ophion

bigtux/ophion

Fork 0

Commit Graph

Author	SHA1	Message	Date
bigtux	547619a1a7	feat: Add JWT authentication and API key security - Add users table for dashboard authentication (email, password_hash, role) - Add api_keys table for agent authentication (key_hash, prefix, name) - Implement JWT auth with 24h expiration - Implement API key auth with SHA256 hashing - Add auth endpoints: POST /api/v1/auth/login, POST /api/v1/auth/register - Add API key endpoints: GET/POST/DELETE /api/v1/api-keys - Protect all /api/v1/* routes (except /health and /auth/*) - Create default admin user (admin@ophion.local) - First registered user automatically becomes admin - Use bcrypt for password hashing (cost 12) - Use SHA256 for API key hashing - Add security headers middleware	2026-02-06 14:37:04 -03:00
bigtux	a94809c812	🔐 Security hardening: auth, rate limiting, brute force protection - Add comprehensive security package with: - API Key generation and validation (SHA256 hash) - Password policy enforcement (min 12 chars, complexity) - Rate limiting with presets (auth, api, ingest, export) - Brute force protection (5 attempts, 15min lockout) - Security headers middleware - IP whitelisting - Audit logging structure - Secure token generation - Enhanced auth middleware: - JWT + API Key dual authentication - Token revocation via Redis - Scope-based authorization - Role-based access control - Updated installer with: - Interactive setup for client customization - Auto-generated secure credentials - Docker all-in-one image - Agent installer script - Added documentation: - SECURITY.md - Complete security guide - INSTALL.md - Installation guide - .env.example - Configuration reference	2026-02-05 23:02:06 -03:00
bigtux	5b662cf12f	feat: Initial OPHION structure - Go backend with Fiber framework - Agent for metrics collection - Docker Compose for self-hosted - Auth middleware (JWT + API Keys) - Rate limiting - Install script	2026-02-05 21:35:47 -03:00

Author

SHA1

Message

Date

bigtux

547619a1a7

feat: Add JWT authentication and API key security

- Add users table for dashboard authentication (email, password_hash, role)
- Add api_keys table for agent authentication (key_hash, prefix, name)
- Implement JWT auth with 24h expiration
- Implement API key auth with SHA256 hashing
- Add auth endpoints: POST /api/v1/auth/login, POST /api/v1/auth/register
- Add API key endpoints: GET/POST/DELETE /api/v1/api-keys
- Protect all /api/v1/* routes (except /health and /auth/*)
- Create default admin user (admin@ophion.local)
- First registered user automatically becomes admin
- Use bcrypt for password hashing (cost 12)
- Use SHA256 for API key hashing
- Add security headers middleware

2026-02-06 14:37:04 -03:00

bigtux

a94809c812

🔐 Security hardening: auth, rate limiting, brute force protection

- Add comprehensive security package with:
  - API Key generation and validation (SHA256 hash)
  - Password policy enforcement (min 12 chars, complexity)
  - Rate limiting with presets (auth, api, ingest, export)
  - Brute force protection (5 attempts, 15min lockout)
  - Security headers middleware
  - IP whitelisting
  - Audit logging structure
  - Secure token generation

- Enhanced auth middleware:
  - JWT + API Key dual authentication
  - Token revocation via Redis
  - Scope-based authorization
  - Role-based access control

- Updated installer with:
  - Interactive setup for client customization
  - Auto-generated secure credentials
  - Docker all-in-one image
  - Agent installer script

- Added documentation:
  - SECURITY.md - Complete security guide
  - INSTALL.md - Installation guide
  - .env.example - Configuration reference

2026-02-05 23:02:06 -03:00

bigtux

5b662cf12f

feat: Initial OPHION structure

- Go backend with Fiber framework
- Agent for metrics collection
- Docker Compose for self-hosted
- Auth middleware (JWT + API Keys)
- Rate limiting
- Install script

2026-02-05 21:35:47 -03:00

3 Commits