mirror of
https://github.com/blakeblackshear/frigate.git
synced 2025-12-09 06:45:40 +03:00
152e585206
* jwt permissions * add old password to body req * add model and migration need to track the datetime that passwords were changed for the jwt * auth api backend changes - use os.open to create jwt secret with restrictive permissions (0o600: read/write for owner only) - add backend validation for password strength - add iat claim to jwt so the server can determine when a token was issued and reject any jwts issued before a user's password_changed_at timestamp, ensuring old tokens are invalidated after a password change - set logout route to public to avoid 401 when logging out - issue new jwt for users who change their own password so they stay logged in * improve set password dialog - add field to verify old password - add password strength requirements * frontend tweaks for password dialog * i18n * use verify endpoint for existing password verification avoid /login side effects (creating a new session) * public logout * only check if password has changed on jwt refresh * fix tests Fix migration 030 by using raw sql to select usernames (avoid ORM selecting nonexistent columns) * add multi device warning to password dialog * remove password verification endpoint Just send old_password + new password in one request, let the backend handle verification in a single operation |
||
|---|---|---|
| .. | ||
| 001_create_events_table.py | ||
| 002_add_clip_snapshot.py | ||
| 003_create_recordings_table.py | ||
| 004_add_bbox_region_area.py | ||
| 005_make_end_time_nullable.py | ||
| 006_add_motion_active_objects.py | ||
| 007_add_retain_indefinitely.py | ||
| 008_add_sub_label.py | ||
| 009_add_object_filter_ratio.py | ||
| 010_add_plus_image_id.py | ||
| 011_update_indexes.py | ||
| 012_add_segment_size.py | ||
| 013_create_timeline_table.py | ||
| 014_event_updates_for_fp.py | ||
| 015_event_refactor.py | ||
| 016_sublabel_increase.py | ||
| 017_update_indexes.py | ||
| 018_add_dbfs.py | ||
| 019_create_regions_table.py | ||
| 020_update_index_recordings.py | ||
| 021_create_previews_table.py | ||
| 022_create_review_segment_table.py | ||
| 023_add_regions.py | ||
| 024_create_export_table.py | ||
| 025_create_user_table.py | ||
| 026_add_notification_tokens.py | ||
| 027_create_explore_index.py | ||
| 028_optional_event_thumbnail.py | ||
| 029_add_user_role.py | ||
| 030_create_user_review_status.py | ||
| 031_create_trigger_table.py | ||
| 032_add_password_changed_at.py | ||