* fix: create session in DB for old endpoints
The old endpoints do not store the session in the DB, this leads to an unauthorized error in old hanko elements versions prior 1.0.0 when any endpoint is called that requires a session because they check if the session is stored in the DB.
* test: fix test
* feat: add server side sessions
* feat: add lastUsed & admin endpoint
* feat: add session list to elements
* fix: fix public session endpoint
* chore: only store session info when enabled
* build: update go mod
* feat: add translations
* test: fix tests
* feat: change path
* feat: return userID on session validation endpoint
* feat: move all session endpoints to public router
* fix: add missing translation
* fix: add missing structs
* chore: align session persister with other persisters
* fix: use correct translation label
* chore: add db validator to session model
* feat: create server side session from cmd
* fix: fix review findings
This pull request introduces the new Flowpilot system along with several new features and various improvements. The key enhancements include configurable authorization, registration, and profile flows, as well as the ability to enable and disable user identifiers (e.g., email addresses and usernames) and login methods.
---------
Co-authored-by: Frederic Jahn <frederic.jahn@hanko.io>
Co-authored-by: Lennart Fleischmann <lennart.fleischmann@hanko.io>
Co-authored-by: lfleischmann <67686424+lfleischmann@users.noreply.github.com>
Co-authored-by: merlindru <hello@merlindru.com>
* admin api: make email primary when user has no emails
* utils: move get updated user and webhook trigger to utils to reduce duplicated code
* events: remove unused user and email event - Check is replaced with string variant
* remove unused dtos
* fix tests after changes
* webhook tests: switch to test.Suite instead of TestPersister -> added deprecation annotation to test.NewPersister
* Email Verification: Fix trigger of webhook when email verification is enabled and a email is created but not validated
Closes: #692, #1051
Time.Now() uses local time but timezone information is lost on persisting
because pop timestamp columns are without timezone. On retrieval from the
DB the original timestamp is not wholly recoverable and leads to erroneous
comparisons (e.g. passcode expiry check). This commit changes that by
explicitly using UTC both on save and comparison.
