- Add IP validation in auth handler with detailed logging
- Implement apiKeyMiddleware helper for API key verification
- Add IP and CIDR validation for whitelist operations
- Support pagination for listing temp and permanent entries
- Add parsePagination helper to extract limit and offset
- Include comprehensive unit tests for IsIP, IsCIDR, and IPMatch
Remove the cidr column from the audit_log table schema and
update all INSERT statements to use the ip column instead,
aligning the field name with the actual data being stored.
Update reason field handling in auth.go and db.go to properly support
NULL values using sql.NullString. When inserting expired temp entries
and serializing logs to JSON, extract the string value to avoid
JSON marshaling issues with nullable fields.
Improve readability of SQL queries in db.go by formatting them
with consistent multi-line style. This change affects all database
operations including AddPermanentEntry, DeletePermanentEntry,
AddTempEntry, DeleteTempEntry, and CleanupExpiredTemp.
Also simplifies DeletePermanentEntry and DeleteTempEntry by removing
the RowsAffected() checks - audit logging is now executed unconditionally
regardless of whether rows were actually affected.
- Replace $%d placeholders with ? in logsHandler for database abstraction
- Remove unused argIndex variable in auth.go
- Log duplicate permanent whitelist insertions to audit_log in db.go
Previously, errors from INSERT INTO audit_log were silently discarded using _, _, which
meant audit log failures could go unnoticed during add/delete/cleanup operations.
The changes now properly capture and return errors for permanent entry operations and
temporary entry operations, except for cleanupExpiredTemp which logs warnings instead
of failing the entire cleanup process when individual audit log entries fail.
The `created_at` field is no longer needed in the result set,
so it was removed from the SELECT query to reduce data transfer
and simplify the response.
- Initialize list slices with make() to avoid nil slices in ListTempEntries and ListPermEntries
- Use strings.Contains() for uniqueness constraint checking to handle variations in error messages
Update ListPermEntries to return entry field instead of ip and
sort results by created_at. Update the handler in auth.go to call
ListPermEntries instead of ListTempEntries for the whitelist endpoint.
- Add GET /api/whitelist/perm/list to list permanent whitelisted entries
- Implement permWhitelistListHandler with API key verification
- Rename permanent_whitelist table to perm_whitelist for consistency
- Update default DB path from ./data to /data
- Comment out build job in CI/CD workflow
- Migrate IP-based temporary whitelisting from file to SQLite storage
- Add REST API endpoints for managing temporary and permanent whitelists
- Create `.env.example` with required environment variables
- Document API endpoints in README.md and docs/api.md
- Add new dependency `modernc.org/sqlite` for SQLite support
- Update deployment and security documentation