mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-15 11:00:47 +02:00
This PR migrates the login features from V1 into V2.
---
- Login via username/password
- SSO login (Google & GitHub)
-- Fixed issue where users authenticating via SSO (OAuth2/SAML2) were
identified by configurable username attributes (email,
preferred_username, etc.), causing:
- Duplicate accounts when username attributes changed
- Authentication failures when claim/NameID configuration changed
- Data redundancy from same user having multiple accounts
- Added `sso_provider_id` column to store provider's unique identifier
(OIDC sub claim / SAML2 NameID)
- Added `sso_provider` column to store provider name (e.g., "google",
"github", "saml2")
- User.java:65-69
Backend Changes:
- Updated UserRepository with findBySsoProviderAndSsoProviderId() method
(UserRepository.java:25)
- Modified UserService.processSSOPostLogin() to implement lookup
priority:
a. Find by (`ssoProvider`, `ssoProviderId`) first
b. Fallback to username for backward compatibility
c. Automatically migrate existing users by adding provider IDs
(UserService.java:64-107)
- Updated saveUserCore() to accept and store SSO provider details
(UserService.java:506-566)
OAuth2 Integration:
- CustomOAuth2UserService: Extracts OIDC sub claim and registration ID
(CustomOAuth2UserService.java:49-59)
- CustomOAuth2AuthenticationSuccessHandler: Passes provider info to
processSSOPostLogin()
(CustomOAuth2AuthenticationSuccessHandler.java:95-108)
SAML2 Integration:
- CustomSaml2AuthenticationSuccessHandler: Extracts NameID from SAML2
assertion (CustomSaml2AuthenticationSuccessHandler.java:120-133)
---
- Configurable Rate Limiting
Changes:
- Added RateLimit configuration class to ApplicationProperties.Security
(ApplicationProperties.java:314-317)
- Made reset schedule configurable: security.rate-limit.reset-schedule
(default: "0 0 0 * * MON")
- Made max requests configurable: security.rate-limit.max-requests
(default: 1000)
- Updated RateLimitResetScheduler to use @Scheduled(cron =
"${security.rate-limit.reset-schedule:0 0 0 * * MON}")
(RateLimitResetScheduler.java:16)
- Updated SecurityConfiguration.rateLimitingFilter() to use configured
value (SecurityConfiguration.java:377)
---
- Enable access without security features
Backend:
- Added /api/v1/config to permitAll endpoints
(SecurityConfiguration.java:261)
- Config endpoint already returns enableLogin status
(ConfigController.java:60)
Frontend:
- AuthProvider now checks enableLogin before attempting JWT validation
(UseSession.tsx:98-112)
- If enableLogin=false, skips authentication entirely and sets
session=null
- Landing component bypasses auth check when enableLogin=false
(Landing.tsx:42-46)
- Added createAnonymousUser() and createAnonymousSession() utilities
(springAuthClient.ts:440-464)
Closes #3046
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [x] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ludy <[email protected]>
Co-authored-by: EthanHealy01 <[email protected]>
Co-authored-by: Ethan <[email protected]>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
104 lines
4.1 KiB
TypeScript
104 lines
4.1 KiB
TypeScript
import { Suspense } from "react";
|
|
import { Routes, Route } from "react-router-dom";
|
|
import { RainbowThemeProvider } from "./components/shared/RainbowThemeProvider";
|
|
import { FileContextProvider } from "./contexts/FileContext";
|
|
import { NavigationProvider } from "./contexts/NavigationContext";
|
|
import { ToolRegistryProvider } from "./contexts/ToolRegistryProvider";
|
|
import { FilesModalProvider } from "./contexts/FilesModalContext";
|
|
import { ToolWorkflowProvider } from "./contexts/ToolWorkflowContext";
|
|
import { HotkeyProvider } from "./contexts/HotkeyContext";
|
|
import { SidebarProvider } from "./contexts/SidebarContext";
|
|
import { PreferencesProvider } from "./contexts/PreferencesContext";
|
|
import { OnboardingProvider } from "./contexts/OnboardingContext";
|
|
import { TourOrchestrationProvider } from "./contexts/TourOrchestrationContext";
|
|
import ErrorBoundary from "./components/shared/ErrorBoundary";
|
|
import OnboardingTour from "./components/onboarding/OnboardingTour";
|
|
|
|
// Import auth components
|
|
import { AuthProvider } from "./auth/UseSession";
|
|
import Landing from "./routes/Landing";
|
|
import Login from "./routes/Login";
|
|
import Signup from "./routes/Signup";
|
|
import AuthCallback from "./routes/AuthCallback";
|
|
|
|
// Import global styles
|
|
import "./styles/tailwind.css";
|
|
import "./styles/cookieconsent.css";
|
|
import "./index.css";
|
|
import { RightRailProvider } from "./contexts/RightRailContext";
|
|
import { ViewerProvider } from "./contexts/ViewerContext";
|
|
import { SignatureProvider } from "./contexts/SignatureContext";
|
|
|
|
// Import file ID debugging helpers (development only)
|
|
import "./utils/fileIdSafety";
|
|
|
|
// Loading component for i18next suspense
|
|
const LoadingFallback = () => (
|
|
<div
|
|
style={{
|
|
display: "flex",
|
|
justifyContent: "center",
|
|
alignItems: "center",
|
|
height: "100vh",
|
|
fontSize: "18px",
|
|
color: "#666",
|
|
}}
|
|
>
|
|
Loading...
|
|
</div>
|
|
);
|
|
|
|
export default function App() {
|
|
return (
|
|
<Suspense fallback={<LoadingFallback />}>
|
|
<PreferencesProvider>
|
|
<RainbowThemeProvider>
|
|
<ErrorBoundary>
|
|
<AuthProvider>
|
|
<Routes>
|
|
{/* Auth routes - no FileContext or other providers needed */}
|
|
<Route path="/login" element={<Login />} />
|
|
<Route path="/signup" element={<Signup />} />
|
|
<Route path="/auth/callback" element={<AuthCallback />} />
|
|
|
|
{/* Main app routes - wrapped with all providers */}
|
|
<Route
|
|
path="/*"
|
|
element={
|
|
<OnboardingProvider>
|
|
<FileContextProvider enableUrlSync={true} enablePersistence={true}>
|
|
<ToolRegistryProvider>
|
|
<NavigationProvider>
|
|
<FilesModalProvider>
|
|
<ToolWorkflowProvider>
|
|
<HotkeyProvider>
|
|
<SidebarProvider>
|
|
<ViewerProvider>
|
|
<SignatureProvider>
|
|
<RightRailProvider>
|
|
<TourOrchestrationProvider>
|
|
<Landing />
|
|
<OnboardingTour />
|
|
</TourOrchestrationProvider>
|
|
</RightRailProvider>
|
|
</SignatureProvider>
|
|
</ViewerProvider>
|
|
</SidebarProvider>
|
|
</HotkeyProvider>
|
|
</ToolWorkflowProvider>
|
|
</FilesModalProvider>
|
|
</NavigationProvider>
|
|
</ToolRegistryProvider>
|
|
</FileContextProvider>
|
|
</OnboardingProvider>
|
|
}
|
|
/>
|
|
</Routes>
|
|
</AuthProvider>
|
|
</ErrorBoundary>
|
|
</RainbowThemeProvider>
|
|
</PreferencesProvider>
|
|
</Suspense>
|
|
);
|
|
}
|