github/pocket-id
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2026-02-24 05:53:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: github:v1.8.0
Branches Tags
github:main github:i18n_crowdin github:chore/depot github:fix/callback-wildcard-matching github:feat/email-verification github:oidc-scopes github:default-env-db-keys github:slog-gorm
github:v2.3.0 github:v2.2.0 github:v2.1.0 github:v2.0.2 github:v2.0.1 github:v2.0.0 github:v1.16.0 github:v1.15.0 github:v1.14.2 github:v1.14.1 github:v1.14.0 github:v1.13.1 github:v1.13.0 github:v1.12.0 github:v1.11.2 github:v1.11.1 github:v1.11.0 github:v1.10.0 github:v1.9.1 github:v1.9.0 github:v1.8.1 github:v1.8.0 github:v1.7.0 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.0 github:v1.4.1 github:v1.4.0 github:v1.3.1 github:v1.3.0 github:v1.2.0 github:v1.1.0 github:v1.0.0 github:v0.53.0 github:v0.52.0 github:v0.51.1 github:v0.51.0 github:v0.50.0 github:v0.49.0 github:v0.48.0 github:v0.47.0 github:v0.46.0 github:v0.45.0 github:v0.44.0 github:v0.43.1 github:v0.43.0 github:v0.42.1 github:v0.42.0 github:v0.41.0 github:v0.40.1 github:v0.40.0 github:v0.39.0 github:v0.38.0 github:v0.37.0 github:v0.36.0 github:v0.35.6 github:v0.35.5 github:v0.35.4 github:v0.35.3 github:v0.35.2 github:v0.35.1 github:v0.35.0 github:v0.34.0 github:v0.33.0 github:v0.32.0 github:v0.31.0 github:v0.30.0 github:v0.29.0 github:v0.28.1 github:v0.28.0 github:v0.27.2 github:v0.27.1 github:v0.27.0 github:v0.26.0 github:v0.25.1 github:v0.25.0 github:v0.24.1 github:v0.24.0 github:v0.23.0 github:v0.22.0 github:v0.21.0 github:v0.20.1 github:v0.20.0 github:v0.19.0 github:v0.18.0 github:v0.17.0 github:v0.16.0 github:v0.15.0 github:v0.14.0 github:v0.13.1 github:v0.13.0 github:v0.12.0 github:v0.11.0 github:v0.10.0 github:v0.9.0 github:v0.8.1 github:v0.8.0 github:v0.7.1 github:v0.7.0 github:v0.6.0 github:v0.5.3 github:v0.5.2 github:v0.5.1 github:v0.5.0 github:v0.4.1 github:v0.4.0 github:v0.3.1 github:v0.3.0 github:v0.2.1 github:v0.2.0 github:v0.1.3 github:v0.1.2 github:v0.1.1 github:v0.1.0
...
compare: github:v1.9.1
Branches Tags
github:i18n_crowdin github:main github:chore/depot github:fix/callback-wildcard-matching github:feat/email-verification github:oidc-scopes github:default-env-db-keys github:slog-gorm
github:v2.3.0 github:v2.2.0 github:v2.1.0 github:v2.0.2 github:v2.0.1 github:v2.0.0 github:v1.16.0 github:v1.15.0 github:v1.14.2 github:v1.14.1 github:v1.14.0 github:v1.13.1 github:v1.13.0 github:v1.12.0 github:v1.11.2 github:v1.11.1 github:v1.11.0 github:v1.10.0 github:v1.9.1 github:v1.9.0 github:v1.8.1 github:v1.8.0 github:v1.7.0 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.0 github:v1.4.1 github:v1.4.0 github:v1.3.1 github:v1.3.0 github:v1.2.0 github:v1.1.0 github:v1.0.0 github:v0.53.0 github:v0.52.0 github:v0.51.1 github:v0.51.0 github:v0.50.0 github:v0.49.0 github:v0.48.0 github:v0.47.0 github:v0.46.0 github:v0.45.0 github:v0.44.0 github:v0.43.1 github:v0.43.0 github:v0.42.1 github:v0.42.0 github:v0.41.0 github:v0.40.1 github:v0.40.0 github:v0.39.0 github:v0.38.0 github:v0.37.0 github:v0.36.0 github:v0.35.6 github:v0.35.5 github:v0.35.4 github:v0.35.3 github:v0.35.2 github:v0.35.1 github:v0.35.0 github:v0.34.0 github:v0.33.0 github:v0.32.0 github:v0.31.0 github:v0.30.0 github:v0.29.0 github:v0.28.1 github:v0.28.0 github:v0.27.2 github:v0.27.1 github:v0.27.0 github:v0.26.0 github:v0.25.1 github:v0.25.0 github:v0.24.1 github:v0.24.0 github:v0.23.0 github:v0.22.0 github:v0.21.0 github:v0.20.1 github:v0.20.0 github:v0.19.0 github:v0.18.0 github:v0.17.0 github:v0.16.0 github:v0.15.0 github:v0.14.0 github:v0.13.1 github:v0.13.0 github:v0.12.0 github:v0.11.0 github:v0.10.0 github:v0.9.0 github:v0.8.1 github:v0.8.0 github:v0.7.1 github:v0.7.0 github:v0.6.0 github:v0.5.3 github:v0.5.2 github:v0.5.1 github:v0.5.0 github:v0.4.1 github:v0.4.0 github:v0.3.1 github:v0.3.0 github:v0.2.1 github:v0.2.0 github:v0.1.3 github:v0.1.2 github:v0.1.1 github:v0.1.0

20 Commits
v1.8.0 ... v1.9.1

Author SHA1 Message Date
Elias Schneider
74eb2ac0b9 release: 1.9.1 2025-08-24 23:17:31 +02:00
Elias Schneider
51222f5607 tests: add no tx wrap to unit tests 2025-08-24 23:16:49 +02:00
Elias Schneider
d6d1a4ced2 fix: sqlite migration drops allowed user groups 2025-08-24 23:07:50 +02:00
Elias Schneider
4b086cebcd release: 1.9.0 2025-08-24 20:54:03 +02:00
Alessandro (Ale) Segala
1f3550c9bd fix: ensure SQLite has a writable temporary directory (#876) 
Co-authored-by: Elias Schneider <login@eliasschneider.com>
 2025-08-24 20:50:51 +02:00
dependabot[bot]
912008b048 chore(deps): bump golang.org/x/oauth2 from 0.26.0 to 0.27.0 in /backend in the go_modules group across 1 directory (#879) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Elias Schneider <login@eliasschneider.com>
 2025-08-24 20:50:30 +02:00
Elias Schneider
5ad8b03831 chore(translations): update translations via Crowdin (#878) 2025-08-24 20:42:58 +02:00
Elias Schneider
c1e515a05f ci/cd: use matrix for e2e tests 2025-08-24 20:35:30 +02:00
Elias Schneider
654593b4b6 chore(migrations): use TEXT instead of VARCHAR for client ID 2025-08-24 20:22:06 +02:00
Elias Schneider
8999173aa0 ci/cd: fix playwright browsers not installed 2025-08-24 20:16:57 +02:00
Elias Schneider
10b087640f tests: fix postgres e2e tests (#877) 2025-08-24 19:15:26 +02:00
Elias Schneider
d0392d25ed fix: sort order incorrect for apps when using postgres 2025-08-24 19:08:33 +02:00
Elias Schneider
2ffc6ba42a fix: don't force uuid for client id in postgres 2025-08-24 18:29:41 +02:00
Elias Schneider
c114a2edaa feat: support automatic db migration rollbacks (#874) 2025-08-24 16:56:28 +02:00
Elias Schneider
63db4d5120 chore(migrations): add postgres down migration to 20250822000000 2025-08-24 15:30:18 +02:00
Elias Schneider
d8c73ed472 release: 1.8.1 2025-08-24 15:12:14 +02:00
Elias Schneider
5971bfbfa6 fix: migration clears allowed users groups 2025-08-24 15:05:45 +02:00
Alessandro (Ale) Segala
29eacd6424 chore: update issue template (#870) 2025-08-24 14:35:39 +02:00
Elias Schneider
21ca87be38 chore(translations): update translations via Crowdin (#860) 2025-08-24 14:34:44 +02:00
Alessandro (Ale) Segala
1283314f77 fix: wrong column type for reauthentication tokens in Postgres (#869) 2025-08-24 14:34:29 +02:00
107 changed files with 925 additions and 272 deletions
Expand all files Collapse all files

22
.github/ISSUE_TEMPLATE/bug.yml vendored
View File

@@ -36,13 +36,29 @@ body:
value: |
### Additional Information
- type: textarea
id: extra-information
id: version
validations:
required: true
attributes:
label: "Version and Environment"
description: "Please specify the version of Pocket ID, along with any environment-specific configurations, such your reverse proxy, that might be relevant."
label: "Pocket ID Version"
description: "Please specify the version of Pocket ID."
placeholder: "e.g., v0.24.1"
- type: textarea
id: database
validations:
required: true
attributes:
label: "Database"
description: "Please specify the database in use: SQLite or Postgres (including version)."
placeholder: "e.g., SQLite or Postgres 17"
- type: textarea
id: environment
validations:
required: true
attributes:
label: "OS and Environment"
description: "Please include the OS, whether you're using containers (Docker, Podman, etc) along with any environment-specific configurations, such your reverse proxy, that might be relevant."
placeholder: "e.g., Docker on Ubuntu 24.04, served using Traefik"
- type: textarea
id: log-files
validations:

141
.github/workflows/e2e-tests.yml vendored
View File

@@ -3,15 +3,15 @@ on:
push:
branches: [main]
paths-ignore:
- 'docs/**'
- '**.md'
- '.github/**'
- "docs/**"
- "**.md"
- ".github/**"
pull_request:
branches: [main]
paths-ignore:
- 'docs/**'
- '**.md'
- '.github/**'
- "docs/**"
- "**.md"
- ".github/**"
jobs:
build:
@@ -45,23 +45,29 @@ jobs:
path: /tmp/docker-image.tar
retention-days: 1
test-sqlite:
test:
if: github.event.pull_request.head.ref != 'i18n_crowdin'
permissions:
contents: read
actions: write
runs-on: ubuntu-latest
needs: build
strategy:
fail-fast: false
matrix:
db: [sqlite, postgres]
steps:
- uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 10
- uses: actions/setup-node@v4
with:
node-version: 22
cache: 'pnpm'
cache: "pnpm"
cache-dependency-path: pnpm-lock.yaml
- name: Cache Playwright Browsers
@@ -70,100 +76,8 @@ jobs:
with:
path: ~/.cache/ms-playwright
key: ${{ runner.os }}-playwright-${{ hashFiles('pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-playwright-
- name: Download Docker image artifact
uses: actions/download-artifact@v4
with:
name: docker-image
path: /tmp
- name: Load Docker image
run: docker load -i /tmp/docker-image.tar
- name: Cache LLDAP Docker image
uses: actions/cache@v3
id: lldap-cache
with:
path: /tmp/lldap-image.tar
key: lldap-stable-${{ runner.os }}
- name: Pull and save LLDAP image
if: steps.lldap-cache.outputs.cache-hit != 'true'
run: |
docker pull nitnelave/lldap:stable
docker save nitnelave/lldap:stable > /tmp/lldap-image.tar
- name: Load LLDAP image from cache
if: steps.lldap-cache.outputs.cache-hit == 'true'
run: docker load < /tmp/lldap-image.tar
- name: Install test dependencies
run: pnpm --filter pocket-id-tests install --frozen-lockfile
- name: Install Playwright Browsers
working-directory: ./tests
if: steps.playwright-cache.outputs.cache-hit != 'true'
run: pnpm dlx playwright install --with-deps chromium
- name: Run Docker Container with Sqlite DB and LDAP
working-directory: ./tests/setup
run: |
docker compose up -d
docker compose logs -f pocket-id &> /tmp/backend.log &
- name: Run Playwright tests
working-directory: tests
run: pnpm exec playwright test
- name: Upload Test Report
uses: actions/upload-artifact@v4
if: always() && github.event.pull_request.head.ref != 'i18n_crowdin'
with:
name: playwright-report-sqlite
path: tests/.report
include-hidden-files: true
retention-days: 15
- name: Upload Backend Test Report
uses: actions/upload-artifact@v4
if: always() && github.event.pull_request.head.ref != 'i18n_crowdin'
with:
name: backend-sqlite
path: /tmp/backend.log
include-hidden-files: true
retention-days: 15
test-postgres:
if: github.event.pull_request.head.ref != 'i18n_crowdin'
permissions:
contents: read
actions: write
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 10
- uses: actions/setup-node@v4
with:
node-version: 22
cache: 'pnpm'
cache-dependency-path: pnpm-lock.yaml
- name: Cache Playwright Browsers
uses: actions/cache@v3
id: playwright-cache
with:
path: ~/.cache/ms-playwright
key: ${{ runner.os }}-playwright-${{ hashFiles('pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-playwright-
- name: Cache PostgreSQL Docker image
if: matrix.db == 'postgres'
uses: actions/cache@v3
id: postgres-cache
with:
@@ -171,15 +85,14 @@ jobs:
key: postgres-17-${{ runner.os }}
- name: Pull and save PostgreSQL image
if: steps.postgres-cache.outputs.cache-hit != 'true'
if: matrix.db == 'postgres' && steps.postgres-cache.outputs.cache-hit != 'true'
run: |
docker pull postgres:17
docker save postgres:17 > /tmp/postgres-image.tar
- name: Load PostgreSQL image from cache
if: steps.postgres-cache.outputs.cache-hit == 'true'
if: matrix.db == 'postgres' && steps.postgres-cache.outputs.cache-hit == 'true'
run: docker load < /tmp/postgres-image.tar
- name: Cache LLDAP Docker image
uses: actions/cache@v3
id: lldap-cache
@@ -196,7 +109,6 @@ jobs:
- name: Load LLDAP image from cache
if: steps.lldap-cache.outputs.cache-hit == 'true'
run: docker load < /tmp/lldap-image.tar
- name: Download Docker image artifact
uses: actions/download-artifact@v4
with:
@@ -207,14 +119,21 @@ jobs:
run: docker load -i /tmp/docker-image.tar
- name: Install test dependencies
run: pnpm --filter pocket-id-tests install
run: pnpm --filter pocket-id-tests install --frozen-lockfile
- name: Install Playwright Browsers
working-directory: ./tests
if: steps.playwright-cache.outputs.cache-hit != 'true'
run: pnpm dlx playwright install --with-deps chromium
run: pnpm exec playwright install --with-deps chromium
- name: Run Docker Container (sqlite) with LDAP
if: matrix.db == 'sqlite'
working-directory: ./tests/setup
run: |
docker compose up -d
docker compose logs -f pocket-id &> /tmp/backend.log &
- name: Run Docker Container with Postgres DB and LDAP
- name: Run Docker Container (postgres) with LDAP
if: matrix.db == 'postgres'
working-directory: ./tests/setup
run: |
docker compose -f docker-compose-postgres.yml up -d
@@ -228,8 +147,8 @@ jobs:
uses: actions/upload-artifact@v4
if: always() && github.event.pull_request.head.ref != 'i18n_crowdin'
with:
name: playwright-report-postgres
path: frontend/tests/.report
name: playwright-report-${{ matrix.db }}
path: tests/.report
include-hidden-files: true
retention-days: 15
@@ -237,7 +156,7 @@ jobs:
uses: actions/upload-artifact@v4
if: always() && github.event.pull_request.head.ref != 'i18n_crowdin'
with:
name: backend-postgres
name: backend-${{ matrix.db }}
path: /tmp/backend.log
include-hidden-files: true
retention-days: 15

2
.version
View File

@@ -1 +1 @@
1.8.0
1.9.1

29
CHANGELOG.md
View File

@@ -1,3 +1,32 @@
## [](https://github.com/pocket-id/pocket-id/compare/v1.9.0...v) (2025-08-24)
### Bug Fixes
* sqlite migration drops allowed user groups ([d6d1a4c](https://github.com/pocket-id/pocket-id/commit/d6d1a4ced23886f255a9c2048d19ad3599a17f26))
## [](https://github.com/pocket-id/pocket-id/compare/v1.8.1...v) (2025-08-24)
### Features
* support automatic db migration rollbacks ([#874](https://github.com/pocket-id/pocket-id/issues/874)) ([c114a2e](https://github.com/pocket-id/pocket-id/commit/c114a2edaae4c007c75c34c02e8b0bb011845cae))
### Bug Fixes
* don't force uuid for client id in postgres ([2ffc6ba](https://github.com/pocket-id/pocket-id/commit/2ffc6ba42af4742a13b77543142b66b3e826ab88))
* ensure SQLite has a writable temporary directory ([#876](https://github.com/pocket-id/pocket-id/issues/876)) ([1f3550c](https://github.com/pocket-id/pocket-id/commit/1f3550c9bd3aafd3bd2272ef47f3ed8736037d81))
* sort order incorrect for apps when using postgres ([d0392d2](https://github.com/pocket-id/pocket-id/commit/d0392d25edcaa5f3c7da2aad70febf63b47763fa))
## [](https://github.com/pocket-id/pocket-id/compare/v1.8.0...v) (2025-08-24)
### Bug Fixes
* migration clears allowed users groups ([5971bfb](https://github.com/pocket-id/pocket-id/commit/5971bfbfa66ecfebf2b1c08d34fcbd8c18cdc046))
* wrong column type for reauthentication tokens in Postgres ([#869](https://github.com/pocket-id/pocket-id/issues/869)) ([1283314](https://github.com/pocket-id/pocket-id/commit/1283314f776a0ba43be7d796e7e2243e31f860de))
## [](https://github.com/pocket-id/pocket-id/compare/v1.7.0...v) (2025-08-23)

3
backend/go.mod
View File

@@ -74,6 +74,8 @@ require (
github.com/go-webauthn/x v0.1.23 // indirect
github.com/goccy/go-json v0.10.5 // indirect
github.com/golang-jwt/jwt/v5 v5.2.3 // indirect
github.com/google/go-github/v39 v39.2.0 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/go-tpm v0.9.5 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
@@ -132,6 +134,7 @@ require (
golang.org/x/arch v0.20.0 // indirect
golang.org/x/exp v0.0.0-20250813145105-42675adae3e6 // indirect
golang.org/x/net v0.43.0 // indirect
golang.org/x/oauth2 v0.27.0 // indirect
golang.org/x/sync v0.16.0 // indirect
golang.org/x/sys v0.35.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a // indirect

16
backend/go.sum
View File

@@ -95,11 +95,19 @@ github.com/golang-jwt/jwt/v5 v5.2.3 h1:kkGXqQOBSDDWRhWNXTFpqGSCMyh/PLnqUvMGJPDJD
github.com/golang-jwt/jwt/v5 v5.2.3/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/golang-migrate/migrate/v4 v4.18.3 h1:EYGkoOsvgHHfm5U/naS1RP/6PL/Xv3S4B/swMiAmDLs=
github.com/golang-migrate/migrate/v4 v4.18.3/go.mod h1:99BKpIi6ruaaXRM1A77eqZ+FWPQ3cfRa+ZVy5bmWMaY=
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/go-github/v39 v39.2.0 h1:rNNM311XtPOz5rDdsJXAp2o8F67X9FnROXTvto3aSnQ=
github.com/google/go-github/v39 v39.2.0/go.mod h1:C1s8C5aCC9L+JXIYpJM5GYytdX52vC1bLvHEF1IhBrE=
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
github.com/google/go-tpm v0.9.5 h1:ocUmnDebX54dnW+MQWGQRbdaAcJELsa6PqZhJ48KwVU=
github.com/google/go-tpm v0.9.5/go.mod h1:h9jEsEECg7gtLis0upRBQU+GhYVH6jMjrFxI8u6bVUY=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -319,6 +327,7 @@ go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
golang.org/x/arch v0.20.0 h1:dx1zTU0MAE98U+TQ8BLl7XsJbgze2WnNKF/8tGp/Q6c=
golang.org/x/arch v0.20.0/go.mod h1:bdwinDaKcfZUGpH09BB7ZmOfhalA8lQdzl62l8gGWsk=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
@@ -339,6 +348,7 @@ golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
@@ -352,6 +362,9 @@ golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.27.0 h1:da9Vo7/tDv5RH/7nZDz1eMGS/q1Vv1N/7FCrBhI9I3M=
golang.org/x/oauth2 v0.27.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -385,6 +398,7 @@ golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
@@ -406,6 +420,8 @@ golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxb
golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a h1:nwKuGPlUAt+aR+pcrkfFRrTU1BVrSmYyYMxYbUIVHr0=
google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a/go.mod h1:3kWAYMk1I75K4vykHtKt2ycnOgpA6974V7bREqbsenU=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a h1:51aaUVRocpvUOSQKM6Q7VuoaktNIaMCLuhZB6DKksq4=

141
backend/internal/bootstrap/db_bootstrap.go
View File

@@ -5,6 +5,8 @@ import (
"fmt"
"log/slog"
"net/url"
"os"
"path/filepath"
"strings"
"time"
@@ -13,6 +15,7 @@ import (
"github.com/golang-migrate/migrate/v4/database"
postgresMigrate "github.com/golang-migrate/migrate/v4/database/postgres"
sqliteMigrate "github.com/golang-migrate/migrate/v4/database/sqlite3"
_ "github.com/golang-migrate/migrate/v4/source/github"
"github.com/golang-migrate/migrate/v4/source/iofs"
slogGorm "github.com/orandin/slog-gorm"
"gorm.io/driver/postgres"
@@ -20,6 +23,7 @@ import (
gormLogger "gorm.io/gorm/logger"
"github.com/pocket-id/pocket-id/backend/internal/common"
"github.com/pocket-id/pocket-id/backend/internal/utils"
sqliteutil "github.com/pocket-id/pocket-id/backend/internal/utils/sqlite"
"github.com/pocket-id/pocket-id/backend/resources"
)
@@ -38,7 +42,9 @@ func NewDatabase() (db *gorm.DB, err error) {
var driver database.Driver
switch common.EnvConfig.DbProvider {
case common.DbProviderSqlite:
driver, err = sqliteMigrate.WithInstance(sqlDb, &sqliteMigrate.Config{})
driver, err = sqliteMigrate.WithInstance(sqlDb, &sqliteMigrate.Config{
NoTxWrap: true,
})
case common.DbProviderPostgres:
driver, err = postgresMigrate.WithInstance(sqlDb, &postgresMigrate.Config{})
default:
@@ -58,8 +64,9 @@ func NewDatabase() (db *gorm.DB, err error) {
}
func migrateDatabase(driver database.Driver) error {
// Use the embedded migrations
source, err := iofs.New(resources.FS, "migrations/"+string(common.EnvConfig.DbProvider))
// Embedded migrations via iofs
path := "migrations/" + string(common.EnvConfig.DbProvider)
source, err := iofs.New(resources.FS, path)
if err != nil {
return fmt.Errorf("failed to create embedded migration source: %w", err)
}
@@ -69,14 +76,66 @@ func migrateDatabase(driver database.Driver) error {
return fmt.Errorf("failed to create migration instance: %w", err)
}
err = m.Up()
if err != nil && !errors.Is(err, migrate.ErrNoChange) {
return fmt.Errorf("failed to apply migrations: %w", err)
requiredVersion, err := getRequiredMigrationVersion(path)
if err != nil {
return fmt.Errorf("failed to get last migration version: %w", err)
}
currentVersion, _, _ := m.Version()
if currentVersion > requiredVersion {
slog.Warn("Database version is newer than the application supports, possible downgrade detected", slog.Uint64("db_version", uint64(currentVersion)), slog.Uint64("app_version", uint64(requiredVersion)))
if !common.EnvConfig.AllowDowngrade {
return fmt.Errorf("database version (%d) is newer than application version (%d), downgrades are not allowed (set ALLOW_DOWNGRADE=true to enable)", currentVersion, requiredVersion)
}
slog.Info("Fetching migrations from GitHub to handle possible downgrades")
return migrateDatabaseFromGitHub(driver, requiredVersion)
}
if err := m.Migrate(requiredVersion); err != nil && !errors.Is(err, migrate.ErrNoChange) {
return fmt.Errorf("failed to apply embedded migrations: %w", err)
}
return nil
}
func migrateDatabaseFromGitHub(driver database.Driver, version uint) error {
srcURL := "github://pocket-id/pocket-id/backend/resources/migrations/" + string(common.EnvConfig.DbProvider)
m, err := migrate.NewWithDatabaseInstance(srcURL, "pocket-id", driver)
if err != nil {
return fmt.Errorf("failed to create GitHub migration instance: %w", err)
}
if err := m.Migrate(version); err != nil && !errors.Is(err, migrate.ErrNoChange) {
return fmt.Errorf("failed to apply GitHub migrations: %w", err)
}
return nil
}
// getRequiredMigrationVersion reads the embedded migration files and returns the highest version number found.
func getRequiredMigrationVersion(path string) (uint, error) {
entries, err := resources.FS.ReadDir(path)
if err != nil {
return 0, fmt.Errorf("failed to read migration directory: %w", err)
}
var maxVersion uint
for _, entry := range entries {
if entry.IsDir() {
continue
}
name := entry.Name()
var version uint
n, err := fmt.Sscanf(name, "%d_", &version)
if err == nil && n == 1 {
if version > maxVersion {
maxVersion = version
}
}
}
return maxVersion, nil
}
func connectDatabase() (db *gorm.DB, err error) {
var dialector gorm.Dialector
@@ -86,11 +145,20 @@ func connectDatabase() (db *gorm.DB, err error) {
if common.EnvConfig.DbConnectionString == "" {
return nil, errors.New("missing required env var 'DB_CONNECTION_STRING' for SQLite database")
}
sqliteutil.RegisterSqliteFunctions()
connString, err := parseSqliteConnectionString(common.EnvConfig.DbConnectionString)
connString, dbPath, err := parseSqliteConnectionString(common.EnvConfig.DbConnectionString)
if err != nil {
return nil, err
}
// Before we connect, also make sure that there's a temporary folder for SQLite to write its data
err = ensureSqliteTempDir(filepath.Dir(dbPath))
if err != nil {
return nil, err
}
dialector = sqlite.Open(connString)
case common.DbProviderPostgres:
if common.EnvConfig.DbConnectionString == "" {
@@ -120,7 +188,7 @@ func connectDatabase() (db *gorm.DB, err error) {
return nil, err
}
func parseSqliteConnectionString(connString string) (string, error) {
func parseSqliteConnectionString(connString string) (parsedConnString string, dbPath string, err error) {
if !strings.HasPrefix(connString, "file:") {
connString = "file:" + connString
}
@@ -131,7 +199,7 @@ func parseSqliteConnectionString(connString string) (string, error) {
// Parse the connection string
connStringUrl, err := url.Parse(connString)
if err != nil {
return "", fmt.Errorf("failed to parse SQLite connection string: %w", err)
return "", "", fmt.Errorf("failed to parse SQLite connection string: %w", err)
}
// Convert options for the old SQLite driver to the new one
@@ -140,10 +208,19 @@ func parseSqliteConnectionString(connString string) (string, error) {
// Add the default and required params
err = addSqliteDefaultParameters(connStringUrl, isMemoryDB)
if err != nil {
return "", fmt.Errorf("invalid SQLite connection string: %w", err)
return "", "", fmt.Errorf("invalid SQLite connection string: %w", err)
}
return connStringUrl.String(), nil
// Get the absolute path to the database
// Here, we know for a fact that the ? is present
parsedConnString = connStringUrl.String()
idx := strings.IndexRune(parsedConnString, '?')
dbPath, err = filepath.Abs(parsedConnString[len("file:"):idx])
if err != nil {
return "", "", fmt.Errorf("failed to determine absolute path to the database: %w", err)
}
return parsedConnString, dbPath, nil
}
// The official C implementation of SQLite allows some additional properties in the connection string
@@ -296,6 +373,48 @@ func isSqliteInMemory(connString string) bool {
return len(qs["mode"]) > 0 && qs["mode"][0] == "memory"
}
// ensureSqliteTempDir ensures that SQLite has a directory where it can write temporary files if needed
// The default directory may not be writable when using a container with a read-only root file system
// See: https://www.sqlite.org/tempfiles.html
func ensureSqliteTempDir(dbPath string) error {
// Per docs, SQLite tries these folders in order (excluding those that aren't applicable to us):
//
// - The SQLITE_TMPDIR environment variable
// - The TMPDIR environment variable
// - /var/tmp
// - /usr/tmp
// - /tmp
//
// Source: https://www.sqlite.org/tempfiles.html#temporary_file_storage_locations
//
// First, let's check if SQLITE_TMPDIR or TMPDIR are set, in which case we trust the user has taken care of the problem already
if os.Getenv("SQLITE_TMPDIR") != "" || os.Getenv("TMPDIR") != "" {
return nil
}
// Now, let's check if /var/tmp, /usr/tmp, or /tmp exist and are writable
for _, dir := range []string{"/var/tmp", "/usr/tmp", "/tmp"} {
ok, err := utils.IsWritableDir(dir)
if err != nil {
return fmt.Errorf("failed to check if %s is writable: %w", dir, err)
}
if ok {
// We found a folder that's writable
return nil
}
}
// If we're here, there's no temporary directory that's writable (not unusual for containers with a read-only root file system), so we set SQLITE_TMPDIR to the folder where the SQLite database is set
err := os.Setenv("SQLITE_TMPDIR", dbPath)
if err != nil {
return fmt.Errorf("failed to set SQLITE_TMPDIR environmental variable: %w", err)
}
slog.Debug("Set SQLITE_TMPDIR to the database directory", "path", dbPath)
return nil
}
func getGormLogger() gormLogger.Interface {
loggerOpts := make([]slogGorm.Option, 0, 5)
loggerOpts = append(loggerOpts,

2
backend/internal/common/env_config.go
View File

@@ -52,6 +52,7 @@ type EnvConfigSchema struct {
LogJSON bool `env:"LOG_JSON"`
TrustProxy bool `env:"TRUST_PROXY"`
AnalyticsDisabled bool `env:"ANALYTICS_DISABLED"`
AllowDowngrade bool `env:"ALLOW_DOWNGRADE"`
}
var EnvConfig = defaultConfig()
@@ -87,6 +88,7 @@ func defaultConfig() EnvConfigSchema {
TracingEnabled: false,
TrustProxy: false,
AnalyticsDisabled: false,
AllowDowngrade: false,
}
}

6
backend/internal/service/e2etest_service.go
View File

@@ -343,7 +343,7 @@ func (s *TestService) SeedDatabase(baseURL string) error {
},
{
Base: model.Base{
ID: "b2c3d4e5-f6g7-8901-bcde-f12345678901",
ID: "dc3c9c96-714e-48eb-926e-2d7c7858e6cf",
},
Token: "PARTIAL567890ABC",
ExpiresAt: datatype.DateTime(time.Now().Add(7 * 24 * time.Hour)),
@@ -352,7 +352,7 @@ func (s *TestService) SeedDatabase(baseURL string) error {
},
{
Base: model.Base{
ID: "c3d4e5f6-g7h8-9012-cdef-123456789012",
ID: "44de1863-ffa5-4db1-9507-4887cd7a1e3f",
},
Token: "EXPIRED34567890B",
ExpiresAt: datatype.DateTime(time.Now().Add(-24 * time.Hour)), // Expired
@@ -361,7 +361,7 @@ func (s *TestService) SeedDatabase(baseURL string) error {
},
{
Base: model.Base{
ID: "d4e5f6g7-h8i9-0123-def0-234567890123",
ID: "f1b1678b-7720-4d8b-8f91-1dbff1e2d02b",
},
Token: "FULLYUSED567890C",
ExpiresAt: datatype.DateTime(time.Now().Add(24 * time.Hour)),

5
backend/internal/service/oidc_service.go
View File

@@ -1379,8 +1379,7 @@ func (s *OidcService) ListAccessibleOidcClients(ctx context.Context, userID stri
query := tx.
WithContext(ctx).
Model(&model.OidcClient{}).
Preload("UserAuthorizedOidcClients", "user_id = ?", userID).
Distinct()
Preload("UserAuthorizedOidcClients", "user_id = ?", userID)
// If user has no groups, only return clients with no allowed user groups
if len(userGroupIDs) == 0 {
@@ -1401,7 +1400,7 @@ func (s *OidcService) ListAccessibleOidcClients(ctx context.Context, userID stri
if sortedPaginationRequest.Sort.Column == "lastUsedAt" && utils.IsValidSortDirection(sortedPaginationRequest.Sort.Direction) {
query = query.
Joins("LEFT JOIN user_authorized_oidc_clients ON oidc_clients.id = user_authorized_oidc_clients.client_id AND user_authorized_oidc_clients.user_id = ?", userID).
Order("user_authorized_oidc_clients.last_used_at " + sortedPaginationRequest.Sort.Direction)
Order("user_authorized_oidc_clients.last_used_at " + sortedPaginationRequest.Sort.Direction + " NULLS LAST")
}
response, err = utils.PaginateAndSort(sortedPaginationRequest, query, &clients)

41
backend/internal/utils/file_util.go
View File

@@ -1,12 +1,15 @@
package utils
import (
"crypto/rand"
"encoding/hex"
"errors"
"fmt"
"io"
"mime/multipart"
"os"
"path/filepath"
"syscall"
"github.com/google/uuid"
"github.com/pocket-id/pocket-id/backend/resources"
@@ -136,3 +139,41 @@ func FileExists(path string) (bool, error) {
}
return !s.IsDir(), nil
}
// IsWritableDir checks if a directory exists and is writable
func IsWritableDir(dir string) (bool, error) {
// Check if directory exists and it's actually a directory
info, err := os.Stat(dir)
if os.IsNotExist(err) {
return false, nil
} else if err != nil {
return false, fmt.Errorf("failed to stat '%s': %w", dir, err)
}
if !info.IsDir() {
return false, nil
}
// Generate a random suffix for the test file to avoid conflicts
randomBytes := make([]byte, 8)
_, err = io.ReadFull(rand.Reader, randomBytes)
if err != nil {
return false, fmt.Errorf("failed to generate random bytes: %w", err)
}
// Check if directory is writable by trying to create a temporary file
testFile := filepath.Join(dir, ".pocketid_test_write_"+hex.EncodeToString(randomBytes))
defer os.Remove(testFile)
file, err := os.Create(testFile)
if err != nil {
if os.IsPermission(err) || errors.Is(err, syscall.EROFS) {
return false, nil
}
return false, fmt.Errorf("failed to create test file: %w", err)
}
_ = file.Close()
return true, nil
}

6
backend/internal/utils/testing/database.go
View File

@@ -55,7 +55,9 @@ func NewDatabaseForTest(t *testing.T) *gorm.DB {
// Perform migrations with the embedded migrations
sqlDB, err := db.DB()
require.NoError(t, err, "Failed to get sql.DB")
driver, err := sqliteMigrate.WithInstance(sqlDB, &sqliteMigrate.Config{})
driver, err := sqliteMigrate.WithInstance(sqlDB, &sqliteMigrate.Config{
NoTxWrap: true,
})
require.NoError(t, err, "Failed to create migration driver")
source, err := iofs.New(resources.FS, "migrations/sqlite")
require.NoError(t, err, "Failed to create embedded migration source")
@@ -63,6 +65,8 @@ func NewDatabaseForTest(t *testing.T) *gorm.DB {
require.NoError(t, err, "Failed to create migration instance")
err = m.Up()
require.NoError(t, err, "Failed to perform migrations")
_, err = sqlDB.Exec("PRAGMA foreign_keys = OFF;")
require.NoError(t, err, "Failed to disable foreign keys")
return db
}

2
backend/resources/migrations/postgres/20250814121300_requires_reauthentication.up.sql
View File

@@ -5,7 +5,7 @@ CREATE TABLE reauthentication_tokens (
created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
token TEXT NOT NULL UNIQUE,
expires_at TIMESTAMPTZ NOT NULL,
user_id TEXT NOT NULL REFERENCES users ON DELETE CASCADE
user_id uuid NOT NULL REFERENCES users ON DELETE CASCADE
);
CREATE INDEX idx_reauthentication_tokens_token ON reauthentication_tokens(token);

8
backend/resources/migrations/postgres/20250822000000_foreign_keys_improvements.down.sql
View File

@@ -1 +1,7 @@
-- No-op
ALTER TABLE public.audit_logs
DROP CONSTRAINT IF EXISTS audit_logs_user_id_fkey,
ADD CONSTRAINT audit_logs_user_id_fkey
FOREIGN KEY (user_id) REFERENCES public.users (id);
ALTER TABLE public.oidc_authorization_codes
DROP CONSTRAINT IF EXISTS oidc_authorization_codes_client_fk;

1
backend/resources/migrations/postgres/20250824164821_client_id_type.down.sql Normal file
View File

@@ -0,0 +1 @@
-- No-op because strings can't be converted to UUIDs

57
backend/resources/migrations/postgres/20250824164821_client_id_type.up.sql Normal file
View File

@@ -0,0 +1,57 @@
-- Drop foreign keys that reference oidc_clients(id)
ALTER TABLE oidc_authorization_codes
DROP CONSTRAINT IF EXISTS oidc_authorization_codes_client_fk;
ALTER TABLE user_authorized_oidc_clients
DROP CONSTRAINT IF EXISTS user_authorized_oidc_clients_client_id_fkey;
ALTER TABLE oidc_refresh_tokens
DROP CONSTRAINT IF EXISTS oidc_refresh_tokens_client_id_fkey;
ALTER TABLE oidc_device_codes
DROP CONSTRAINT IF EXISTS oidc_device_codes_client_id_fkey;
ALTER TABLE oidc_clients_allowed_user_groups
DROP CONSTRAINT IF EXISTS oidc_clients_allowed_user_groups_oidc_client_id_fkey;
-- Alter child columns to TEXT
ALTER TABLE oidc_authorization_codes
ALTER COLUMN client_id TYPE TEXT USING client_id::text;
ALTER TABLE user_authorized_oidc_clients
ALTER
COLUMN client_id TYPE TEXT USING client_id::text;
ALTER TABLE oidc_refresh_tokens
ALTER
COLUMN client_id TYPE TEXT USING client_id::text;
ALTER TABLE oidc_device_codes
ALTER
COLUMN client_id TYPE TEXT USING client_id::text;
ALTER TABLE oidc_clients_allowed_user_groups
ALTER
COLUMN oidc_client_id TYPE TEXT USING oidc_client_id::text;
-- Alter parent primary key column to TEXT
ALTER TABLE oidc_clients
ALTER
COLUMN id TYPE TEXT USING id::text;
-- Recreate foreign keys with the new type
ALTER TABLE oidc_authorization_codes
ADD CONSTRAINT oidc_authorization_codes_client_fk
FOREIGN KEY (client_id) REFERENCES oidc_clients (id) ON DELETE CASCADE;
ALTER TABLE user_authorized_oidc_clients
ADD CONSTRAINT user_authorized_oidc_clients_client_id_fkey
FOREIGN KEY (client_id) REFERENCES oidc_clients (id) ON DELETE CASCADE;
ALTER TABLE oidc_refresh_tokens
ADD CONSTRAINT oidc_refresh_tokens_client_id_fkey
FOREIGN KEY (client_id) REFERENCES oidc_clients (id) ON DELETE CASCADE;
ALTER TABLE oidc_device_codes
ADD CONSTRAINT oidc_device_codes_client_id_fkey
FOREIGN KEY (client_id) REFERENCES oidc_clients (id) ON DELETE CASCADE;
ALTER TABLE oidc_clients_allowed_user_groups
ADD CONSTRAINT oidc_clients_allowed_user_groups_oidc_client_id_fkey
FOREIGN KEY (oidc_client_id) REFERENCES oidc_clients (id) ON DELETE CASCADE;

6
backend/resources/migrations/sqlite/20240731203656_init.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE users
(
id TEXT NOT NULL PRIMARY KEY,
@@ -77,4 +79,6 @@ CREATE TABLE application_configuration_variables
type TEXT NOT NULL,
is_public NUMERIC DEFAULT FALSE NOT NULL,
is_internal NUMERIC DEFAULT FALSE NOT NULL
);
);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240813211251_passkey_backup_flags..up.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE webauthn_credentials ADD COLUMN backup_eligible BOOLEAN NOT NULL DEFAULT FALSE;
ALTER TABLE webauthn_credentials ADD COLUMN backup_state BOOLEAN NOT NULL DEFAULT FALSE;
ALTER TABLE webauthn_credentials ADD COLUMN backup_state BOOLEAN NOT NULL DEFAULT FALSE;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240813211251_passkey_backup_flags.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE webauthn_credentials DROP COLUMN backup_eligible;
ALTER TABLE webauthn_credentials DROP COLUMN backup_state;
ALTER TABLE webauthn_credentials DROP COLUMN backup_state;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240817191051_rename_config_table.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE app_config_variables
RENAME TO application_configuration_variables;
RENAME TO application_configuration_variables;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240817191051_rename_config_table.up.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE application_configuration_variables
RENAME TO app_config_variables;
RENAME TO app_config_variables;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240820205521_multiple_callback_urls.down.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
create table oidc_clients
(
id TEXT not null primary key,
@@ -20,4 +22,6 @@ select id,
created_by_id
from oidc_clients_dg_tmp;
drop table oidc_clients_dg_tmp;
drop table oidc_clients_dg_tmp;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240820205521_multiple_callback_urls.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
create table oidc_clients_dg_tmp
(
id TEXT not null primary key,
@@ -23,4 +25,6 @@ from oidc_clients;
drop table oidc_clients;
alter table oidc_clients_dg_tmp
rename to oidc_clients;
rename to oidc_clients;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240908123031_audit_log.down.sql
View File

@@ -1 +1,5 @@
DROP TABLE audit_logs;
PRAGMA foreign_keys=OFF;
BEGIN;
DROP TABLE audit_logs;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240908123031_audit_log.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE audit_logs
(
id TEXT NOT NULL PRIMARY KEY,
@@ -7,4 +9,6 @@ CREATE TABLE audit_logs
user_agent TEXT NOT NULL,
data BLOB NOT NULL,
user_id TEXT REFERENCES users
);
);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240924202721_user_groups.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
DROP TABLE user_groups;
DROP TABLE user_groups_users;
DROP TABLE user_groups_users;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20240924202721_user_groups.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE user_groups
(
id TEXT NOT NULL PRIMARY KEY,
@@ -13,4 +15,6 @@ CREATE TABLE user_groups_users
PRIMARY KEY (user_id, user_group_id),
FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE,
FOREIGN KEY (user_group_id) REFERENCES user_groups (id) ON DELETE CASCADE
);
);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241004092030_audit_log_location.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE audit_logs DROP COLUMN country;
ALTER TABLE audit_logs DROP COLUMN city;
ALTER TABLE audit_logs DROP COLUMN city;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241004092030_audit_log_location.up.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE audit_logs ADD COLUMN country TEXT;
ALTER TABLE audit_logs ADD COLUMN city TEXT;
ALTER TABLE audit_logs ADD COLUMN city TEXT;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241023072742_unix-timestamps.down.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
-- Convert the Unix timestamps back to DATETIME format
UPDATE user_groups
@@ -25,4 +27,6 @@ SET created_at = datetime(created_at, 'unixepoch');
UPDATE webauthn_sessions
SET created_at = datetime(created_at, 'unixepoch'),
expires_at = datetime(expires_at, 'unixepoch');
expires_at = datetime(expires_at, 'unixepoch');
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241023072742_unix-timestamps.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
-- Convert the DATETIME fields to Unix timestamps (in seconds)
UPDATE user_groups
SET created_at = strftime('%s', created_at);
@@ -24,4 +26,6 @@ SET created_at = strftime('%s', created_at);
UPDATE webauthn_sessions
SET created_at = strftime('%s', created_at),
expires_at = strftime('%s', expires_at);
expires_at = strftime('%s', expires_at);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241025214824_app_config_default_value.down.sql
View File

@@ -1 +1,5 @@
ALTER TABLE app_config_variables DROP COLUMN default_value;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE app_config_variables DROP COLUMN default_value;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241025214824_app_config_default_value.up.sql
View File

@@ -1 +1,5 @@
ALTER TABLE app_config_variables ADD COLUMN default_value TEXT;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE app_config_variables ADD COLUMN default_value TEXT;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241028064959_custom_claims.down.sql
View File

@@ -1 +1,5 @@
DROP TABLE custom_claims;
PRAGMA foreign_keys=OFF;
BEGIN;
DROP TABLE custom_claims;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241028064959_custom_claims.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE custom_claims
(
id TEXT NOT NULL PRIMARY KEY,
@@ -12,4 +14,6 @@ CREATE TABLE custom_claims
CONSTRAINT custom_claims_unique UNIQUE (key, user_id, user_group_id),
CHECK (user_id IS NOT NULL OR user_group_id IS NOT NULL)
);
);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241115131129_pkce.down.sql
View File

@@ -1,3 +1,7 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_authorization_codes DROP COLUMN code_challenge;
ALTER TABLE oidc_authorization_codes DROP COLUMN code_challenge_method_sha256;
ALTER TABLE oidc_clients DROP COLUMN is_public;
ALTER TABLE oidc_clients DROP COLUMN is_public;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20241115131129_pkce.up.sql
View File

@@ -1,3 +1,7 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_authorization_codes ADD COLUMN code_challenge TEXT;
ALTER TABLE oidc_authorization_codes ADD COLUMN code_challenge_method_sha256 NUMERIC;
ALTER TABLE oidc_clients ADD COLUMN is_public BOOLEAN DEFAULT FALSE;
ALTER TABLE oidc_clients ADD COLUMN is_public BOOLEAN DEFAULT FALSE;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250103145821_pkce_column.down.sql
View File

@@ -1 +1,5 @@
ALTER TABLE oidc_clients DROP COLUMN pkce_enabled;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients DROP COLUMN pkce_enabled;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250103145821_pkce_column.up.sql
View File

@@ -1 +1,5 @@
ALTER TABLE oidc_clients ADD COLUMN pkce_enabled BOOLEAN DEFAULT FALSE;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients ADD COLUMN pkce_enabled BOOLEAN DEFAULT FALSE;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250115155817_ldap.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE users DROP COLUMN ldap_id;
ALTER TABLE user_groups DROP COLUMN ldap_id;
ALTER TABLE user_groups DROP COLUMN ldap_id;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250115155817_ldap.up.sql
View File

@@ -1,5 +1,9 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE users ADD COLUMN ldap_id TEXT;
ALTER TABLE user_groups ADD COLUMN ldap_id TEXT;
CREATE UNIQUE INDEX users_ldap_id ON users (ldap_id);
CREATE UNIQUE INDEX user_groups_ldap_id ON user_groups (ldap_id);
CREATE UNIQUE INDEX user_groups_ldap_id ON user_groups (ldap_id);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250118180712_rename_email_config_variable.down.sql
View File

@@ -1 +1,5 @@
UPDATE app_config_variables SET key = 'emailEnabled' WHERE key = 'emailLoginNotificationEnabled';
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE app_config_variables SET key = 'emailEnabled' WHERE key = 'emailLoginNotificationEnabled';
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250118180712_rename_email_config_variable.up.sql
View File

@@ -1 +1,5 @@
UPDATE app_config_variables SET key = 'emailLoginNotificationEnabled' WHERE key = 'emailEnabled';
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE app_config_variables SET key = 'emailLoginNotificationEnabled' WHERE key = 'emailEnabled';
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250120102531_fix_empty_ldap_id_string.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE users SET ldap_id = '' WHERE ldap_id IS NULL;
UPDATE user_groups SET ldap_id = '' WHERE ldap_id IS NULL;
UPDATE user_groups SET ldap_id = '' WHERE ldap_id IS NULL;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250120102531_fix_empty_ldap_id_string.up.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE users SET ldap_id = null WHERE ldap_id = '';
UPDATE user_groups SET ldap_id = null WHERE ldap_id = '';
UPDATE user_groups SET ldap_id = null WHERE ldap_id = '';
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250131154719_oidc_user_group_restriction.down.sql
View File

@@ -1 +1,5 @@
DROP TABLE oidc_clients_allowed_user_groups;
PRAGMA foreign_keys=OFF;
BEGIN;
DROP TABLE oidc_clients_allowed_user_groups;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250131154719_oidc_user_group_restriction.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE oidc_clients_allowed_user_groups
(
user_group_id TEXT NOT NULL,
@@ -5,4 +7,6 @@ CREATE TABLE oidc_clients_allowed_user_groups
PRIMARY KEY (oidc_client_id, user_group_id),
FOREIGN KEY (oidc_client_id) REFERENCES oidc_clients (id) ON DELETE CASCADE,
FOREIGN KEY (user_group_id) REFERENCES user_groups (id) ON DELETE CASCADE
);
);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250203082527_fix_empty_user_group_ldap_id_string.down.sql
View File

@@ -1 +1,5 @@
UPDATE user_groups SET ldap_id = '' WHERE ldap_id IS NULL;
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE user_groups SET ldap_id = '' WHERE ldap_id IS NULL;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250203082527_fix_empty_user_group_ldap_id_string.up.sql
View File

@@ -1 +1,5 @@
UPDATE user_groups SET ldap_id = null WHERE ldap_id = '';
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE user_groups SET ldap_id = null WHERE ldap_id = '';
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250210152631_post_logout_url.down.sql
View File

@@ -1 +1,5 @@
ALTER TABLE oidc_clients DROP COLUMN logout_callback_urls;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients DROP COLUMN logout_callback_urls;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250210152631_post_logout_url.up.sql
View File

@@ -1 +1,5 @@
ALTER TABLE oidc_clients ADD COLUMN logout_callback_urls BLOB;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients ADD COLUMN logout_callback_urls BLOB;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250225182112_manual_smtp_tls_selection.down.sql
View File

@@ -1 +1,5 @@
UPDATE app_config_variables SET value = 'true' WHERE key = 'smtpTls';
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE app_config_variables SET value = 'true' WHERE key = 'smtpTls';
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250225182112_manual_smtp_tls_selection.up.sql
View File

@@ -1,7 +1,11 @@
PRAGMA foreign_keys=OFF;
BEGIN;
UPDATE app_config_variables
SET value = CASE
WHEN value = 'true' AND (SELECT value FROM app_config_variables WHERE key = 'smtpPort' LIMIT 1) = '587' THEN 'starttls'
WHEN value = 'true' THEN 'tls'
ELSE 'none'
END
WHERE key = 'smtpTls';
WHERE key = 'smtpTls';
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250302220732_api_key_auth.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
DROP INDEX IF EXISTS idx_api_keys_key;
DROP TABLE IF EXISTS api_keys;
DROP TABLE IF EXISTS api_keys;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250302220732_api_key_auth.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE api_keys (
id TEXT PRIMARY KEY,
name TEXT NOT NULL,
@@ -9,4 +11,6 @@ CREATE TABLE api_keys (
user_id TEXT REFERENCES users(id) ON DELETE CASCADE
);
CREATE INDEX idx_api_keys_key ON api_keys(key);
CREATE INDEX idx_api_keys_key ON api_keys(key);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250320171311_user_locale.down.sql
View File

@@ -1 +1,5 @@
ALTER TABLE users DROP COLUMN locale;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE users DROP COLUMN locale;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250320171311_user_locale.up.sql
View File

@@ -1 +1,5 @@
ALTER TABLE users ADD COLUMN locale TEXT;
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE users ADD COLUMN locale TEXT;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250323184520_oidc_refresh_tokens.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
DROP INDEX IF EXISTS idx_oidc_refresh_tokens_token;
DROP TABLE IF EXISTS oidc_refresh_tokens;
DROP TABLE IF EXISTS oidc_refresh_tokens;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250323184520_oidc_refresh_tokens.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE oidc_refresh_tokens (
id TEXT NOT NULL PRIMARY KEY,
created_at DATETIME,
@@ -8,4 +10,6 @@ CREATE TABLE oidc_refresh_tokens (
client_id TEXT NOT NULL REFERENCES oidc_clients(id) ON DELETE CASCADE
);
CREATE INDEX idx_oidc_refresh_tokens_token ON oidc_refresh_tokens(token);
CREATE INDEX idx_oidc_refresh_tokens_token ON oidc_refresh_tokens(token);
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250403082322_audit_logs_indexes.down.sql
View File

@@ -1,3 +1,8 @@
PRAGMA foreign_keys=OFF;
BEGIN;
DROP INDEX IF EXISTS idx_audit_logs_event;
DROP INDEX IF EXISTS idx_audit_logs_user_id;
DROP INDEX IF EXISTS idx_audit_logs_client_name;
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250403082322_audit_logs_indexes.up.sql
View File

@@ -1,3 +1,8 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE INDEX idx_audit_logs_event ON audit_logs(event);
CREATE INDEX idx_audit_logs_user_id ON audit_logs(user_id);
CREATE INDEX idx_audit_logs_client_name ON audit_logs((json_extract(data, '$.clientName')));
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250408120918_app_config_cols.down.sql
View File

@@ -1,4 +1,9 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE app_config_variables ADD type VARCHAR(20) NOT NULL,;
ALTER TABLE app_config_variables ADD is_public BOOLEAN DEFAULT FALSE NOT NULL,;
ALTER TABLE app_config_variables ADD is_internal BOOLEAN DEFAULT FALSE NOT NULL,;
ALTER TABLE app_config_variables ADD default_value TEXT;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250408120918_app_config_cols.up.sql
View File

@@ -1,4 +1,8 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE app_config_variables DROP type;
ALTER TABLE app_config_variables DROP is_public;
ALTER TABLE app_config_variables DROP is_internal;
ALTER TABLE app_config_variables DROP default_value;
ALTER TABLE app_config_variables DROP default_value;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250412000000_add_user_disabled_field.down.sql
View File

@@ -1,4 +1,8 @@
PRAGMA foreign_keys=OFF;
BEGIN;
DROP INDEX idx_users_disabled;
ALTER TABLE users
DROP COLUMN disabled;
DROP COLUMN disabled;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250412000000_add_user_disabled_field.up.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE users
ADD COLUMN disabled NUMERIC DEFAULT FALSE NOT NULL;
ADD COLUMN disabled NUMERIC DEFAULT FALSE NOT NULL;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250417120000_add_expiration_email_sent_to_api_keys.down.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE api_keys
DROP COLUMN expiration_email_sent;
DROP COLUMN expiration_email_sent;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250417120000_add_expiration_email_sent_to_api_keys.up.sql
View File

@@ -1,2 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE api_keys
ADD COLUMN expiration_email_sent BOOLEAN NOT NULL DEFAULT 0;
ADD COLUMN expiration_email_sent BOOLEAN NOT NULL DEFAULT 0;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250421221059_add_device_codes.down.sql
View File

@@ -1 +1,5 @@
DROP TABLE oidc_device_codes;
PRAGMA foreign_keys=OFF;
BEGIN;
DROP TABLE oidc_device_codes;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250421221059_add_device_codes.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE oidc_device_codes
(
id TEXT NOT NULL PRIMARY KEY,
@@ -9,4 +11,6 @@ CREATE TABLE oidc_device_codes
is_authorized BOOLEAN NOT NULL DEFAULT FALSE,
user_id TEXT REFERENCES users ON DELETE CASCADE,
client_id TEXT NOT NULL REFERENCES oidc_clients ON DELETE CASCADE
);
);
COMMIT;
PRAGMA foreign_keys=ON;

2
backend/resources/migrations/sqlite/20250601204251_clear_default_app_config_variables.down.sql
View File

@@ -1 +1 @@
-- No rollback is needed for this migration.
-- No-op

6
backend/resources/migrations/sqlite/20250601204251_clear_default_app_config_variables.up.sql
View File

@@ -1 +1,5 @@
DELETE FROM app_config_variables WHERE value = '';
PRAGMA foreign_keys=OFF;
BEGIN;
DELETE FROM app_config_variables WHERE value = '';
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250609202611_client_credentials.down.sql
View File

@@ -1 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients DROP COLUMN credentials;
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250609202611_client_credentials.up.sql
View File

@@ -1 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients ADD COLUMN credentials TEXT NULL;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250619115053_add_country_index.down.sql
View File

@@ -1 +1,5 @@
DROP INDEX idx_audit_logs_country;
PRAGMA foreign_keys=OFF;
BEGIN;
DROP INDEX idx_audit_logs_country;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250619115053_add_country_index.up.sql
View File

@@ -1 +1,5 @@
CREATE INDEX idx_audit_logs_country ON audit_logs(country);
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE INDEX idx_audit_logs_country ON audit_logs(country);
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250622151258_add_signup_tokens.down.sql
View File

@@ -1,3 +1,7 @@
PRAGMA foreign_keys=OFF;
BEGIN;
DROP INDEX IF EXISTS idx_signup_tokens_expires_at;
DROP INDEX IF EXISTS idx_signup_tokens_token;
DROP TABLE IF EXISTS signup_tokens;
DROP TABLE IF EXISTS signup_tokens;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250622151258_add_signup_tokens.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
CREATE TABLE signup_tokens (
id TEXT NOT NULL PRIMARY KEY,
created_at DATETIME NOT NULL,
@@ -8,4 +10,6 @@ CREATE TABLE signup_tokens (
);
CREATE INDEX idx_signup_tokens_token ON signup_tokens(token);
CREATE INDEX idx_signup_tokens_expires_at ON signup_tokens(expires_at);
CREATE INDEX idx_signup_tokens_expires_at ON signup_tokens(expires_at);
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250628000000_audit_logs_ip_null.down.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
-- Re-create the table with non-nullable ip_address
-- We then move the data and rename the table
CREATE TABLE audit_logs_new
@@ -28,3 +30,6 @@ CREATE INDEX idx_audit_logs_user_id ON audit_logs(user_id);
CREATE INDEX idx_audit_logs_user_agent ON audit_logs(user_agent);
CREATE INDEX idx_audit_logs_client_name ON audit_logs((json_extract(data, '$.clientName')));
CREATE INDEX idx_audit_logs_country ON audit_logs(country);
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250628000000_audit_logs_ip_null.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
-- Re-create the table with nullable ip_address
-- We then move the data and rename the table
CREATE TABLE audit_logs_new
@@ -28,3 +30,6 @@ CREATE INDEX idx_audit_logs_user_id ON audit_logs(user_id);
CREATE INDEX idx_audit_logs_user_agent ON audit_logs(user_agent);
CREATE INDEX idx_audit_logs_client_name ON audit_logs((json_extract(data, '$.clientName')));
CREATE INDEX idx_audit_logs_country ON audit_logs(country);
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250630000000_kv_table.down.sql
View File

@@ -1 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
DROP TABLE kv;
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250630000000_kv_table.up.sql
View File

@@ -1,6 +1,11 @@
PRAGMA foreign_keys=OFF;
BEGIN;
-- The "kv" tables contains miscellaneous key-value pairs
CREATE TABLE kv
(
"key" TEXT NOT NULL PRIMARY KEY,
"value" TEXT NOT NULL
);
COMMIT;
PRAGMA foreign_keys=ON;

2
backend/resources/migrations/sqlite/20250705000000_normalize.down.sql
View File

@@ -1 +1 @@
-- No-op
-- No-op

5
backend/resources/migrations/sqlite/20250705000000_normalize.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
-- Normalize (form NFC) all existing values in the database
UPDATE api_keys SET
name = normalize(name, 'nfc'),
@@ -23,3 +25,6 @@ UPDATE users SET
UPDATE user_groups SET
friendly_name = normalize(friendly_name, 'nfc'),
"name" = normalize("name", 'nfc');
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250810144214_apps_dashboard.down.sql
View File

@@ -1,3 +1,7 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients DROP COLUMN launch_url;
ALTER TABLE user_authorized_oidc_clients DROP COLUMN created_at;
ALTER TABLE user_authorized_oidc_clients DROP COLUMN created_at;
COMMIT;
PRAGMA foreign_keys=ON;

5
backend/resources/migrations/sqlite/20250810144214_apps_dashboard.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients ADD COLUMN launch_url TEXT;
CREATE TABLE user_authorized_oidc_clients_new
@@ -14,3 +16,6 @@ SELECT scope, user_id, client_id, unixepoch() FROM user_authorized_oidc_clients;
DROP TABLE user_authorized_oidc_clients;
ALTER TABLE user_authorized_oidc_clients_new RENAME TO user_authorized_oidc_clients;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250814121300_requires_reauthentication.down.sql
View File

@@ -1,3 +1,7 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients DROP COLUMN requires_reauthentication;
DROP INDEX IF EXISTS idx_reauthentication_tokens_token;
DROP TABLE IF EXISTS reauthentication_tokens;
DROP TABLE IF EXISTS reauthentication_tokens;
COMMIT;
PRAGMA foreign_keys=ON;

6
backend/resources/migrations/sqlite/20250814121300_requires_reauthentication.up.sql
View File

@@ -1,3 +1,5 @@
PRAGMA foreign_keys=OFF;
BEGIN;
ALTER TABLE oidc_clients ADD COLUMN requires_reauthentication BOOLEAN NOT NULL DEFAULT FALSE;
CREATE TABLE reauthentication_tokens (
@@ -8,4 +10,6 @@ CREATE TABLE reauthentication_tokens (
user_id TEXT NOT NULL REFERENCES users ON DELETE CASCADE
);
CREATE INDEX idx_reauthentication_tokens_token ON reauthentication_tokens(token);
CREATE INDEX idx_reauthentication_tokens_token ON reauthentication_tokens(token);
COMMIT;
PRAGMA foreign_keys=ON;

10
backend/resources/migrations/sqlite/20250822000000_foreign_keys_improvements.up.sql
View File

@@ -1,3 +1,6 @@
PRAGMA foreign_keys=OFF;
BEGIN;
PRAGMA foreign_keys=OFF;
---------------------------
-- Delete all orphaned rows
---------------------------
@@ -170,4 +173,9 @@ SELECT id, created_at, name, credential_id, public_key, attestation_type,
transport, user_id, backup_eligible, backup_state
FROM webauthn_credentials;
DROP TABLE webauthn_credentials;
ALTER TABLE webauthn_credentials_new RENAME TO webauthn_credentials;
ALTER TABLE webauthn_credentials_new RENAME TO webauthn_credentials;
PRAGMA foreign_keys=ON;
PRAGMA foreign_key_check;
COMMIT;
PRAGMA foreign_keys=ON;

18
frontend/messages/cs.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Kliknutím zkopírujete",
"something_went_wrong": "Něco se pokazilo",
"go_back_to_home": "Přejít zpět domů",
"dont_have_access_to_your_passkey": "Nemáte přístup k Vašemu přístupovému klíči?",
"alternative_sign_in_methods": "Alternativní způsoby přihlášení",
"login_background": "Pozadí přihlašovací stránky",
"logo": "Logo",
"login_code": "Přihlašovací kód",
@@ -276,6 +276,8 @@
"public_clients_description": "Veřejní klienti nemají client secret a místo toho používají PKCE. Povolte to, pokud je váš klient SPA nebo mobilní aplikace.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Public Key Exchange je bezpečnostní funkce, která zabraňuje útokům CSRF a narušení autorizačních kódů.",
"requires_reauthentication": "Vyžaduje opětovné ověření",
"requires_users_to_authenticate_again_on_each_authorization": "Vyžaduje, aby se uživatelé při každém autorizačním pokusu znovu ověřili, i když jsou již přihlášeni.",
"name_logo": "Logo {name}",
"change_logo": "Změnit logo",
"upload_logo": "Nahrát logo",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Kolikrát lze použít registrační token.",
"expires": "Vyprší",
"signup": "Zaregistrovat se",
"user_creation": "Vytvoření uživatele",
"configure_user_creation": "Spravujte nastavení vytváření uživatelů, včetně metod registrace a výchozích oprávnění pro nové uživatele.",
"user_creation_groups_description": "Při registraci automaticky přiřaďte tyto skupiny novým uživatelům.",
"user_creation_claims_description": "Při registraci automaticky přiřaďte tyto vlastní nároky novým uživatelům.",
"user_creation_updated_successfully": "Nastavení pro vytváření uživatelů bylo úspěšně aktualizováno.",
"signup_disabled_description": "Registrace uživatelů jsou kompletně zakázány. Nové uživatelské účty mohou vytvářet pouze správci.",
"signup_requires_valid_token": "Pro vytvoření účtu je vyžadován platný registrační token",
"validating_signup_token": "Ověřování registračního tokenu",
"go_to_login": "Přejít na přihlášení",
@@ -396,7 +404,7 @@
"skip_for_now": "Prozatím přeskočit",
"account_created": "Účet vytvořen",
"enable_user_signups": "Povolit registraci uživatelů",
"enable_user_signups_description": "Určuje, zda by měla být funkce registrace uživatele povolena.",
"enable_user_signups_description": "Rozhodněte, jak se uživatelé mohou registrovat pro nové účty v Pocket ID.",
"user_signups_are_disabled": "Registrace uživatelů jsou v současné době zakázány",
"create_signup_token": "Vytvořit registrační token",
"view_active_signup_tokens": "Zobrazit aktivní registrační tokeny",
@@ -412,7 +420,6 @@
"loading": "Načítání",
"delete_signup_token": "Odstranit registrační token",
"are_you_sure_you_want_to_delete_this_signup_token": "Jste si jisti, že chcete odstranit tento registrační token? Tuto akci nelze vrátit zpět.",
"signup_disabled_description": "Registrace uživatelů jsou kompletně zakázány. Nové uživatelské účty mohou vytvářet pouze správci.",
"signup_with_token": "Zaregistrovat se s tokenem",
"signup_with_token_description": "Uživatelé se mohou zaregistrovat pouze pomocí platného registračního tokenu který byl vytvořen správcem.",
"signup_open": "Otevřená registrace",
@@ -430,5 +437,8 @@
"revoke_access": "Zrušit přístup",
"revoke_access_description": "Zrušit přístup k <b>{clientName}</b>. <b>{clientName}</b> už nebude mít přístup k informacím o vašem účtu.",
"revoke_access_successful": "Přístup k {clientName} byl úspěšně zrušen.",
"last_signed_in_ago": "Naposledy přihlášen {time} před"
"last_signed_in_ago": "Naposledy přihlášen {time} před",
"invalid_client_id": "ID klienta může obsahovat pouze písmena, číslice, podtržítka a pomlčky.",
"custom_client_id_description": "Nastavte vlastní ID klienta, pokud to vyžaduje vaše aplikace. V opačném případě pole nechte prázdné, aby bylo vygenerováno náhodné ID.",
"generated": "Vygenerováno"
}

18
frontend/messages/da.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Klik for at kopiere",
"something_went_wrong": "Noget gik galt",
"go_back_to_home": "Gå tilbage til hjem",
"dont_have_access_to_your_passkey": "Har du ikke adgang til din adgangsnøgle?",
"alternative_sign_in_methods": "Alternative login-metoder",
"login_background": "Log ind baggrund",
"logo": "Logo",
"login_code": "Loginkode",
@@ -276,6 +276,8 @@
"public_clients_description": "Public-klienter har ikke en klienthemmelighed. De er designet til mobil-, web- og native-apps, hvor hemmeligheder ikke kan opbevares sikkert.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Public Key Code Exchange er en sikkerhedsfunktion, der beskytter mod CSRF- og authorization code-angreb.",
"requires_reauthentication": "Kræver genbekræftelse",
"requires_users_to_authenticate_again_on_each_authorization": "Kræver, at brugerne skal godkende igen ved hver autorisation, selvom de allerede er logget ind.",
"name_logo": "Logo for {name}",
"change_logo": "Skift logo",
"upload_logo": "Upload logo",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Antal gange, som tilmeldingstokenet kan bruges.",
"expires": "Udløber",
"signup": "Tilmeld",
"user_creation": "Oprettelse af bruger",
"configure_user_creation": "Administrer indstillinger for brugeroprettelse, herunder tilmeldingsmetoder og standardtilladelser for nye brugere.",
"user_creation_groups_description": "Tildel disse grupper automatisk til nye brugere ved tilmelding.",
"user_creation_claims_description": "Tildel disse brugerdefinerede krav automatisk til nye brugere ved tilmelding.",
"user_creation_updated_successfully": "Indstillinger for brugeroprettelse opdateret.",
"signup_disabled_description": "Brugerregistreringer er fuldstændigt deaktiveret. Kun administratorer kan oprette nye brugerkonti.",
"signup_requires_valid_token": "Der kræves en gyldig tilmeldingstoken for at oprette en konto.",
"validating_signup_token": "Validering af tilmeldingstoken",
"go_to_login": "Gå til login",
@@ -396,7 +404,7 @@
"skip_for_now": "Spring over for nu",
"account_created": "Konto oprettet",
"enable_user_signups": "Aktiver brugerregistrering",
"enable_user_signups_description": "Om brugerregistreringsfunktionen skal være aktiveret.",
"enable_user_signups_description": "Bestem, hvordan brugere kan oprette nye konti i Pocket ID.",
"user_signups_are_disabled": "Brugerregistrering er i øjeblikket deaktiveret.",
"create_signup_token": "Opret tilmeldingstoken",
"view_active_signup_tokens": "Vis aktive tilmeldingstokener",
@@ -412,7 +420,6 @@
"loading": "Indlæsning",
"delete_signup_token": "Slet tilmeldingstoken",
"are_you_sure_you_want_to_delete_this_signup_token": "Er du sikker på, at du vil slette denne tilmeldingstoken? Denne handling kan ikke fortrydes.",
"signup_disabled_description": "Brugerregistreringer er fuldstændigt deaktiveret. Kun administratorer kan oprette nye brugerkonti.",
"signup_with_token": "Tilmeld dig med token",
"signup_with_token_description": "Brugere kan kun tilmelde sig ved hjælp af en gyldig tilmeldingstoken, der er oprettet af en administrator.",
"signup_open": "Åben tilmelding",
@@ -430,5 +437,8 @@
"revoke_access": "Tilbagekald adgang",
"revoke_access_description": "Tilbagekald adgang til <b>{clientName}</b>. <b>{clientName}</b> vil ikke længere kunne få adgang til dine kontooplysninger.",
"revoke_access_successful": "Adgangen til {clientName} er blevet ophævet.",
"last_signed_in_ago": "Sidst logget ind {time} siden"
"last_signed_in_ago": "Sidst logget ind {time} siden",
"invalid_client_id": "Kunde-ID må kun indeholde bogstaver, tal, understregninger og bindestreger.",
"custom_client_id_description": "Indstil et brugerdefineret klient-id, hvis dette kræves af din applikation. Ellers skal du lade feltet være tomt for at generere et tilfældigt id.",
"generated": "Genereret"
}

16
frontend/messages/de.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Zum Kopieren klicken",
"something_went_wrong": "Etwas ist schiefgelaufen",
"go_back_to_home": "Zurück zur Startseite",
"dont_have_access_to_your_passkey": "Du hast keinen Zugriff auf deinen Passkey?",
"alternative_sign_in_methods": "Andere Anmeldemöglichkeiten",
"login_background": "Login Hintergrund",
"logo": "Logo",
"login_code": "Anmeldecode",
@@ -387,6 +387,12 @@
"number_of_times_token_can_be_used": "Wie oft der Anmeldetoken benutzt werden kann.",
"expires": "Läuft ab",
"signup": "Anmelden",
"user_creation": "Benutzererstellung",
"configure_user_creation": "Verwalte die Einstellungen für die Benutzererstellung, einschließlich der Anmeldemethoden und Standardberechtigungen für neue Benutzer.",
"user_creation_groups_description": "Weise diese Gruppen neuen Benutzern bei der Anmeldung automatisch zu.",
"user_creation_claims_description": "Weise diese benutzerdefinierten Ansprüche neuen Benutzern bei der Anmeldung automatisch zu.",
"user_creation_updated_successfully": "Einstellungen für die Benutzererstellung erfolgreich aktualisiert.",
"signup_disabled_description": "Benutzeranmeldungen sind komplett deaktiviert. Nur Admins können neue Benutzerkonten erstellen.",
"signup_requires_valid_token": "Zum Erstellen eines Kontos brauchst du einen gültigen Anmeldetoken.",
"validating_signup_token": "Anmeldungstoken bestätigen",
"go_to_login": "Zum Login gehen",
@@ -398,7 +404,7 @@
"skip_for_now": "Jetzt überspringen",
"account_created": "Konto erstellt",
"enable_user_signups": "Benutzeranmeldungen aktivieren",
"enable_user_signups_description": "Ob die Funktion zur Benutzeranmeldung aktiviert werden soll.",
"enable_user_signups_description": "Entscheide, wie sich Leute für neue Konten in Pocket ID anmelden können.",
"user_signups_are_disabled": "Benutzeranmeldungen sind im Moment deaktiviert.",
"create_signup_token": "Anmeldungstoken erstellen",
"view_active_signup_tokens": "Aktive Anmeldetoken anzeigen",
@@ -414,7 +420,6 @@
"loading": "Laden",
"delete_signup_token": "Anmeldungstoken löschen",
"are_you_sure_you_want_to_delete_this_signup_token": "Willst du diesen Anmeldetoken wirklich löschen? Das kannst du nicht rückgängig machen.",
"signup_disabled_description": "Benutzeranmeldungen sind komplett deaktiviert. Nur Admins können neue Benutzerkonten erstellen.",
"signup_with_token": "Mit Token anmelden",
"signup_with_token_description": "Benutzer können sich nur mit einem gültigen Anmeldetoken anmelden, das von einem Administrator erstellt wurde.",
"signup_open": "Anmeldung offen",
@@ -432,5 +437,8 @@
"revoke_access": "Zugriff widerrufen",
"revoke_access_description": "Zugriff widerrufen <b>{clientName}</b>. <b>{clientName}</b> kann nicht mehr auf deine Kontoinfos zugreifen.",
"revoke_access_successful": "Der Zugriff auf „ {clientName} “ wurde erfolgreich gesperrt.",
"last_signed_in_ago": "Zuletzt angemeldet vor {time} Stunden"
"last_signed_in_ago": "Zuletzt angemeldet vor {time} Stunden",
"invalid_client_id": "Die Kunden-ID darf nur Buchstaben, Zahlen, Unterstriche und Bindestriche haben.",
"custom_client_id_description": "Gib eine eigene Client-ID ein, wenn deine App das braucht. Ansonsten lass das Feld leer, damit eine zufällige ID generiert wird.",
"generated": "Generiert"
}

9
frontend/messages/es.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Haz clic para copiar",
"something_went_wrong": "Algo ha salido mal",
"go_back_to_home": "Volver al Inicio",
"dont_have_access_to_your_passkey": "¿No tiene acceso a su Passkey?",
"alternative_sign_in_methods": "Métodos alternativos de inicio de sesión",
"login_background": "Fondo de página de acceso",
"logo": "Logotipo",
"login_code": "Código de inicio de sesión",
@@ -276,6 +276,8 @@
"public_clients_description": "Public clients do not have a client secret and use PKCE instead. Enable this if your client is a SPA or mobile app.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "El intercambio de claves públicas es una función de seguridad que evita los ataques CSRF y la interceptación de códigos de autorización.",
"requires_reauthentication": "Requiere reautenticación",
"requires_users_to_authenticate_again_on_each_authorization": "Requiere que los usuarios se autentiquen de nuevo en cada autorización, incluso si ya han iniciado sesión.",
"name_logo": "{name} logotipo",
"change_logo": "Cambiar logotipo",
"upload_logo": "Subir Logo",
@@ -435,5 +437,8 @@
"revoke_access": "Revocar acceso",
"revoke_access_description": "Revocar el acceso a <b>{clientName}</b>. <b>{clientName}</b> ya no podrás acceder a la información de tu cuenta.",
"revoke_access_successful": "El acceso a {clientName} ha sido revocado correctamente.",
"last_signed_in_ago": "Último inicio de sesión en {time} hace"
"last_signed_in_ago": "Último inicio de sesión en {time} hace",
"invalid_client_id": "El ID de cliente solo puede contener letras, números, guiones bajos y guiones.",
"custom_client_id_description": "Establece un ID de cliente personalizado si tu aplicación lo requiere. De lo contrario, déjalo en blanco para generar uno aleatorio.",
"generated": "Generado"
}

18
frontend/messages/fr.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Cliquer pour copier",
"something_went_wrong": "Quelque chose n'a pas fonctionné",
"go_back_to_home": "Retourner à l'accueil",
"dont_have_access_to_your_passkey": "Vous n'avez pas accès à votre clé d'accès ?",
"alternative_sign_in_methods": "Autres façons de se connecter",
"login_background": "Arrière-plan de connexion",
"logo": "Logo",
"login_code": "Code de connexion",
@@ -276,6 +276,8 @@
"public_clients_description": "Les clients publics n'ont pas de secret client et utilisent PKCE à la place. Activez cette option si votre client est une application SPA ou une application mobile.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Le Public Key Code Exchange est une fonctionnalité de sécurité conçue pour prévenir les attaques CSRF et linterception de code dautorisation.",
"requires_reauthentication": "Nécessite une nouvelle authentification",
"requires_users_to_authenticate_again_on_each_authorization": "Demande aux utilisateurs de se connecter à nouveau à chaque autorisation, même s'ils sont déjà connectés.",
"name_logo": "Logo {name}",
"change_logo": "Changer le logo",
"upload_logo": "Télécharger un logo",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Nombre de fois que le jeton d'inscription peut être utilisé.",
"expires": "Expire",
"signup": "S'inscrire",
"user_creation": "Création d'un utilisateur",
"configure_user_creation": "Gère les paramètres de création des utilisateurs, comme les méthodes d'inscription et les autorisations par défaut pour les nouveaux utilisateurs.",
"user_creation_groups_description": "Attribuez automatiquement ces groupes aux nouveaux utilisateurs lors de leur inscription.",
"user_creation_claims_description": "Attribuez automatiquement ces revendications personnalisées aux nouveaux utilisateurs lors de leur inscription.",
"user_creation_updated_successfully": "Les paramètres de création d'utilisateur ont été mis à jour.",
"signup_disabled_description": "Les inscriptions utilisateur sont complètement désactivées. Seuls les administrateurs peuvent créer de nouveaux comptes utilisateur.",
"signup_requires_valid_token": "Un jeton d'inscription valide est requis pour créer un compte.",
"validating_signup_token": "Validation du jeton d'inscription",
"go_to_login": "Aller à la connexion",
@@ -396,7 +404,7 @@
"skip_for_now": "Ignorer pour le moment",
"account_created": "Compte créé",
"enable_user_signups": "Activer les inscriptions utilisateur",
"enable_user_signups_description": "Détermine si la fonctionnalité d'inscription des utilisateurs doit être activée.",
"enable_user_signups_description": "Décide comment les utilisateurs peuvent créer de nouveaux comptes dans Pocket ID.",
"user_signups_are_disabled": "Les inscriptions utilisateur sont actuellement désactivées",
"create_signup_token": "Créer un jeton d'inscription",
"view_active_signup_tokens": "Voir les jetons d'inscription actifs",
@@ -412,7 +420,6 @@
"loading": "Chargement",
"delete_signup_token": "Supprimer le jeton d'inscription",
"are_you_sure_you_want_to_delete_this_signup_token": "Êtes-vous sûr de vouloir supprimer ce jeton d'inscription ? Cette action est irréversible.",
"signup_disabled_description": "Les inscriptions utilisateur sont complètement désactivées. Seuls les administrateurs peuvent créer de nouveaux comptes utilisateur.",
"signup_with_token": "Inscription avec jeton",
"signup_with_token_description": "Les utilisateurs ne peuvent s'inscrire qu'en utilisant un jeton d'inscription valide créé par un administrateur.",
"signup_open": "Inscription ouverte",
@@ -430,5 +437,8 @@
"revoke_access": "Supprimer l'accès",
"revoke_access_description": "Supprimer l'accès à <b>{clientName}</b>. <b>{clientName}</b> ne pourra plus accéder aux infos de ton compte.",
"revoke_access_successful": "L'accès à {clientName} a été supprimé.",
"last_signed_in_ago": "Dernière connexion il y a {time} il y a"
"last_signed_in_ago": "Dernière connexion il y a {time} il y a",
"invalid_client_id": "L'ID client ne peut contenir que des lettres, des chiffres, des traits de soulignement et des tirets.",
"custom_client_id_description": "Définissez un identifiant client personnalisé si votre application l'exige. Sinon, laissez ce champ vide pour qu'un identifiant aléatoire soit généré.",
"generated": "Généré"
}

18
frontend/messages/it.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Clicca per copiare",
"something_went_wrong": "Qualcosa è andato storto",
"go_back_to_home": "Torna alla home",
"dont_have_access_to_your_passkey": "Non hai accesso alla tua passkey?",
"alternative_sign_in_methods": "Metodi di accesso alternativi",
"login_background": "Sfondo di accesso",
"logo": "Logo",
"login_code": "Codice di accesso",
@@ -276,6 +276,8 @@
"public_clients_description": "I client pubblici non hanno un client secret e utilizzano PKCE. Abilita questa opzione se il tuo client è una SPA o un'app mobile.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Il Public Key Code Exchange è una funzionalità di sicurezza per prevenire attacchi CSRF e intercettazione del codice di autorizzazione.",
"requires_reauthentication": "È necessario effettuare nuovamente l'autenticazione",
"requires_users_to_authenticate_again_on_each_authorization": "Chiede agli utenti di fare di nuovo l'autenticazione ogni volta che autorizzano qualcosa, anche se hanno già fatto l'accesso.",
"name_logo": "Logo di {name}",
"change_logo": "Cambia Logo",
"upload_logo": "Carica Logo",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Numero di volte che il codice d'iscrizione può essere usato.",
"expires": "Scadenza",
"signup": "Registrati",
"user_creation": "Creazione utente",
"configure_user_creation": "Gestisci le impostazioni per creare nuovi utenti, come i metodi di registrazione e i permessi di default per quelli nuovi.",
"user_creation_groups_description": "Assegna automaticamente questi gruppi ai nuovi utenti al momento della registrazione.",
"user_creation_claims_description": "Assegna automaticamente queste richieste personalizzate ai nuovi utenti al momento della registrazione.",
"user_creation_updated_successfully": "Le impostazioni per creare un utente sono state aggiornate.",
"signup_disabled_description": "Le iscrizioni utente sono completamente disabilitate. Solo gli amministratori possono creare nuovi account utente.",
"signup_requires_valid_token": "È necessario un codice d'iscrizione valido per creare un account",
"validating_signup_token": "Convalida codice d'iscrizione",
"go_to_login": "Vai alla login",
@@ -396,7 +404,7 @@
"skip_for_now": "Salta per ora",
"account_created": "Account creato",
"enable_user_signups": "Abilita Iscrizioni Utente",
"enable_user_signups_description": "Indica se la funzionalità di registrazione utente deve essere abilitata.",
"enable_user_signups_description": "Decidi come gli utenti possono registrarsi per creare nuovi account in Pocket ID.",
"user_signups_are_disabled": "Le iscrizioni utente sono attualmente disattivate",
"create_signup_token": "Crea Codice d'iscrizione",
"view_active_signup_tokens": "Visualizza codici d'iscrizione attivi",
@@ -412,7 +420,6 @@
"loading": "Caricamento",
"delete_signup_token": "Elimina Codice d'iscrizione",
"are_you_sure_you_want_to_delete_this_signup_token": "Sei sicuro di voler eliminare questo codice d'iscrizione? Questa azione non può essere annullata.",
"signup_disabled_description": "Le iscrizioni utente sono completamente disabilitate. Solo gli amministratori possono creare nuovi account utente.",
"signup_with_token": "Registrati con codice",
"signup_with_token_description": "Gli utenti possono registrarsi solo usando un codice d'iscrizione valido, creato da un amministratore.",
"signup_open": "Apri Registrazione",
@@ -430,5 +437,8 @@
"revoke_access": "Revoca accesso",
"revoke_access_description": "Revoca l'accesso a <b>{clientName}</b>. <b>{clientName}</b> non potrà più accedere alle informazioni del tuo account.",
"revoke_access_successful": "L'accesso a {clientName} è stato revocato con successo.",
"last_signed_in_ago": "Ultimo accesso {time} fa"
"last_signed_in_ago": "Ultimo accesso {time} fa",
"invalid_client_id": "L'ID cliente può contenere solo lettere, numeri, trattini bassi e trattini.",
"custom_client_id_description": "Imposta un ID cliente personalizzato se la tua app lo richiede. Altrimenti, lascia vuoto per generarne uno casuale.",
"generated": "Generato"
}

18
frontend/messages/ko.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "클릭하여 복사",
"something_went_wrong": "문제가 발생했습니다",
"go_back_to_home": "홈으로 돌아가기",
"dont_have_access_to_your_passkey": "패스키에 접근할 수 없나요?",
"alternative_sign_in_methods": "대체 로그인 방법",
"login_background": "로그인 배경",
"logo": "로고",
"login_code": "로그인 코드",
@@ -276,6 +276,8 @@
"public_clients_description": "공개 클라이언트는 클라이언트 시크릿이 없습니다. 이들은 시크릿을 안전하게 보관할 수 없는 모바일, 웹, 네이티브 애플리케이션을 위해 설계되었습니다.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "공개 키 코드 교환은 CSRF 및 승인 코드 가로채기 공격을 방지하기 위한 보안 기능입니다.",
"requires_reauthentication": "재인증 요구",
"requires_users_to_authenticate_again_on_each_authorization": "사용자가 이미 로그인한 상태에서도 승인할 때마다 다시 인증을 요구합니다.",
"name_logo": "{name} 로고",
"change_logo": "로고 변경",
"upload_logo": "로고 업로드",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "계정 생성 토큰을 사용할 수 있는 횟수.",
"expires": "만료일",
"signup": "계정 생성",
"user_creation": "사용자 생성",
"configure_user_creation": "사용자 생성 설정을 관리합니다. 이에는 신규 사용자 등록 방법 및 신규 사용자의 기본 권한이 포함됩니다.",
"user_creation_groups_description": "새 사용자가 가입할 때 이 그룹을 자동으로 할당합니다.",
"user_creation_claims_description": "새 사용자가 가입할 때 이 사용자 정의 클레임을 자동으로 할당합니다.",
"user_creation_updated_successfully": "사용자 생성 설정 업데이트가 성공적으로 완료되었습니다.",
"signup_disabled_description": "계정 생성이 완전히 비활성화됩니다. 새로운 사용자 계정은 관리자만 생성할 수 있습니다.",
"signup_requires_valid_token": "계정을 생성하려면 유효한 계정 생성 토큰이 필요합니다",
"validating_signup_token": "계정 생성 토큰 검증",
"go_to_login": "로그인으로 이동",
@@ -396,7 +404,7 @@
"skip_for_now": "지금은 건너뛰기",
"account_created": "계정 생성됨",
"enable_user_signups": "계정 생성 활성화",
"enable_user_signups_description": "계정 생성 기능이 활성화됩니다.",
"enable_user_signups_description": "Pocket ID에서 사용자가 새로운 계정 생성하는 방법을 결정하세요.",
"user_signups_are_disabled": "계정 생성이 현재 비활성화되었습니다",
"create_signup_token": "계정 생성 토큰 생성",
"view_active_signup_tokens": "활성 계정 생성 토큰 보기",
@@ -412,7 +420,6 @@
"loading": "불러오는 중",
"delete_signup_token": "계정 생성 토큰 삭제",
"are_you_sure_you_want_to_delete_this_signup_token": "이 계정 생성 토큰을 정말로 삭제하시겠습니까? 이 작업은 되돌릴 수 없습니다.",
"signup_disabled_description": "계정 생성이 완전히 비활성화됩니다. 새로운 사용자 계정은 관리자만 생성할 수 있습니다.",
"signup_with_token": "토큰으로 계정 생성",
"signup_with_token_description": "사용자는 관리자가 생성한 유효한 계정 생성 토큰을 사용해야 가입할 수 있습니다.",
"signup_open": "계정 생성 허용",
@@ -430,5 +437,8 @@
"revoke_access": "접근 권한 취소",
"revoke_access_description": "<b>{clientName}</b>의 접근 권한을 취소합니다. <b>{clientName}</b>은 더 이상 계정 정보에 접근할 수 없습니다.",
"revoke_access_successful": "{clientName}의 접근이 성공적으로 취소되었습니다.",
"last_signed_in_ago": "{time} 전에 로그인함"
"last_signed_in_ago": "{time} 전에 로그인함",
"invalid_client_id": "고객 ID에는 영문자, 숫자, 밑줄, 하이픈만 포함될 수 있습니다.",
"custom_client_id_description": "애플리케이션에서 사용자 정의 클라이언트 ID가 요구되는 경우 설정하세요. 그렇지 않으면 빈 상태로 두어서 무작위로 생성할 수 있습니다.",
"generated": "생성됨"
}

42
frontend/messages/nl.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Klik om te kopiëren",
"something_went_wrong": "Er is iets misgegaan",
"go_back_to_home": "Terug naar beginpagina",
"dont_have_access_to_your_passkey": "Heb je geen toegang tot je passkey?",
"alternative_sign_in_methods": "Andere manieren om in te loggen",
"login_background": "Inlogachtergrond",
"logo": "Logo",
"login_code": "Inlogcode",
@@ -43,7 +43,7 @@
"error_occurred_with_authenticator": "Er is een fout opgetreden met de authenticator",
"authenticator_does_not_support_discoverable_credentials": "De authenticator ondersteunt geen vindbare referenties",
"authenticator_does_not_support_resident_keys": "De authenticator ondersteunt geen vaste sleutels",
"passkey_was_previously_registered": "Deze toegangscode is eerder geregistreerd",
"passkey_was_previously_registered": "Deze passkey is eerder geregistreerd",
"authenticator_does_not_support_any_of_the_requested_algorithms": "De authenticator ondersteunt geen van de gevraagde algoritmen",
"authenticator_timed_out": "De authenticator is verlopen",
"critical_error_occurred_contact_administrator": "Er is een kritieke fout opgetreden. Neem contact op met de beheerder.",
@@ -70,8 +70,8 @@
"please_try_again": "Probeer het opnieuw.",
"continue": "Doorgaan",
"alternative_sign_in": "Alternatieve aanmelding",
"if_you_do_not_have_access_to_your_passkey_you_can_sign_in_using_one_of_the_following_methods": "Als je geen toegang hebt tot je passkeys, kun je je op een van de volgende manieren aanmelden.",
"use_your_passkey_instead": "Wil je in plaats daarvan je toegangscode gebruiken?",
"if_you_do_not_have_access_to_your_passkey_you_can_sign_in_using_one_of_the_following_methods": "Als je geen toegang hebt tot je passkey, kun je je op een van de volgende manieren aanmelden.",
"use_your_passkey_instead": "Wil je in plaats daarvan je passkey gebruiken?",
"email_login": "E-mail inloggen",
"enter_a_login_code_to_sign_in": "Voer een inlogcode in om in te loggen.",
"request_a_login_code_via_email": "Vraag een inlogcode aan via e-mail.",
@@ -84,7 +84,7 @@
"enter_the_code_you_received_to_sign_in": "Voer de code in die je hebt ontvangen om in te loggen.",
"code": "Code",
"invalid_redirect_url": "Ongeldige omleidings-URL",
"audit_log": "Audit logboek",
"audit_log": "Activiteitenlogboek",
"users": "Gebruikers",
"user_groups": "Gebruikersgroepen",
"oidc_clients": "OIDC-clients",
@@ -95,7 +95,7 @@
"powered_by": "Aangedreven door",
"see_your_account_activities_from_the_last_3_months": "Bekijk je accountactiviteiten van de afgelopen 3 maanden.",
"time": "Tijd",
"event": "Evenement",
"event": "Activiteit",
"approximate_location": "Geschatte locatie",
"ip_address": "IP-adres",
"device": "Apparaat",
@@ -106,11 +106,11 @@
"account_settings": "Accountinstellingen",
"passkey_missing": "Passkey ontbreekt",
"please_provide_a_passkey_to_prevent_losing_access_to_your_account": "Voeg een passkey toe om te voorkomen dat je de toegang tot je account verliest.",
"single_passkey_configured": "Eén enkele toegangscode geconfigureerd",
"it_is_recommended_to_add_more_than_one_passkey": "Het is raadzaam om meer dan één toegangscode toe te voegen om te voorkomen dat je de toegang tot uw account verliest.",
"single_passkey_configured": "Eén enkele passkey geconfigureerd",
"it_is_recommended_to_add_more_than_one_passkey": "Het is raadzaam om meer dan één passkey toe te voegen om te voorkomen dat je de toegang tot uw account verliest.",
"account_details": "Accountgegevens",
"passkeys": "Toegangscodes",
"manage_your_passkeys_that_you_can_use_to_authenticate_yourself": "Beheer de toegangscodes waarmee je jezelf kunt verifiëren.",
"passkeys": "Passkeys",
"manage_your_passkeys_that_you_can_use_to_authenticate_yourself": "Beheer de passkeys waarmee je jezelf kunt verifiëren.",
"add_passkey": "Passkey toevoegen",
"create_a_one_time_login_code_to_sign_in_from_a_different_device_without_a_passkey": "Maak een eenmalige inlogcode aan om in te loggen vanaf een ander apparaat zonder passkey.",
"create": "Aanmaken",
@@ -276,6 +276,8 @@
"public_clients_description": "Publieke clients hebben geen client secret en gebruiken in plaats daarvan PKCE. Schakel dit in als je client een SPA of mobiele app is.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Public Key Code Exchange is een beveiligingsfunctie om CSRF- en autorisatiecode-onderscheppingsaanvallen te voorkomen.",
"requires_reauthentication": "Je moet opnieuw inloggen",
"requires_users_to_authenticate_again_on_each_authorization": "Gebruikers moeten bij elke autorisatie opnieuw inloggen, zelfs als ze al ingelogd zijn.",
"name_logo": "{name} logo",
"change_logo": "Logo wijzigen",
"upload_logo": "Logo uploaden",
@@ -320,7 +322,7 @@
"all_events": "Alle activiteiten",
"all_clients": "Alle clients",
"all_locations": "Alle locaties",
"global_audit_log": "Algemeen audit logboek",
"global_audit_log": "Globaal activiteitenlogboek",
"see_all_account_activities_from_the_last_3_months": "Bekijk alle gebruikersactiviteit van de afgelopen 3 maanden.",
"token_sign_in": "Inloggen met token",
"client_authorization": "Client autorisatie",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Hoe vaak het aanmeldingstoken gebruikt kan worden.",
"expires": "Verloopt",
"signup": "Aanmelden",
"user_creation": "Gebruikers aanmaken",
"configure_user_creation": "Beheer de instellingen voor het aanmaken van gebruikers, zoals hoe mensen zich kunnen aanmelden en wat nieuwe gebruikers standaard kunnen doen.",
"user_creation_groups_description": "Wijs deze groepen automatisch toe aan nieuwe gebruikers bij aanmelding.",
"user_creation_claims_description": "Wijs deze aangepaste claims automatisch toe aan nieuwe gebruikers bij aanmelding.",
"user_creation_updated_successfully": "Instellingen voor het aanmaken van gebruikers zijn bijgewerkt.",
"signup_disabled_description": "Gebruikersregistraties zijn helemaal uitgeschakeld. Alleen beheerders kunnen nieuwe gebruikersaccounts aanmaken.",
"signup_requires_valid_token": "U heeft een geldige registratietoken nodig om een account aan te maken.",
"validating_signup_token": "Inlogtoken checken",
"go_to_login": "Ga naar inloggen",
@@ -392,11 +400,11 @@
"create_your_account_to_get_started": "Om te beginnen moet u een account aanmaken.",
"initial_account_creation_description": "Maak een account aan om te beginnen. U kunt later een wachtwoord instellen.",
"setup_your_passkey": "Stel uw passkey in",
"create_a_passkey_to_securely_access_your_account": "Maak een toegangscode aan om veilig toegang te krijgen tot je account. Dit is je primaire manier om in te loggen.",
"create_a_passkey_to_securely_access_your_account": "Maak een passkey aan om veilig toegang te krijgen tot je account. Dit is je primaire manier om in te loggen.",
"skip_for_now": "Voor nu even overslaan",
"account_created": "Account aangemaakt",
"enable_user_signups": "Gebruikersregistratie inschakelen",
"enable_user_signups_description": "Of de functie voor gebruikersregistratie moet worden ingeschakeld.",
"enable_user_signups_description": "Bepaal hoe mensen zich kunnen aanmelden voor nieuwe accounts in Pocket ID.",
"user_signups_are_disabled": "Gebruikersregistraties zijn nu uitgeschakeld.",
"create_signup_token": "Aanmeldingstoken maken",
"view_active_signup_tokens": "Actieve aanmeldingstokens bekijken",
@@ -412,7 +420,6 @@
"loading": "Bezig met laden",
"delete_signup_token": "Registratietoken verwijderen",
"are_you_sure_you_want_to_delete_this_signup_token": "Weet u zeker dat u dit aanmeldingstoken wilt verwijderen? Deze actie kan niet ongedaan worden gemaakt.",
"signup_disabled_description": "Gebruikersregistraties zijn helemaal uitgeschakeld. Alleen beheerders kunnen nieuwe gebruikersaccounts aanmaken.",
"signup_with_token": "Aanmelden met token",
"signup_with_token_description": "U kunt zich alleen aanmelden met een geldige aanmeldtoken die door een beheerder is aangemaakt.",
"signup_open": "Open inschrijving",
@@ -429,6 +436,9 @@
"client_name_description": "De naam van de client die wordt getoond in de Pocket ID UI.",
"revoke_access": "Toegang intrekken",
"revoke_access_description": "Toegang intrekken tot <b>{clientName}</b>. <b>{clientName}</b> kun je accountgegevens niet meer gebruiken.",
"revoke_access_successful": "De toegang tot {clientName} is nu echt geblokkeerd.",
"last_signed_in_ago": "Laatst ingelogd {time} geleden"
"revoke_access_successful": "De toegang tot {clientName} is nu succesvol geblokkeerd.",
"last_signed_in_ago": "Laatst ingelogd {time} geleden",
"invalid_client_id": "De klant-ID mag alleen letters, cijfers, onderstrepingstekens en koppeltekens bevatten.",
"custom_client_id_description": "Stel een aangepaste client-ID in als je app dit nodig heeft. Anders laat je het gewoon leeg en wordt er een willekeurige ID gegenereerd.",
"generated": "Gemaakt"
}

18
frontend/messages/pl.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Kliknij, aby skopiować",
"something_went_wrong": "Coś poszło nie tak",
"go_back_to_home": "Wróć do strony głównej",
"dont_have_access_to_your_passkey": "Nie masz dostępu do swojego klucza?",
"alternative_sign_in_methods": "Alternatywne metody logowania",
"login_background": "Tło logowania",
"logo": "Logo",
"login_code": "Kod logowania",
@@ -276,6 +276,8 @@
"public_clients_description": "Klienci publiczni nie mają tajnego klucza. Są zaprojektowane dla aplikacji mobilnych, webowych i natywnych, gdzie tajne klucze nie mogą być bezpiecznie przechowywane.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Wymiana kodu publicznego klucza to funkcja zabezpieczająca, która zapobiega atakom CSRF i przechwytywaniu kodu autoryzacyjnego.",
"requires_reauthentication": "Wymagane ponowne uwierzytelnienie",
"requires_users_to_authenticate_again_on_each_authorization": "Wymaga od użytkowników ponownego uwierzytelniania przy każdej autoryzacji, nawet jeśli są już zalogowani.",
"name_logo": "Logo {name}",
"change_logo": "Zmień logo",
"upload_logo": "Prześlij logo",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Liczba przypadków, w których można użyć tokenu rejestracji.",
"expires": "Wygasają",
"signup": "Zarejestruj się",
"user_creation": "Tworzenie użytkowników",
"configure_user_creation": "Zarządzaj ustawieniami tworzenia użytkowników, w tym metodami rejestracji i domyślnymi uprawnieniami dla nowych użytkowników.",
"user_creation_groups_description": "Przypisz te grupy automatycznie nowym użytkownikom podczas rejestracji.",
"user_creation_claims_description": "Przypisuj te niestandardowe oświadczenia automatycznie nowym użytkownikom podczas rejestracji.",
"user_creation_updated_successfully": "Ustawienia tworzenia użytkowników zostały pomyślnie zaktualizowane.",
"signup_disabled_description": "Rejestracja użytkowników jest całkowicie wyłączona. Tylko administratorzy mogą tworzyć nowe konta użytkowników.",
"signup_requires_valid_token": "Aby utworzyć konto, wymagany jest ważny token rejestracyjny.",
"validating_signup_token": "Weryfikacja tokenu rejestracji",
"go_to_login": "Przejdź do logowania",
@@ -396,7 +404,7 @@
"skip_for_now": "Pomiń na razie",
"account_created": "Konto utworzone",
"enable_user_signups": "Włącz rejestrację użytkowników",
"enable_user_signups_description": "Czy funkcja rejestracji użytkowników powinna być włączona.",
"enable_user_signups_description": "Zdecyduj, w jaki sposób użytkownicy mogą rejestrować nowe konta w Pocket ID.",
"user_signups_are_disabled": "Rejestracja użytkowników jest obecnie wyłączona.",
"create_signup_token": "Utwórz token rejestracji",
"view_active_signup_tokens": "Wyświetl aktywne tokeny rejestracji",
@@ -412,7 +420,6 @@
"loading": "Ładowanie",
"delete_signup_token": "Usuń token rejestracji",
"are_you_sure_you_want_to_delete_this_signup_token": "Czy na pewno chcesz usunąć ten token rejestracji? Tego działania nie można cofnąć.",
"signup_disabled_description": "Rejestracja użytkowników jest całkowicie wyłączona. Tylko administratorzy mogą tworzyć nowe konta użytkowników.",
"signup_with_token": "Zarejestruj się za pomocą tokenu",
"signup_with_token_description": "Użytkownicy mogą zarejestrować się wyłącznie przy użyciu ważnego tokenu rejestracyjnego utworzonego przez administratora.",
"signup_open": "Otwórz rejestrację",
@@ -430,5 +437,8 @@
"revoke_access": "Cofnij dostęp",
"revoke_access_description": "Cofnij dostęp do <b>{clientName}</b>. <b>{clientName}</b> nie będzie już mógł uzyskać dostępu do informacji o Twoim koncie.",
"revoke_access_successful": "Dostęp do strony {clientName} został pomyślnie cofnięty.",
"last_signed_in_ago": "Ostatnio zalogowany {time} temu"
"last_signed_in_ago": "Ostatnio zalogowany {time} temu",
"invalid_client_id": "Identyfikator klienta może zawierać wyłącznie litery, cyfry, znaki podkreślenia i łączniki.",
"custom_client_id_description": "Ustaw niestandardowy identyfikator klienta, jeśli jest to wymagane przez twoją aplikację. W przeciwnym razie pozostaw to pole puste, aby wygenerować losowy identyfikator.",
"generated": "Wygenerowano"
}

18
frontend/messages/pt-BR.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Clique para copiar",
"something_went_wrong": "Algo deu errado",
"go_back_to_home": "Voltar para o início",
"dont_have_access_to_your_passkey": "Não tem acesso à sua chave de acesso?",
"alternative_sign_in_methods": "Outras formas de entrar",
"login_background": "Histórico de login",
"logo": "Logotipo",
"login_code": "Código de Login:",
@@ -276,6 +276,8 @@
"public_clients_description": "Public clients do not have a client secret and use PKCE instead. Enable this if your client is a SPA or mobile app.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "A troca de chaves públicas é um recurso de segurança que evita ataques CSRF e interceptação de códigos de autorização.",
"requires_reauthentication": "Precisa autenticar de novo",
"requires_users_to_authenticate_again_on_each_authorization": "Pede que os usuários se autentiquem de novo em cada autorização, mesmo que já estejam conectados.",
"name_logo": "{name} logotipo",
"change_logo": "Alterar logotipo",
"upload_logo": "Carregar logotipo",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Número de vezes que o token de inscrição pode ser usado.",
"expires": "Vence",
"signup": "Cadastre-se",
"user_creation": "Criação de usuário",
"configure_user_creation": "Gerencie as configurações de criação de usuários, incluindo métodos de inscrição e permissões padrão para novos usuários.",
"user_creation_groups_description": "Atribuir esses grupos automaticamente aos novos usuários quando eles se cadastrarem.",
"user_creation_claims_description": "Atribua essas reivindicações personalizadas automaticamente aos novos usuários no momento da inscrição.",
"user_creation_updated_successfully": "As configurações de criação do usuário foram atualizadas com sucesso.",
"signup_disabled_description": "As inscrições de usuários estão totalmente desativadas. Só os administradores podem criar novas contas de usuário.",
"signup_requires_valid_token": "É preciso um token de inscrição válido pra criar uma conta.",
"validating_signup_token": "Validando o token de inscrição",
"go_to_login": "Vá para o login",
@@ -396,7 +404,7 @@
"skip_for_now": "Pular por enquanto",
"account_created": "Conta criada",
"enable_user_signups": "Ativar inscrições de usuários",
"enable_user_signups_description": "Se a funcionalidade de cadastro de usuários deve ser ativada.",
"enable_user_signups_description": "Decida como os usuários podem se cadastrar para novas contas no Pocket ID.",
"user_signups_are_disabled": "As inscrições de usuários estão desativadas no momento.",
"create_signup_token": "Criar token de inscrição",
"view_active_signup_tokens": "Ver tokens de inscrição ativos",
@@ -412,7 +420,6 @@
"loading": "Carregando",
"delete_signup_token": "Apagar token de inscrição",
"are_you_sure_you_want_to_delete_this_signup_token": "Tem certeza que quer apagar esse token de inscrição? Não dá pra voltar atrás.",
"signup_disabled_description": "As inscrições de usuários estão totalmente desativadas. Só os administradores podem criar novas contas de usuário.",
"signup_with_token": "Cadastre-se com token",
"signup_with_token_description": "Os usuários só podem se cadastrar usando um token de cadastro válido criado por um administrador.",
"signup_open": "Inscrição aberta",
@@ -430,5 +437,8 @@
"revoke_access": "Revogar acesso",
"revoke_access_description": "Revogar acesso a <b>{clientName}</b>. <b>{clientName}</b> não vai mais conseguir acessar as informações da sua conta.",
"revoke_access_successful": "O acesso a {clientName} foi revogado com sucesso.",
"last_signed_in_ago": "Último login em {time} atrás"
"last_signed_in_ago": "Último login em {time} atrás",
"invalid_client_id": "A ID do cliente só pode ter letras, números, sublinhados e hífens.",
"custom_client_id_description": "Defina um ID de cliente personalizado se for necessário para o seu aplicativo. Caso contrário, deixe em branco para gerar um aleatório.",
"generated": "Gerado"
}

18
frontend/messages/ru.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Нажмите, чтобы скопировать",
"something_went_wrong": "Что-то пошло не так",
"go_back_to_home": "Вернуться на главную",
"dont_have_access_to_your_passkey": "Нет доступа к вашему пасскею?",
"alternative_sign_in_methods": "Альтернативные способы входа",
"login_background": "Фон страницы входа",
"logo": "Логотип",
"login_code": "Код входа",
@@ -276,6 +276,8 @@
"public_clients_description": "Публичные клиенты не имеют клиентского секрета. Они предназначены для мобильных, SPA и нативных приложений, где секретные данные нельзя надежно хранить.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Public Key Code Exchange — это функция безопасности для предотвращения атак CSRF и перехвата кода авторизации.",
"requires_reauthentication": "Требуется повторная аутентификация",
"requires_users_to_authenticate_again_on_each_authorization": "Требует от пользователей повторной аутентификации при каждой авторизации, даже если они уже вошли в систему",
"name_logo": "Логотип {name}",
"change_logo": "Изменить логотип",
"upload_logo": "Загрузить логотип",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Количество раз, которое может быть использован токен регистрации.",
"expires": "Истекает",
"signup": "Зарегистрироваться",
"user_creation": "Создание пользователя",
"configure_user_creation": "Управляйте настройками создания пользователя, включая способы регистрации и разрешения по умолчанию для новых пользователей.",
"user_creation_groups_description": "Назначать эти группы автоматически новым пользователям при регистрации.",
"user_creation_claims_description": "Назначить эти пользовательские claims автоматически новым пользователям при регистрации.",
"user_creation_updated_successfully": "Настройки создания пользователя обновлены.",
"signup_disabled_description": "Регистрация пользователей полностью отключена. Только администраторы могут создавать новые учетные записи пользователей.",
"signup_requires_valid_token": "Для создания учетной записи необходим действительный токен регистрации",
"validating_signup_token": "Проверка токена регистрации",
"go_to_login": "Перейти ко входу",
@@ -396,7 +404,7 @@
"skip_for_now": "Пока пропустить",
"account_created": "Учетная запись создана",
"enable_user_signups": "Включить регистрацию пользователей",
"enable_user_signups_description": "Должна ли быть включена функция регистрации пользователя.",
"enable_user_signups_description": "Решите, как пользователи могут регистрировать новые учетные записи в Pocket ID.",
"user_signups_are_disabled": "Регистрация пользователей в настоящее время отключена",
"create_signup_token": "Создать токен регистрации",
"view_active_signup_tokens": "Показать активные токены регистрации",
@@ -412,7 +420,6 @@
"loading": "Загрузка",
"delete_signup_token": "Удалить токен регистрации",
"are_you_sure_you_want_to_delete_this_signup_token": "Вы уверены, что хотите удалить этот токен регистрации? Это действие нельзя отменить.",
"signup_disabled_description": "Регистрация пользователей полностью отключена. Только администраторы могут создавать новые учетные записи пользователей.",
"signup_with_token": "Регистрация с токеном",
"signup_with_token_description": "Пользователи могут зарегистрироваться только с помощью действительного токена регистрации, созданного администратором.",
"signup_open": "Открытая регистрация",
@@ -430,5 +437,8 @@
"revoke_access": "Отозвать доступ",
"revoke_access_description": "Отозвать доступ к <b>{clientName}</b>. <b>{clientName}</b> больше не сможет получить доступ к информации вашей учетной записи.",
"revoke_access_successful": "Доступ к {clientName} успешно отозван.",
"last_signed_in_ago": "Последний вход {time} назад"
"last_signed_in_ago": "Последний вход {time} назад",
"invalid_client_id": "ID клиента может содержать только буквы, цифры, подчеркивания и дефисы",
"custom_client_id_description": "Установите пользовательский ID клиента, если это нужно для вашего приложения. Если нет, оставьте поле пустым, чтобы он был сгенерирован случайным образом.",
"generated": "Сгенерированный"
}

18
frontend/messages/uk.json
View File

@@ -23,7 +23,7 @@
"click_to_copy": "Натисніть, щоб скопіювати",
"something_went_wrong": "Щось пішло не так",
"go_back_to_home": "Повернутися на головну сторінку",
"dont_have_access_to_your_passkey": "Не маєте доступу до свого ключа доступу?",
"alternative_sign_in_methods": "Альтернативні способи входу",
"login_background": "Фон сторінки входу",
"logo": "Логотип",
"login_code": "Код входу",
@@ -276,6 +276,8 @@
"public_clients_description": "Публічні клієнти не мають секретного ключа. Вони призначені для мобільних, веб та нативних додатків, де секретний ключ не може надійно зберігатись.",
"pkce": "PKCE",
"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Public Key Code Exchange — це функція безпеки, що запобігає атакам типу CSRF та перехопленню коду авторизації.",
"requires_reauthentication": "Потрібна повторна автентифікація",
"requires_users_to_authenticate_again_on_each_authorization": "Вимагає від користувачів повторної автентифікації при кожній авторизації, навіть якщо вони вже ввійшли в систему.",
"name_logo": "Логотип {name}",
"change_logo": "Змінити логотип",
"upload_logo": "Вивантажити логотип",
@@ -385,6 +387,12 @@
"number_of_times_token_can_be_used": "Скільки разів можна використовувати реєстраційний токен.",
"expires": "Термін дії",
"signup": "Зареєструватися",
"user_creation": "Створення користувача",
"configure_user_creation": "Керуйте налаштуваннями створення користувачів, включаючи методи реєстрації та права доступу за замовчуванням для нових користувачів.",
"user_creation_groups_description": "Призначте ці групи автоматично новим користувачам під час реєстрації.",
"user_creation_claims_description": "Призначте ці власні вимоги автоматично новим користувачам під час реєстрації.",
"user_creation_updated_successfully": "Налаштування створення користувача успішно оновлено.",
"signup_disabled_description": "Реєстрація користувачів повністю вимкнена. Нові облікові записи можуть створювати лише адміністратори.",
"signup_requires_valid_token": "Для створення облікового запису потрібен дійсний токен реєстрації",
"validating_signup_token": "Перевірка токена реєстрації",
"go_to_login": "Перейти до входу",
@@ -396,7 +404,7 @@
"skip_for_now": "Пропустити наразі",
"account_created": "Обліковий запис створено",
"enable_user_signups": "Дозволити реєстрацію користувачів",
"enable_user_signups_description": "Чи слід увімкнути можливість реєстрації користувачів.",
"enable_user_signups_description": "Визначте, як користувачі можуть реєструвати нові облікові записи в Pocket ID.",
"user_signups_are_disabled": "Реєстрація користувачів наразі вимкнена",
"create_signup_token": "Створити токен реєстрації",
"view_active_signup_tokens": "Переглянути активні токени реєстрації",
@@ -412,7 +420,6 @@
"loading": "Завантаження",
"delete_signup_token": "Видалити токен реєстрації",
"are_you_sure_you_want_to_delete_this_signup_token": "Ви впевнені, що хочете видалити цей токен реєстрації? Цю дію неможливо скасувати.",
"signup_disabled_description": "Реєстрація користувачів повністю вимкнена. Нові облікові записи можуть створювати лише адміністратори.",
"signup_with_token": "Зареєструватися за допомогою токену",
"signup_with_token_description": "Користувачі можуть зареєструватися лише за допомогою дійсного токена реєстрації, створеного адміністратором.",
"signup_open": "Відкрита реєстрація",
@@ -430,5 +437,8 @@
"revoke_access": "Скасувати доступ",
"revoke_access_description": "Скасувати доступ для <b>{clientName}</b>. <b>{clientName}</b> більше не зможе отримати доступ до інформації вашого облікового запису.",
"revoke_access_successful": "Доступ для {clientName} було успішно скасовано.",
"last_signed_in_ago": "Останній вхід {time} тому"
"last_signed_in_ago": "Останній вхід {time} тому",
"invalid_client_id": "Ідентифікатор клієнта може містити тільки літери, цифри, підкреслення та дефіси.",
"custom_client_id_description": "Встановіть власний ідентифікатор клієнта, якщо це потрібно для вашої програми. В іншому випадку залиште поле порожнім, щоб створити випадковий ідентифікатор.",
"generated": "Створено"
}

Some files were not shown because too many files have changed in this diff Show More