- Enhanced session endpoint to fetch complete member data from database
- Added getMemberByKeycloakId function to nocodb utils for member lookup by Keycloak ID
- Session endpoint now returns both user authentication data and complete member profile
- User dashboard will now display proper member information instead of 'Not provided'
- Handles cases where member record might not exist gracefully
- Fix malformed verification links caused by config.public.domain
- Use absolute HTTPS URLs for verification links in both registration and verification emails
- Ensures verification buttons work correctly in all email clients
- Fixes the 'app://renderer/' URL prefix issue seen in email clients
Implement rate limiting and attempt tracking to prevent verification abuse and infinite reload loops. Add temporary blocking with clear user feedback, enhanced error states, and retry logic. Includes new verification state utilities and improved UI components for better user experience during blocked states.
- Replace server-side redirects with JSON API responses for better error handling
- Add support for partial success when Keycloak update fails but token is valid
- Improve error messages with specific status codes (410 for expired, 409 for already used)
- Extract email from API response instead of URL query parameters
- Enable client-side navigation with proper error state management
- Replace external password setup link with internal navigation
- Add comprehensive password validation utility with strength requirements
- Create dedicated password setup page and API endpoint
- Streamline user flow from email verification to password creation
Convert getEmailService() to async function and update all callers to use await.
Replace synchronous require() with dynamic import() for admin-config module.
Add SMTP config loading to admin configuration dialog.
- Add SMTP configuration UI in admin panel with test functionality
- Implement email verification workflow with tokens and templates
- Add verification success/expired pages for user feedback
- Include nodemailer, handlebars, and JWT dependencies
- Create API endpoints for email config, testing, and verification
- Add Keycloak admin credentials configuration to environment variables
- Extract Keycloak admin operations into reusable utility module
- Refactor forgot-password endpoint to use new admin client utility
- Add documentation for Keycloak custom login implementation
- Add password reset fix summary documentation
This improves code organization by separating admin operations from
business logic and provides proper admin credentials for Keycloak
API operations instead of using regular client credentials.
- Configure @vite-pwa/nuxt module with manifest and service worker
- Add PWA install banner component to login page
- Include app icons (192x192, 512x512) and favicon assets
- Update admin dashboard layout and remove backup section
- Add PWA-related API endpoints and utility scripts
- Refactor login page to use auth composable for better state management
- Update nginx proxy settings with proper timeouts and buffering
- Improve PWA service worker caching strategy for API calls
- Add debug files and documentation for login troubleshooting
- Replace group-based auth with user/board/admin tier system
- Add direct login functionality alongside OAuth
- Implement role-based middleware for route protection
- Create dashboard pages and admin API endpoints
- Add error handling page and improved user management
- Maintain backward compatibility with legacy role methods
- Add custom login page with username/password form and SSO fallback
- Implement direct login API endpoint with security features
- Add forgot password functionality and email notifications
- Create guest middleware for authentication routing
- Update Keycloak configuration and add cookie domain settings
- Add security utilities for rate limiting and validation
- Include comprehensive documentation for custom login implementation
- Add comprehensive logging to login and callback endpoints for debugging
- Configure cookie domain from environment variable for cross-subdomain support
- Update cookie security settings based on NODE_ENV
- Add Keycloak configuration validation with detailed error logging
- Add core Nuxt.js application structure with TypeScript
- Include Docker configuration and deployment guide
- Set up project scaffolding with pages, composables, and middleware
- Add environment configuration and Git ignore rules
