14 Commits

Author	SHA1	Message	Date
Eduardo Silva	8418beb482	enhance policy validation by ensuring protected policies have authentication methods and defaulting to HTTPS in external URL construction	2026-03-16 21:05:16 -03:00
Eduardo Silva	fb17394099	enhance security by adding cache control headers, validating password length, and rejecting encoded slashes in path processing	2026-03-16 20:36:49 -03:00
Eduardo Silva	ca63b87123	implement CSRF protection by adding token generation, validation, and cookie management in login flows	2026-03-16 20:23:18 -03:00
Eduardo Silva	a9bfcac771	enhance security by sanitizing headers and preventing open redirects	2026-03-16 19:53:05 -03:00
Eduardo Silva	4c109957e9	enhance security by adding HTTP security headers and disabling OpenAPI documentation	2026-03-16 19:49:11 -03:00
Eduardo Silva	76048593f1	refactor login flow to use context path for redirects and enhance path normalization to prevent traversal bypasses	2026-03-16 19:47:48 -03:00
Eduardo Silva	bf1991457a	enhance security by enforcing strict SameSite cookies, validating OIDC callback host, and improving path matching logic	2026-03-16 19:35:24 -03:00
Eduardo Silva	c707d278f3	add error handling for policy configuration issues in authentication	2026-03-16 14:16:28 -03:00
Eduardo Silva	e1f128f217	implement rate limiting for authentication routes and add custom error handling page	2026-03-16 13:42:20 -03:00
Eduardo Silva	685b4eb971	refactor templates to extend base layout and improve styling	2026-03-16 11:58:48 -03:00
Eduardo Silva	66a3895eff	enhance logging and error handling in authentication process	2026-03-16 11:26:16 -03:00
Eduardo Silva	a68820fd98	add session management routes and session page template	2026-03-16 10:34:10 -03:00
Eduardo Silva	76326aded7	update libs	2026-03-16 10:14:52 -03:00
Eduardo Silva	d84cf0a174	add initial implementation of auth gateway with models, routes, and session management	2026-03-16 09:47:02 -03:00