TRKJ/mayfly-go
2
0
Fork 0
mirror of https://gitee.com/dromara/mayfly-go synced 2026-06-05 17:55:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
765 Commits 2 Branches 67 Tags
44b5f6ebfd36deefa5372c22badeffa362fa223e
Commit Graph

20 Commits

Author SHA1 Message Date
saa99999
a17fa5a103 Fix CWE-347: JWT algorithm confusion + CWE-798: hardcoded credentials in example config (#131) 
- Add HMAC algorithm verification in ParseToken to prevent JWT algorithm
  confusion attacks (CWE-347). Reject tokens with non-HMAC signing methods.
- Replace hardcoded secrets in config.yml.example with empty values
  (JWT key, DB password, AES key) to prevent users from deploying with
  weak/known credentials (CWE-798).
 2026-05-27 19:10:12 +08:00
meilin.huang
400db0402a refactor: 包优化&其他问题修复 2026-01-25 14:16:16 +08:00
meilin.huang
aa393590b2 feat: 系统升级支持数据库自动迁移,避免手动执行升级脚本 2025-02-13 21:11:23 +08:00
meilin.huang
9366a76b84 release: v1.9.1 2024-11-21 19:02:15 +08:00
meilin.huang
89e12678eb refactor: 引入dayjs、新增refreshToken无感刷新、团队新增有效期、数据库等问题修复 2024-05-13 19:55:43 +08:00
meilin.huang
408bac09a1 refactor: 标签资源重构 2024-04-06 18:19:17 +08:00
zongyangleo
582d879a77 !112 feat: 机器管理支持ssh+rdp连接win服务器 
* feat: rdp 文件管理
* feat: 机器管理支持ssh+rdp连接win服务器
 2024-04-06 04:03:38 +00:00
meilin.huang
e4d13f3377 refactor: 引入日志切割库、indexApi拆分等 2024-01-23 19:30:28 +08:00
kanzihuang
de5b9e46d3 !87 fix: 修复数据库备份与恢复问题 
* feat: 修复数据库备份与恢复问题
* feat: 启用 BINLOG 支持全量备份和增量备份,未启用 BINLOG 仅支持全量备份
* feat: 数据库恢复后自动备份,避免数据丢失
 2024-01-22 03:12:16 +00:00
kanzihuang
e344722794 feat: 实现数据库备份与恢复 2023-12-29 08:30:10 +08:00
meilin.huang
76527d95bd refactor: 机器相关配置迁移至系统配置、pgsql数据操作完善、新增context-path 2023-11-12 20:14:44 +08:00
meilin.huang
41443dccc0 feat: 支持sqlite存储数据 2023-10-10 23:21:29 +08:00
meilin.huang
ead3b0d0d8 feat: 界面新增暗模式 2023-09-13 19:54:43 +08:00
meilin.huang
899a3a8243 refactor: slog替换logrus、日志操作统一、支持json、text格式等 2023-09-02 17:24:18 +08:00
meilin.huang
649b2bb165 refactor: ldap登录配置迁移至系统配置 2023-08-25 23:26:14 +08:00
meilin.huang
3634c902d0 feat: 系统配置新增权限控制 2023-08-25 19:41:52 +08:00
kanzihuang
4e1350d1cc feat: 实现 LDAP 登录 2023-08-25 03:48:42 +00:00
王一之
6da8d7fd67 ci: 优化镜像构建和docker compose 2023-07-28 13:56:32 +08:00
meilin.huang
155ae65b4a refactor: oauth2登录重构 2023-07-22 20:51:46 +08:00
王一之
179b58e557 wip: 自定义oauth2登录配置 2023-07-21 22:01:53 +08:00