Danny Avila 0e9d42a60b 🔐 feat: Admin Auth. Routes with Secure Cross-Origin Token Exchange (#11297) ... * feat: implement admin authentication with OpenID & Local Auth proxy support * feat: implement admin OAuth exchange flow with caching support - Added caching for admin OAuth exchange codes with a short TTL. - Introduced new endpoints for generating and exchanging admin OAuth codes. - Updated relevant controllers and routes to handle admin panel redirects and token exchanges. - Enhanced logging for better traceability of OAuth operations. * refactor: enhance OpenID strategy mock to support multiple verify callbacks - Updated the OpenID strategy mock to store and retrieve verify callbacks by strategy name. - Improved backward compatibility by maintaining a method to get the last registered callback. - Adjusted tests to utilize the new callback retrieval methods, ensuring clarity in the verification process for the 'openid' strategy. * refactor: reorder import statements for better organization * refactor: admin OAuth flow with improved URL handling and validation - Added a utility function to retrieve the admin panel URL, defaulting to a local development URL if not set in the environment. - Updated the OAuth exchange endpoint to include validation for the authorization code format. - Refactored the admin panel redirect logic to handle URL parsing more robustly, ensuring accurate origin comparisons. - Removed redundant local URL definitions from the codebase for better maintainability. * refactor: remove deprecated requireAdmin middleware and migrate to TypeScript - Deleted the old requireAdmin middleware file and its references in the middleware index. - Introduced a new TypeScript version of the requireAdmin middleware with enhanced error handling and logging. - Updated routes to utilize the new requireAdmin middleware, ensuring consistent access control for admin routes. * feat: add requireAdmin middleware for admin role verification - Introduced requireAdmin middleware to enforce admin role checks for authenticated users. - Implemented comprehensive error handling and logging for unauthorized access attempts. - Added unit tests to validate middleware functionality and ensure proper behavior for different user roles. - Updated middleware index to include the new requireAdmin export.		2026-01-11 14:46:23 -05:00
..
agents	⏲️ feat: Defer Loading MCP Tools (#11270)	2026-01-10 20:26:01 -05:00
assistants	🔧 fix: Express v5 Optional chaining for endpoint retrieval in Assistants Controllers (#10946)	2025-12-12 14:04:28 -05:00
auth	🔐 feat: Admin Auth. Routes with Secure Cross-Origin Token Exchange (#11297)	2026-01-11 14:46:23 -05:00
AuthController.js	🍪 refactor: Move OpenID Tokens from Cookies to Server-Side Sessions (#11236)	2026-01-06 15:22:10 -05:00
Balance.js	🏗️ refactor: Extract DB layers to data-schemas for shared use (#7650)	2025-05-30 22:18:13 -04:00
EndpointController.js	✨ refactor: Integrate Capabilities into Agent File Uploads and Tool Handling (#5048)	2024-12-19 13:04:48 -05:00
FavoritesController.js	📌 feat: Pin Agents and Models in the Sidebar (#10634)	2025-12-11 16:38:20 -05:00
mcp.js	🔒 feat: Add MCP server domain restrictions for remote transports (#11013)	2025-12-18 13:57:49 -05:00
ModelController.js	🧹 chore: Cleanup Logger and Utility Imports (#9935)	2025-10-01 23:30:47 -04:00
PermissionsController.js	🏗️ feat: Dynamic MCP Server Infrastructure with Access Control (#10787)	2025-12-11 16:38:37 -05:00
PluginController.js	🧰 refactor: Decouple MCP Tools from System Tools (#9748)	2025-09-21 07:56:40 -04:00
PluginController.spec.js	🧰 refactor: Decouple MCP Tools from System Tools (#9748)	2025-09-21 07:56:40 -04:00
tools.js	🛜 refactor: Streamline App Config Usage (#9234)	2025-08-26 12:10:18 -04:00
TwoFactorController.js	🧵 refactor: Migrate Endpoint Initialization to TypeScript (#10794)	2025-12-11 16:37:16 -05:00
UserController.js	🏗️ feat: Dynamic MCP Server Infrastructure with Access Control (#10787)	2025-12-11 16:38:37 -05:00