zgaetano/mcp-servers
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
283 commits 1 branch 0 tags 617 KiB
Commit graph

15 commits

Author SHA1 Message Date
zgaetano
a4fa9e75a2 feat(gateway): password login page with session cookie for /admin and /dashboard 
Replaces Bearer-token-only auth on GUI routes with a proper browser
login flow. Visiting /admin or /dashboard now redirects to /gui-login
if no valid session exists. Submitting the OAUTH_PASSWORD sets a
secure httpOnly session cookie (8h TTL). /gui-logout clears it.

- /dashboard/status also accepts session cookie (for the dashboard JS
  to call back without needing a separate token)
- API routes (/users/*, /keys/*) still require Bearer token as before
- /gui-login, /gui-logout added as new public routes
 2026-03-31 23:44:24 -04:00
zgaetano
a1a6ef137a security: require auth on all admin/dashboard/user routes 
/admin, /dashboard, /dashboard/status, and all /users/* and /keys/*
endpoints were publicly accessible with no authentication, exposing
user management, API key generation, and backend topology to anyone.

- /dashboard and /dashboard/status now require Bearer token
- /admin (user management UI) now requires Bearer token
- All /users/* and /keys/revoke routes now require Bearer token
- /health scrubbed of sensitive fields (token counts, client counts)
- /linkedin/* left public (required for OAuth callback flow)

Auth checks use GATEWAY_STATIC_API_KEY or valid OAuth access tokens,
consistent with the existing /mcp and /status endpoints.
 2026-03-31 23:32:15 -04:00
zgaetano
ebb6836674 Add gateway-proxy/user_routes.py 2026-03-31 15:33:41 -04:00
zgaetano
2ce999d252 Add gateway-proxy/user_management.py 2026-03-31 15:33:40 -04:00
zgaetano
6c5d2c59e4 Add gateway-proxy/user_dashboard_ui.py 2026-03-31 15:33:40 -04:00
zgaetano
8523a6d1e5 Add gateway-proxy/openai_routes_fixed.py 2026-03-31 15:33:40 -04:00
zgaetano
932e97acad Add gateway-proxy/openai_routes.py 2026-03-31 15:33:39 -04:00
zgaetano
633ea63bbf Add gateway-proxy/oauth_storage.py 2026-03-31 15:33:39 -04:00
zgaetano
dae0a6f7e5 Add gateway-proxy/INTEGRATION_INSTRUCTIONS.md 2026-03-31 15:33:39 -04:00
zgaetano
71ffc99072 Add gateway-proxy/gateway_proxy_user_integration.py 2026-03-31 15:33:38 -04:00
zgaetano
7c75fa9212 Add gateway-proxy/gateway_proxy_patch.py 2026-03-31 15:33:38 -04:00
zgaetano
dac5fc77bb Add gateway-proxy/gateway_proxy_fixed.py 2026-03-31 15:33:38 -04:00
zgaetano
759c2131f7 Add gateway-proxy/gateway_proxy.py 2026-03-31 15:33:37 -04:00
zgaetano
0bc49a862f Add gateway-proxy/Dockerfile 2026-03-31 15:33:37 -04:00
zgaetano
8b121c0c91 Add gateway-proxy/dashboard_routes.py 2026-03-31 15:33:37 -04:00