feat: consolidate auth into NocoDB, add password reset, health check
Some checks failed
Deploy / deploy (push) Failing after 9s
Some checks failed
Deploy / deploy (push) Failing after 9s
- Migrate auth credentials from SQLite (auth.db) to NocoDB Users table with one-time migration function (auth.db → auth.db.bak) - Add email-based password reset via Cloudron SMTP (nodemailer) - Add GET /api/health endpoint for monitoring - Add startup env var validation with clear error messages - Strip sensitive fields (password_hash, reset_token) from all API responses - Add ForgotPassword + ResetPassword pages with i18n (en/ar) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
fahed
@@ -87,6 +87,21 @@ function getUserModules(user, allModules) {
|
||||
return allModules;
|
||||
}
|
||||
|
||||
// Strip sensitive fields from user data before sending to client
|
||||
const SENSITIVE_USER_FIELDS = ['password_hash', 'reset_token', 'reset_token_expires'];
|
||||
function stripSensitiveFields(data) {
|
||||
if (Array.isArray(data)) return data.map(stripSensitiveFields);
|
||||
if (data && typeof data === 'object') {
|
||||
const out = { ...data };
|
||||
for (const f of SENSITIVE_USER_FIELDS) {
|
||||
delete out[f];
|
||||
delete out[f.replace(/_([a-z])/g, (_, c) => c.toUpperCase())];
|
||||
}
|
||||
return out;
|
||||
}
|
||||
return data;
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
getRecordName,
|
||||
batchResolveNames,
|
||||
@@ -95,5 +110,6 @@ module.exports = {
|
||||
pickBodyFields,
|
||||
sanitizeWhereValue,
|
||||
getUserModules,
|
||||
stripSensitiveFields,
|
||||
_nameCache,
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user