04:00
Abhishek K
262803c234
add ctx to DB funcs (#3435) 2025-04-29 00:22:02 +04:00
Abhishek K
119ef4e17e
move api tokens models to schema pkg (#3434) 2025-04-29 00:11:56 +04:00
Abhishek K
ca95954fb5
NET-2000: Api access tokens (#3418) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* fix revoked tokens to be unauthorized

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* revoke token generated by an user

* add user token creation restriction by user role

* add forbidden check for access token creation

* revoke user token when group or role is changed

* add default group to admin users on update

* fix token removal on user update

* fix token removal on user update
 2025-04-23 20:21:42 +04:00
abhishek9686
b5842b7b06 fix create gateway req 2025-04-03 21:47:41 +04:00
abhishek9686
3bb843e96e fix openapi tag 2025-04-02 19:18:41 +04:00