- Add whitelist of valid actions to prevent arbitrary action values
- Fix error handling to properly detect database failures
Previously, any action value was accepted without validation, which could lead to unexpected behavior. The health check also incorrectly set dbOK to true when queries succeeded, now correctly sets it to false when errors occur.
The .sum exclusion was preventing version control of Go dependency checksums. Remove the pattern from .gitignore to allow go.sum to be committed while keeping generated binaries (.exe, .env, .db*) excluded.
The workflow previously ran `go get auth-proxy/src` to download the sqlite driver
separately before downloading dependencies. This step has been removed and replaced
with `go mod tidy`, which is the idiomatic Go approach for managing dependencies.
It ensures go.mod is properly formatted and removes unused dependencies, eliminating
the need for manual driver installation steps.
Add explicit go get for the auth-proxy/src package to ensure the
SQLite driver is available before running go mod download, fixing
dependency resolution during CI builds.
Change apiClientIP from string to sql.NullString to properly handle
NULL values from the database, preventing potential runtime errors
when the column contains NULL entries.
Update docs/security.md to reflect that the
/api/whitelist endpoints now accept both
IPv4 and IPv6 addresses, removing the
previous statement that IPv6 was unsupported.
Add .env and .env.local loading with InitEnv() helper that reads
environment variables from config files without overwriting existing
values.
Refactor SQL queries to use parameterized arguments instead of
string formatting for LIMIT/OFFSET clauses, improving query security
and preventing SQL injection vulnerabilities.
Clean up unnecessary rows.Close() calls and simplify error handling
in database query functions.
Fix new API endpoint `/api/whitelist/temp/list` to retrieve currently
active temporary whitelisted IPs. Also clean up trailing whitespace in
the permanent whitelist endpoint section.
- Correct "proxyway" typo in README
- Rewrite design.md to explain SQLite decision over in-memory map,
highlighting persistence, ACID transactions, and concurrent read
support via WAL mode
- Increase audit log rotation limit from 100k to 200k entries
- Remove Config parameter from authHandler and CheckAuth
- Add doc comments and extract helper functions for IP extraction
- Refactor database operations (addPerm, addTemp, delPerm)
- Add CIDR matching support in IsPermanentWhitelisted
- Add request struct for temporary whitelist handler
- Update route registrations to match new function signatures
Rename the 'entry' column to 'ip' throughout the database schema and
function signatures for clarity. This affects both the CREATE TABLE
statement and all INSERT queries in the audit_log table.
The parameter naming in AddPermanentEntry, DeletePermanentEntry, and
AddTempEntry functions has also been updated to reflect the more
specific 'ip' terminology. Corresponding log messages have been
adjusted to use 'temp ip' instead of 'temp entry' for consistency.
Rename the `entry` field to `ip` throughout the whitelist API for
clarity and consistency. This affects API request/response bodies,
path parameters, OpenAPI spec, documentation, and database queries
in the audit log endpoint.
- Add go vet and go test steps to CI workflow
- Update Dockerfile and CI build commands to target ./src
- Comment out build jobs for Linux and Windows
- Fix build paths across the workflow configuration
Update project structure to use a src/ directory layout and
improve documentation across multiple files.
- Update README.md build command to use ./src
- Add directory structure documentation
- Update status endpoint to include DB health status
- Add pagination support (limit/offset) to whitelist list endpoints
- Document new query parameters with examples
- Update deployment guide to mark API token as required
- Add testing instructions
- Clarify audit log rotation in design documentation
- Add IP validation in auth handler with detailed logging
- Implement apiKeyMiddleware helper for API key verification
- Add IP and CIDR validation for whitelist operations
- Support pagination for listing temp and permanent entries
- Add parsePagination helper to extract limit and offset
- Include comprehensive unit tests for IsIP, IsCIDR, and IPMatch
Remove the cidr column from the audit_log table schema and
update all INSERT statements to use the ip column instead,
aligning the field name with the actual data being stored.
Remove extraneous closing brace from nginx auth-proxy location block
that was causing syntax errors. Update documentation to reflect proper
UPPER_CASE naming convention for environment variables (AUTH_PROXY_*)
and correct the default database path from relative to absolute path.
Update reason field handling in auth.go and db.go to properly support
NULL values using sql.NullString. When inserting expired temp entries
and serializing logs to JSON, extract the string value to avoid
JSON marshaling issues with nullable fields.
Improve readability of SQL queries in db.go by formatting them
with consistent multi-line style. This change affects all database
operations including AddPermanentEntry, DeletePermanentEntry,
AddTempEntry, DeleteTempEntry, and CleanupExpiredTemp.
Also simplifies DeletePermanentEntry and DeleteTempEntry by removing
the RowsAffected() checks - audit logging is now executed unconditionally
regardless of whether rows were actually affected.
The proxy was forwarding the original Content-Length header to the
proxied service, which caused issues with request body processing.
Now setting it to an empty string to prevent nginx from passing the
original content-length value.
Move proxy_pass directive to correct position in nginx location block and
update proxy settings: enable request body forwarding (proxy_pass_request_body
on) and pass original Content-Length header (from $content_length variable)
instead of stripping it, ensuring auth-proxy receives full request payloads.
- Replace $%d placeholders with ? in logsHandler for database abstraction
- Remove unused argIndex variable in auth.go
- Log duplicate permanent whitelist insertions to audit_log in db.go
Use local caching for Docker builds in CI pipeline to simplify
configuration and improve build performance by storing cache
in /tmp/.buildx-cache instead of pushing to registry.
Enable registry-based caching for Docker builds by adding
--cache-from and --cache-to flags. This reuses cached layers
from previous builds to speed up build times and reduce network
usage.
- Change whitelist response format to use single `entry` field instead of `ip` + `reason`
- Update auth endpoint to return 204 No Content instead of 200 with body
- Add 405 Method Not Allowed response for auth endpoint
- Fix operationId for permanent whitelist endpoint (was `listTempWhitelist`)
- Add query parameters for logs endpoint: action, ip, limit, offset
- Update documentation in docs/api.md and openapi.yaml
Previously, errors from INSERT INTO audit_log were silently discarded using _, _, which
meant audit log failures could go unnoticed during add/delete/cleanup operations.
The changes now properly capture and return errors for permanent entry operations and
temporary entry operations, except for cleanupExpiredTemp which logs warnings instead
of failing the entire cleanup process when individual audit log entries fail.
The logsHandler now accepts query parameters to filter logs by action
and IP address, with support for pagination via limit and offset
parameters. Query parameters are safely bound to prepared statements
to prevent SQL injection, and pagination values are validated to
ensure they fall within acceptable ranges.
The `created_at` field is no longer needed in the result set,
so it was removed from the SELECT query to reduce data transfer
and simplify the response.
- Initialize list slices with make() to avoid nil slices in ListTempEntries and ListPermEntries
- Use strings.Contains() for uniqueness constraint checking to handle variations in error messages