* feat: api access tokens
* revoke all user tokens
* redefine access token api routes, add auto egress option to enrollment keys
* add server settings apis, add db table for settigs
* handle server settings updates
* switch to using settings from DB
* fix sever settings migration
* revet force migration for settings
* fix server settings database write
* fix revoked tokens to be unauthorized
* remove unused functions
* convert access token to sql schema
* switch access token to sql schema
* fix merge conflicts
* fix server settings types
* bypass basic auth setting for super admin
* add TODO comment
* publish peer update on settings update
* chore(go): import style changes from migration branch;
1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.
* remove nat check on egress gateway request
* Revert "remove nat check on egress gateway request"
This reverts commit 0aff12a189.
* feat(go): add db middleware;
* feat(go): restore method;
* feat(go): add user access token schema;
* fix user auth api:
* re initalise oauth and email config
* set verbosity
* sync auto update settings with hosts
* sync auto update settings with hosts
* mask secret and convert jwt duration to minutes
* convert jwt duration to minutes
* notify peers after settings update
* compare with curr settings before updating
* send host update to devices on auto update
---------
Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
* feat: api access tokens
* revoke all user tokens
* redefine access token api routes, add auto egress option to enrollment keys
* fix revoked tokens to be unauthorized
* remove unused functions
* convert access token to sql schema
* switch access token to sql schema
* revoke token generated by an user
* add user token creation restriction by user role
* add forbidden check for access token creation
* revoke user token when group or role is changed
* add default group to admin users on update
* fix token removal on user update
* fix token removal on user update
* add peerkey to network egress routes model
* add peerkey to network egress routes model
* filter out conflicting routes from node
* add support for egress HA on relay
* add support for egress HA on relay
* add support for egress HA on relay
* skip if curr node is relay node of the peer
* skip if curr node is relay node of the peer
* fix failover egress HA
* add network to egress route model
* clone before modifying
* check for user policies on uni direction check
* add all network fwd rule
* delete all network policies and tags on network deletion
* add peerkey to network egress routes model
* add peerkey to network egress routes model
* filter out conflicting routes from node
* add support for egress HA on relay
* add support for egress HA on relay
* add support for egress HA on relay
* skip if curr node is relay node of the peer
* skip if curr node is relay node of the peer
* fix failover egress HA
* add network to egress route model
* clone before modifying
* check for user policies on uni direction check
* add all network fwd rule
* add peerkey to network egress routes model
* add peerkey to network egress routes model
* filter out conflicting routes from node
* add support for egress HA on relay
* add support for egress HA on relay
* add support for egress HA on relay
* skip if curr node is relay node of the peer
* skip if curr node is relay node of the peer
* fix failover egress HA
* add network to egress route model
* clone before modifying
* check for user policies on uni direction check
* add peerkey to network egress routes model
* add peerkey to network egress routes model
* filter out conflicting routes from node
* add support for egress HA on relay
* add support for egress HA on relay
* add support for egress HA on relay
* skip if curr node is relay node of the peer
* skip if curr node is relay node of the peer
* fix failover egress HA
* add network to egress route model
* clone before modifying
* add support for egress ranges on acl policy
* add egress ranges to acl rules
* add egress ranges to acl policies
* Add egress ranges to acl rules
* add egress ranges to fw update
* fetch acl rules for egress networks
* apply egress policies for devices
* configure user policies for egresss routes
* fix gw tag name migration
* fix egress acl rules for static nodes
* add egress ranges for static nodes on ingress gw
* fileter acl IPs to be unique
* cleanup IOT logic from peer update
* make acl Rule Dst List
* cleanup egress ranges from acl policies
* create user group default acl policy for gateways
* remove remote access name ids
* rm egress ranges removal from acl policies
* simplify user permissions on nodes
* add additional nameservers to extclient dns
* remove debug logs
* fix static checks
