This pull request introduces the new Flowpilot system along with several new features and various improvements. The key enhancements include configurable authorization, registration, and profile flows, as well as the ability to enable and disable user identifiers (e.g., email addresses and usernames) and login methods.
---------
Co-authored-by: Frederic Jahn <frederic.jahn@hanko.io>
Co-authored-by: Lennart Fleischmann <lennart.fleischmann@hanko.io>
Co-authored-by: lfleischmann <67686424+lfleischmann@users.noreply.github.com>
Co-authored-by: merlindru <hello@merlindru.com>
* add check of email object is nil to DTO transformation - prevents runtime nil exception
* fetch updated emails for user before creating session token
Co-authored-by: Stefan Jacobi <stefan.jacobi@adesso.de>
* admin api: make email primary when user has no emails
* utils: move get updated user and webhook trigger to utils to reduce duplicated code
* events: remove unused user and email event - Check is replaced with string variant
* remove unused dtos
* fix tests after changes
* webhook tests: switch to test.Suite instead of TestPersister -> added deprecation annotation to test.NewPersister
* Email Verification: Fix trigger of webhook when email verification is enabled and a email is created but not validated
Closes: #692, #1051
* add tests for webhooks
* improve error handling when context does not contain webhook manager
* add logging to worker and fix nesting error overwrite
* remove enable and disable methods in favor for update method
* move data in jwt from subject claim to custom `data` claim
* add event in jwt to custom `evt` claim
* change webhook trigger to only fire once per hook (was once per subscribed event in hook before)
Closes#692
* add webhooks settings to config
* add webhooks entity for database
* add endpoints for webhooks
* add worker for asynchronously executing webhooks
* add trigger for events to user change/create/delete users/emails
Closes#692
* Add endpoint to invalidate HTTP-Only cookie from the backend
* Add methods to the UserClient SDK for logout
* Remove session token fetch and add unit test for logout
* Update public router to use JWT middleware
* Add logout button to frontend. Route back to login page once logout is successful.
* Add a logout failur event
* Update logout logic in SDK
* Remove unneeded endpoint from main.go
* Update logoutlink reference
* Fix request path; undo change in package order
* Update common.css to incldue hanko-logout
* feat(fronend-sdk): remove cookie during cross-domain operations
* fix(frontend-sdk): No unauthorized error during logout, when the user is already logged out
* feat(backend): Create an audit log entry when the user logs off
* chore(frontend-sdk): re-generate jsdoc
* fix: Adjust logout response codes and the corresponding frontend sdk error handling
* chore(frontend-sdk): re-generate jsdoc
* feat: add logout endpoint specification to the docs
* Fix broken unit test
* Remove logout button from elements
* Add event listener on frontend to call the logout method from SDK
* Rollback changes to SecuredContent on e2e tests
* Update logout test on user
* Update quickstart/public/assets/css/common.css
Co-authored-by: bjoern-m <56024829+bjoern-m@users.noreply.github.com>
---------
Co-authored-by: Björn Müller <bjoern.mueller@hanko.io>
Co-authored-by: bjoern-m <56024829+bjoern-m@users.noreply.github.com>
