mirror of
https://github.com/knadh/listmonk.git
synced 2025-12-05 16:00:03 +01:00
Add CORS configuration to security settings.
This patch adds a new CORS config textbox in Settings -> Security that allows configuring CORS origin domains per line. Closes #2724
This commit is contained in:
Kailash Nadh
@@ -40,6 +40,14 @@ func initHTTPHandlers(e *echo.Echo, a *App) {
|
||||
e.DefaultHTTPErrorHandler(err, c)
|
||||
}
|
||||
|
||||
// Configure CORS middleware if domains are configured.
|
||||
if len(a.cfg.Security.CorsOrigins) > 0 {
|
||||
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
|
||||
AllowOrigins: a.cfg.Security.CorsOrigins,
|
||||
AllowHeaders: []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept},
|
||||
}))
|
||||
}
|
||||
|
||||
// =================================================================
|
||||
// Authenticated non /api handlers.
|
||||
{
|
||||
|
||||
@@ -117,6 +117,8 @@ type Config struct {
|
||||
Secret string `koanf:"secret"`
|
||||
} `koanf:"hcaptcha"`
|
||||
} `koanf:"captcha"`
|
||||
|
||||
CorsOrigins []string `koanf:"cors_origins"`
|
||||
} `koanf:"security"`
|
||||
|
||||
Appearance struct {
|
||||
|
||||
@@ -4,6 +4,7 @@ import (
|
||||
"bytes"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"runtime"
|
||||
"strings"
|
||||
@@ -256,6 +257,27 @@ func (a *App) UpdateSettings(c echo.Context) error {
|
||||
}
|
||||
set.DomainAllowlist = doms
|
||||
|
||||
// Validate and clean CORS domains.
|
||||
cors := make([]string, 0, len(set.SecurityCORSOrigins))
|
||||
for _, d := range set.SecurityCORSOrigins {
|
||||
if d = strings.TrimSpace(d); d != "" {
|
||||
if d == "*" {
|
||||
cors = append(cors, d)
|
||||
continue
|
||||
}
|
||||
|
||||
// Parse and validate the URL.
|
||||
u, err := url.Parse(d)
|
||||
if err != nil || (u.Scheme != "http" && u.Scheme != "https") || u.Host == "" {
|
||||
return echo.NewHTTPError(http.StatusBadRequest,
|
||||
a.i18n.Ts("globals.messages.invalidData")+": invalid CORS domain: "+d)
|
||||
}
|
||||
// Save clean scheme + host
|
||||
cors = append(cors, u.Scheme+"://"+u.Host)
|
||||
}
|
||||
}
|
||||
set.SecurityCORSOrigins = cors
|
||||
|
||||
// Validate slow query caching cron.
|
||||
if set.CacheSlowQueries {
|
||||
if _, err := cron.ParseStandard(set.CacheSlowQueriesInterval); err != nil {
|
||||
|
||||
@@ -42,6 +42,7 @@ var migList = []migFunc{
|
||||
{"v4.1.0", migrations.V4_1_0},
|
||||
{"v5.0.0", migrations.V5_0_0},
|
||||
{"v5.1.0", migrations.V5_1_0},
|
||||
{"v5.2.0", migrations.V5_2_0},
|
||||
}
|
||||
|
||||
// upgrade upgrades the database to the current version by running SQL migration files
|
||||
|
||||
@@ -131,7 +131,21 @@
|
||||
</b-field>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div><!-- captcha -->
|
||||
|
||||
<hr />
|
||||
|
||||
<!-- CORS -->
|
||||
<div class="columns">
|
||||
<div class="column is-12">
|
||||
<h3 class="is-size-6"><strong>CORS</strong></h3><br />
|
||||
<b-field :label="$t('settings.security.CORSDomains')" label-position="on-border"
|
||||
:message="$t('settings.security.CORSDomainsHelp')">
|
||||
<b-input v-model="corsDomains" name="cors_origins" type="textarea" rows="5"
|
||||
placeholder="https://example.com" />
|
||||
</b-field>
|
||||
</div>
|
||||
</div><!-- cors -->
|
||||
</div>
|
||||
</template>
|
||||
|
||||
@@ -161,6 +175,17 @@ export default Vue.extend({
|
||||
computed: {
|
||||
...mapState(['serverConfig', 'userRoles', 'listRoles']),
|
||||
|
||||
corsDomains: {
|
||||
get() {
|
||||
// Convert array to newline-separated string.
|
||||
const domains = this.data['security.cors_origins'];
|
||||
return domains && Array.isArray(domains) ? domains.join('\n') : '';
|
||||
},
|
||||
set(value) {
|
||||
this.$set(this.data, 'security.cors_origins', value.split('\n'));
|
||||
},
|
||||
},
|
||||
|
||||
captchaEnabled: {
|
||||
get() {
|
||||
return this.data['security.captcha'].altcha.enabled || this.data['security.captcha'].hcaptcha.enabled;
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Записване на IP адреса на opt-in",
|
||||
"settings.privacy.recordOptinIPHelp": "Записване на IP адреса на двойния opt-in в атрибутите на абоната.",
|
||||
"settings.restart": "Рестартиране",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Автоматично създаване на потребители",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Автоматично създаване на потребител при първо влизане, ако акаунтът не съществува.",
|
||||
"settings.security.OIDCClientID": "ID на клиент",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Registra l'adreça IP de l'opt-in",
|
||||
"settings.privacy.recordOptinIPHelp": "Registra l'adreça IP dels opt-ins dobles en els atributs del subscrit.",
|
||||
"settings.restart": "Reinicia",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Crea usuaris automàticament",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Crea automàticament un usuari en el primer inici de sessió si el compte no existeix.",
|
||||
"settings.security.OIDCClientID": "ID del client",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Zaznamenávat IP adresy pro opt-in",
|
||||
"settings.privacy.recordOptinIPHelp": "Zaznamenávat IP adresy pro dvojí opt-in v atributu odběratele.",
|
||||
"settings.restart": "Restartovat",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Automaticky vytvořit uživatele",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Automaticky vytvořit uživatele při prvním přihlášení, pokud účet neexistuje.",
|
||||
"settings.security.OIDCClientID": "ID klienta",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Cofnodi cyfeiriad IP dewis mewn",
|
||||
"settings.privacy.recordOptinIPHelp": "Cofnodi cyfeiriad IP ar bwyntio dwbl yn manylion tanysgrifiwr.",
|
||||
"settings.restart": "Ailgychwyn",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Creu defnyddwyr yn awtomatig",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Creu defnyddiwr yn awtomatig ar y mewngofnodi cyntaf os nad yw'r cyfrif yn bodoli.",
|
||||
"settings.security.OIDCClientID": "ID Cleient",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Optag opt-in IP-adresse",
|
||||
"settings.privacy.recordOptinIPHelp": "Optag IP-adressen for dobbelt opt-ins i abonnentattributter.",
|
||||
"settings.restart": "Genstart",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Opret automatisk brugere",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Opret automatisk bruger ved første login, hvis kontoen ikke eksisterer.",
|
||||
"settings.security.OIDCClientID": "Klient-ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Opt-in-IP-Adresse protokollieren",
|
||||
"settings.privacy.recordOptinIPHelp": "Protokollieren Sie die IP-Adresse der doppelten Einwilligung in den Abonnentenattributen.",
|
||||
"settings.restart": "Neustarten",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Benutzer automatisch erstellen",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Benutzer beim ersten Login automatisch erstellen, wenn das Konto nicht existiert.",
|
||||
"settings.security.OIDCClientID": "Client-ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Καταγραφή διεύθυνσης IP με τη συγκατάθεση",
|
||||
"settings.privacy.recordOptinIPHelp": "Καταγράψτε τη διεύθυνση IP της διπλής συγκατάθεσης στα χαρακτηριστικά των συνδρομητών.",
|
||||
"settings.restart": "Επανεκίννηση",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Αυτόματη δημιουργία χρηστών",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Δημιουργεί αυτόματα χρήστη κατά την πρώτη σύνδεση αν ο λογαριασμός δεν υπάρχει.",
|
||||
"settings.security.OIDCClientID": "Ταυτοποίηση πελάτη",
|
||||
|
||||
@@ -657,5 +657,7 @@
|
||||
"users.userRole": "User role | User roles",
|
||||
"users.userRoles": "User roles",
|
||||
"users.username": "Username",
|
||||
"users.usernameHelp": "Used with password login"
|
||||
"users.usernameHelp": "Used with password login",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended)."
|
||||
}
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Registra l'adreça IP de l'opt-in",
|
||||
"settings.privacy.recordOptinIPHelp": "Registra l'adreça IP dels opt-ins dobles en els atributs del subscrit.",
|
||||
"settings.restart": "Reinicia",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Aŭtomate krei uzantojn",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Aŭtomate krei uzanton ĉe la unua ensaluto se la konto ne ekzistas.",
|
||||
"settings.security.OIDCClientID": "Klient-ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Grabar dirección IP de inscripción",
|
||||
"settings.privacy.recordOptinIPHelp": "Registrar la dirección IP de doble inscripción en los atributos del suscriptor.",
|
||||
"settings.restart": "Reiniciar",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Creación automática de usuarios",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Crear automáticamente un usuario en el primer inicio de sesión si la cuenta no existe.",
|
||||
"settings.security.OIDCClientID": "ID del cliente",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Kirjaa tilauksen IP-osoite",
|
||||
"settings.privacy.recordOptinIPHelp": "Kirjaa varmennetun tilaajan IP-osoite tilaajan attribuutteihin.",
|
||||
"settings.restart": "Käynnistä uudelleen",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Luo käyttäjät automaattisesti",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Luo käyttäjä automaattisesti ensimmäisellä kirjautumiskerralla, jos tiliä ei ole olemassa.",
|
||||
"settings.security.OIDCClientID": "Asiakas-ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Enregistrer l'adresse IP d'inscription",
|
||||
"settings.privacy.recordOptinIPHelp": "Enregistre l'adresse IP des double opt-ins dans les attributs des abonnés.",
|
||||
"settings.restart": "Redémarrer",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Créer les utilisateurs automatiquement",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Créer automatiquement un utilisateur lors de la première connexion si le compte n'existe pas.",
|
||||
"settings.security.OIDCClientID": "ID client",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Enregistrer l'adresse IP d'inscription",
|
||||
"settings.privacy.recordOptinIPHelp": "Enregistre l'adresse IP des double opt-ins dans les attributs des abonnés.",
|
||||
"settings.restart": "Redémarrer",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Création automatique des utilisateurs",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Créer automatiquement un utilisateur lors de la première connexion si le compte n'existe pas.",
|
||||
"settings.security.OIDCClientID": "ID client",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "תצורת דין רישום IP הפעילה",
|
||||
"settings.privacy.recordOptinIPHelp": "תיחום כתובת ה־IP של רישום הפעילה החזקה במאפייני המנוי.",
|
||||
"settings.restart": "הפעלה מחדש",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "יצירת משתמשים אוטומטית",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "יצירת משתמש אוטומטית בעת ההתחברות הראשונה אם החשבון לא קיים.",
|
||||
"settings.security.OIDCClientID": "זהות לקוח (Client ID)",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "IP-cím rögzítésére feliratkozás",
|
||||
"settings.privacy.recordOptinIPHelp": "Az előfizető attribútumainak feljegyzésekor rögzítse a dupla opt-in IP címét.",
|
||||
"settings.restart": "Újraindítás",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Felhasználók automatikus létrehozása",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Felhasználó automatikus létrehozása az első bejelentkezéskor, ha a fiók nem létezik.",
|
||||
"settings.security.OIDCClientID": "Ügyfél-azonosító",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Registra l'indirizzo IP di consenso",
|
||||
"settings.privacy.recordOptinIPHelp": "Registra l'indirizzo IP dei doppi opt-in negli attributi dell'iscritto.",
|
||||
"settings.restart": "Riavviare",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Crea utenti automaticamente",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Crea automaticamente un utente al primo accesso se l’account non esiste.",
|
||||
"settings.security.OIDCClientID": "ID client",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "オプトインIPアドレスを記録する",
|
||||
"settings.privacy.recordOptinIPHelp": "購読者属性にダブルオプトインのIPアドレスを記録します。",
|
||||
"settings.restart": "再起動",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "ユーザーの自動作成",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "アカウントが存在しない場合、初回ログイン時にユーザーを自動作成します。",
|
||||
"settings.security.OIDCClientID": "クライアントID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "옵트인 IP 기록",
|
||||
"settings.privacy.recordOptinIPHelp": "더블 옵트인 시 구독자 속성에 IP 주소를 기록합니다.",
|
||||
"settings.restart": "재시작",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "사용자 자동 생성",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "계정이 없으면 첫 로그인 시 자동으로 사용자 생성.",
|
||||
"settings.security.OIDCClientID": "클라이언트 ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "ഓപ്റ്റ്-ഇന് IP വിലാസം രേഖപ്പെടുത്തൂ",
|
||||
"settings.privacy.recordOptinIPHelp": "ഡബിള് ഓപ്റ്റ് ഇന്സ് സബ്സ്ക്രൈബറുടെ വിവരഗണനയിലേക്ക് IP വിലാസം രേഖപ്പെടുത്തൂ.",
|
||||
"settings.restart": "പുനരാരംഭിയ്ക്കുക",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "ഉപയോക്താക്കൾ സ്വയം സൃഷ്ടിക്കുക",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "അക്കൗണ്ട് നിലവിലില്ലെങ്കിൽ ആദ്യ ലോഗിനിൽ സ്വയം ഉപയോക്താവിനെ സൃഷ്ടിക്കും.",
|
||||
"settings.security.OIDCClientID": "ക്ലയന്റ് ഐഡി",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Opt-in IP-adres registreren",
|
||||
"settings.privacy.recordOptinIPHelp": "IP-adres van dubbele opt-ins registreren bij abonnee-attributen.",
|
||||
"settings.restart": "Herstarten",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Gebruikers automatisch aanmaken",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Maak automatisch een gebruiker aan bij de eerste login als het account nog niet bestaat.",
|
||||
"settings.security.OIDCClientID": "Client ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Registrer opt-in IP-adresse",
|
||||
"settings.privacy.recordOptinIPHelp": "Registrer IP-adressen for dobbelt opt-ins i abonnentattributtene.",
|
||||
"settings.restart": "Start på nytt",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Opprett brukere automatisk",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Opprett automatisk bruker ved første pålogging hvis kontoen ikke eksisterer.",
|
||||
"settings.security.OIDCClientID": "Klient-ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Zapisz adres IP zgody na otrzymywanie",
|
||||
"settings.privacy.recordOptinIPHelp": "Zapisz adres IP podwójnej zgody na otrzymywanie w atrybutach subskrybenta.",
|
||||
"settings.restart": "Uruchom ponownie",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Automatyczne tworzenie użytkowników",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Automatycznie tworzy użytkownika przy pierwszym logowaniu, jeśli konto nie istnieje.",
|
||||
"settings.security.OIDCClientID": "ID klienta",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Registrar endereço IP de aceitação",
|
||||
"settings.privacy.recordOptinIPHelp": "Registrar o endereço IP de aceitação dupla nas atributos do assinante.",
|
||||
"settings.restart": "Reiniciar",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Criar usuários automaticamente",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Cria automaticamente o usuário no primeiro login se a conta não existir.",
|
||||
"settings.security.OIDCClientID": "ID do cliente",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Registrar endereço de IP de opt-in",
|
||||
"settings.privacy.recordOptinIPHelp": "Registrar o endereço IP de opt-ins duplos nos atributos do assinante.",
|
||||
"settings.restart": "Reiniciar",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Criar usuários automaticamente",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Criar usuário automaticamente no primeiro login se a conta não existir.",
|
||||
"settings.security.OIDCClientID": "ID do Cliente",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Înregistrare adresă IP de opt-in",
|
||||
"settings.privacy.recordOptinIPHelp": "Înregistrați adresa IP a confirmărilor duble în atributele abonaților.",
|
||||
"settings.restart": "Repornește",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Creare automată a utilizatorilor",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Creează automat utilizatorul la prima autentificare dacă contul nu există.",
|
||||
"settings.security.OIDCClientID": "ID client",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Записывать IP-адрес подтверждения подписки",
|
||||
"settings.privacy.recordOptinIPHelp": "Записывать IP-адрес двойных подтверждений в атрибуты подписчика.",
|
||||
"settings.restart": "Перезапустить",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Автоматическое создание пользователей",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Автоматически создаёт пользователя при первом входе, если аккаунт не существует.",
|
||||
"settings.security.OIDCClientID": "ID клиента",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Registrera opt-in-IP-adress",
|
||||
"settings.privacy.recordOptinIPHelp": "Registrera IP-adress för dubbelopt-in i prenumerationars attribut.",
|
||||
"settings.restart": "Starta om",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Skapa användare automatiskt",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Skapa automatiskt användare vid första inloggning om kontot inte finns.",
|
||||
"settings.security.OIDCClientID": "Klient-ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Zaznamenávať IP adresu opt-in",
|
||||
"settings.privacy.recordOptinIPHelp": "Zaznamenávať IP adresu pri dvojitej opt-in v atribútoch odberateľov.",
|
||||
"settings.restart": "Restarť",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Automaticky vytvárať používateľov",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Automaticky vytvoriť používateľa pri prvom prihlásení, ak účet neexistuje.",
|
||||
"settings.security.OIDCClientID": "ID klienta",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Zabeleži IP naslov za privolitev",
|
||||
"settings.privacy.recordOptinIPHelp": "Zabeleži naslov IP dvojne privolitve v atribute naročnika.",
|
||||
"settings.restart": "Ponovni zagon",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Samodejno ustvarjanje uporabnikov",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Samodejno ustvari uporabnika ob prvem prijavljanju, če račun ne obstaja.",
|
||||
"settings.security.OIDCClientID": "ID odjemalca",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Opt-in IP adresini kaydet",
|
||||
"settings.privacy.recordOptinIPHelp": "Çift onay aboneliklerinin IP adreslerini abone özelliklerinde kaydedin.",
|
||||
"settings.restart": "Yeniden başlat",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Kullanıcıları otomatik oluştur",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Hesap yoksa ilk girişte kullanıcıyı otomatik oluştur.",
|
||||
"settings.security.OIDCClientID": "İstemci Kimliği",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Записувати IP-адресу згоди",
|
||||
"settings.privacy.recordOptinIPHelp": "Додавати в атрибути підписни_ці IP-адресу подвійної згоди.",
|
||||
"settings.restart": "Перезапустити",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Автоматичне створення користувачів",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Автоматично створювати користувача при першому вході, якщо обліковий запис не існує.",
|
||||
"settings.security.OIDCClientID": "Ідентифікатор клієнта",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "Ghi lại IP đăng ký",
|
||||
"settings.privacy.recordOptinIPHelp": "Ghi lại địa chỉ IP của đăng ký kép vào thuộc tính của người đăng ký.",
|
||||
"settings.restart": "Khởi động lại",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "Tự động tạo người dùng",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "Tự động tạo người dùng khi đăng nhập lần đầu nếu tài khoản chưa tồn tại.",
|
||||
"settings.security.OIDCClientID": "Mã client ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "记录开通IP地址",
|
||||
"settings.privacy.recordOptinIPHelp": "在订阅者属性中记录双选订阅的IP地址。",
|
||||
"settings.restart": "重新开始",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "自动创建用户",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "如果账户不存在,首次登录时自动创建用户。",
|
||||
"settings.security.OIDCClientID": "客户端ID",
|
||||
|
||||
@@ -523,6 +523,8 @@
|
||||
"settings.privacy.recordOptinIP": "記錄訂閱同意的 IP 位址",
|
||||
"settings.privacy.recordOptinIPHelp": "在訂閱者屬性中記錄 double opt-ins 的 IP 位址。",
|
||||
"settings.restart": "重新開始",
|
||||
"settings.security.CORSDomains": "Allowed origins",
|
||||
"settings.security.CORSDomainsHelp": "Permit accessing API endpoints via browser Javascript from external domains. Enter one domain per line (e.g: https://example.com). Leave empty to disable CORS or add * to allow all (not recommended).",
|
||||
"settings.security.OIDCAutoCreateUsers": "自動建立使用者",
|
||||
"settings.security.OIDCAutoCreateUsersHelp": "若帳號不存在,首次登入時自動建立使用者。",
|
||||
"settings.security.OIDCClientID": "用戶端ID",
|
||||
|
||||
20
internal/migrations/v5.2.0.go
Normal file
20
internal/migrations/v5.2.0.go
Normal file
@@ -0,0 +1,20 @@
|
||||
package migrations
|
||||
|
||||
import (
|
||||
"log"
|
||||
|
||||
"github.com/jmoiron/sqlx"
|
||||
"github.com/knadh/koanf/v2"
|
||||
"github.com/knadh/stuffbin"
|
||||
)
|
||||
|
||||
func V5_2_0(db *sqlx.DB, fs stuffbin.FileSystem, ko *koanf.Koanf, lo *log.Logger) error {
|
||||
_, err := db.Exec(`
|
||||
INSERT INTO settings (key, value, updated_at) VALUES ('security.cors_origins', '[]', NOW()) ON CONFLICT (key) DO NOTHING
|
||||
`)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
@@ -62,6 +62,8 @@ type Settings struct {
|
||||
DefaultListRoleID null.Int `json:"default_list_role_id"`
|
||||
} `json:"security.oidc"`
|
||||
|
||||
SecurityCORSOrigins []string `json:"security.cors_origins"`
|
||||
|
||||
UploadProvider string `json:"upload.provider"`
|
||||
UploadExtensions []string `json:"upload.extensions"`
|
||||
UploadFilesystemUploadPath string `json:"upload.filesystem.upload_path"`
|
||||
|
||||
@@ -255,6 +255,7 @@ INSERT INTO settings (key, value) VALUES
|
||||
('privacy.record_optin_ip', 'false'),
|
||||
('security.captcha', '{"altcha": {"enabled": false, "complexity": 300000}, "hcaptcha": {"enabled": false, "key": "", "secret": ""}}'),
|
||||
('security.oidc', '{"enabled": false, "provider_url": "", "provider_name": "", "client_id": "", "client_secret": "", "auto_create_users": false, "default_user_role_id": null, "default_list_role_id": null}'),
|
||||
('security.cors_origins', '[]'),
|
||||
('upload.provider', '"filesystem"'),
|
||||
('upload.max_file_size', '5000'),
|
||||
('upload.extensions', '["jpg","jpeg","png","gif","svg","*"]'),
|
||||
|
||||
Reference in New Issue
Block a user