colin
/
ATLAS
forked from Nixius/authelia
1
0
Fork 0
Code Pull Requests Activity
169 Commits 1 Branch 4 Tags 618 KiB
Commit Graph

16 Commits

Author SHA1 Message Date
Leopere f70250adc4
Pricing: add Month100 to useForm, TierPremium fallback, logging 
Made-with: Cursor
 2026-03-04 18:01:54 -05:00
Leopere 926ddc0356
Add password reset resend button with 1-min rate limit 
- Rate limiter per username (resend_ratelimit.go)
- handleResendReset accepts username or email, returns JSON
- Success page: Resend button with 60s cooldown from first send
- Activate page (NeedLogin): email input + Resend with cooldown

Made-with: Cursor
 2026-03-04 17:18:51 -05:00
Leopere 4ac4de9df2
Path-based routing, tiered pricing, customer details, Stripe MCP 
- Path-based routing: bc.a250.ca/login, /dashboard, /activate, etc.
- Tiered pricing: first 10 free (3mo), next 40 $20/yr->$100/mo, 51+ $200/mo
- Success page: instructs to check inbox for password + 2FA setup
- Messaging: LANDING_TAGLINE, LANDING_FEATURES env vars
- Domain validation: required, must resolve via DNS
- Customer details: phone required, sanitized email/phone, stored in LLDAP
- Stripe MCP: .cursor/mcp.json, stripe-setup.sh for products/prices
- Invoice webhook: migrate $20/yr subs to $100/mo on renewal

Made-with: Cursor
 2026-03-04 17:05:42 -05:00
Leopere 7e40fea6f3
Archive customer volumes on expiry, restore on resubscribe 
When a subscription is deleted, all Docker volumes for the customer
stack are tarred to /data/archives/{stackName}/ before the stack is
removed and volumes pruned. On resubscribe or reactivation, volumes
are restored from the archive before deploying the stack.

Made-with: Cursor
 2026-03-03 18:43:14 -05:00
Leopere bd84b0a578
Include remaining template and route changes 
Made-with: Cursor
 2026-03-03 18:11:38 -05:00
Leopere bbc828fa35
Fall back to LDAP group check when Authelia session is stale 
The Remote-Groups header reflects groups at login time. If a user was
added to 'customers' after logging in (via /activate), the dashboard
would show "No Active Subscription". Now checks LDAP directly as
fallback.

Made-with: Cursor
 2026-03-03 18:11:31 -05:00
Leopere 1f8f50d50b
Redirect paid-but-not-activated users from landing to /activate 
If a logged-in user has a Stripe customer ID but isn't in the customers
group yet, they've paid but haven't activated. Send them to /activate
instead of showing "No Active Subscription".

Made-with: Cursor
 2026-03-03 18:07:57 -05:00
Leopere 91c0411b90
Add /resend-reset endpoint so set-password button sends email directly 
The welcome page button was linking to Authelia's reset page which
requires an active login session. Now it POSTs to /resend-reset which
calls the Authelia API server-side and sends the email immediately.
Button text updated from "Reset Password" to "Set Password".

Made-with: Cursor
 2026-03-03 17:30:38 -05:00
Leopere aa1201560d
Show welcome page for any user not yet in customers group 
Previously, users already in LDAP but not yet activated (e.g. webhook
created the user, or lapsed sub) were redirected to the auth-gated
dashboard. Now only active customers (in 'customers' group) skip the
welcome page — everyone else sees onboarding with password reset.

Made-with: Cursor
 2026-03-03 17:20:21 -05:00
Leopere c7d19ed20d
Fix success page skipped due to webhook race condition 
The webhook was provisioning the user before the success page loaded,
causing IsNew=false and skipping the welcome/onboarding page entirely.

Now:
- Webhook only ensures user+stripe ID as a backstop (no password email)
- Success page is the sole owner of password reset + welcome flow
- Uses group membership (not IsNew) to distinguish new vs returning:
  if already in 'customers' group -> dashboard, otherwise -> welcome

Made-with: Cursor
 2026-03-03 17:16:48 -05:00
Leopere 677bef195f
Trigger Authelia password reset email on new user checkout 
The triggerPasswordReset function existed but was never called.
New users now receive a set-password email immediately after their
Stripe checkout completes.

Made-with: Cursor
 2026-03-03 17:13:37 -05:00
Leopere 6356cbb1da
Fix Destroy being immediately undone by dashboard auto-redeploy 
Dashboard was auto-deploying any missing stack on every page load.
This stomped on the Destroy action. Stack creation only happens at
activation and via explicit Start — not on dashboard render.

Made-with: Cursor
 2026-03-03 16:52:31 -05:00
Leopere 74a24ffe2a
Fix subscription status not showing Expiring for cancel_at_period_end subs 
- Also check sub.CancelAt > 0 (handles explicit cancel_at date, not just period-end)
- Fall back to item CurrentPeriodEnd for the display date since current_period_end
  moved off the top-level Subscription object in stripe-go v84

Made-with: Cursor
 2026-03-03 16:00:24 -05:00
Leopere b66dfa053e
Force auth on all customer stacks, migrate to swarm stack.yml 
- Remove public/private toggle — all customer stacks now always deploy
  behind authelia-auth middleware, no exceptions
- Remove ALLOW_CUSTOMER_STACK_AUTH_TOGGLE and CUSTOMER_STACK_REQUIRE_AUTH_DEFAULT
  config, env vars, routes, and UI
- Replace docker-compose.dev.yml + docker-compose.swarm-dev.yml with
  unified stack.yml for swarm deployment
- Various handler, ldap, stripe, swarm, and template additions from
  prior work sessions

Made-with: Cursor
 2026-03-03 15:51:25 -05:00
Leopere 6fcdd1262d
Bake git commit into Go binary for version traceability 
- Add internal/version package with ldflags-injected Commit/BuildTime
- Dockerfile accepts BUILD_COMMIT/BUILD_TIME args, passes via -ldflags
- Log version on startup, expose GET /version endpoint
- Show commit hash badge in bottom-right of landing + dashboard pages
- Deploy scripts gate on clean git tree and pass commit to build
- Remove staging files, misc config updates

Made-with: Cursor
 2026-03-03 12:51:12 -05:00
Leopere ac24f6d1dc
Add ss-atlas service, config updates, ignore IDE cruft 
Made-with: Cursor
 2026-03-03 11:21:03 -05:00