Changed default security rule to permit all requests instead of requiring authentication. Adjusted `SecurityConfig` to ensure open access for all endpoints.
Replaced `PermissionClaim` enum with an OpenAPI-defined schema `PermissionClaimDto` for consistency across frontend and backend. Refactored authentication flow to utilize `AuthService` on the frontend, consolidating JWT handling logic. Removed redundant methods like `saveJwt` and integrated robust permission management throughout the application.
Added JWT-based login dialog with form validation and secure token handling on the frontend. Updated backend with role-based access control, privilege management, and refined security configurations. Extended database schema for user privileges and permissions.
Introduced a secure login flow using JWTs with dynamically generated RSA key pairs stored in the database. Updated relevant APIs, database schema, and services to support login codes, JWT encoding, and secret validation.
Introduced a new API endpoint to fetch all punishment history for a specified UUID. Updated existing schemas, controllers, and mappers to support this functionality. Adjusted login endpoints to improve request handling and streamlined frontend form setup for appeals.
Introduced a `@RateLimit` annotation to enforce limits on the `addLogin` and `login` methods in `LoginController`. This restricts the number of requests per minute to improve security and prevent abuse.
Introduced @RateLimit annotations to enforce request limits on the AppealController. The overall controller has a global limit of 30 requests per hour, while specific methods for Discord and Minecraft appeals are limited to 3 requests per hour. This aims to prevent abuse and improve system reliability.
Introduces initial structure for appeal and login forms in both the frontend and backend. New controllers, APIs, and components were created, but functionality has not been fully implemented yet. This serves as a foundation for future development of these features.
Changed the rate limit from 30 requests per minute to 30 requests per 10 seconds. This ensures a smoother request flow and prevents excessive delays for frequent API users.
This commit introduces a new `DetailsComponent` for displaying detailed punishment data and establishes a route to view punishment history by ID and type. It also updates the API to support fetching individual punishment records and refines database mappings for improved data handling.
Introduced WebConfig to configure resource handling in the backend. This ensures SPA fallback by serving `index.html` for non-existent paths, improving routing for client-side applications.
Introduced new API paths and backend logic to retrieve total punishment counts based on user search queries using names or UUIDs. Updated the frontend to utilize these endpoints and display the total search results dynamically.
Added `Access-Control-Expose-Headers` to rate limit responses to expose retry-related headers for easier accessibility on the client side. Changed the rate limit time unit in `HistoryApiController` from seconds to minutes for more reasonable throttling.
Updated pagination buttons with new styles and class name (`historyPageButton`) for consistency and improved UX. Modified backend rate limit interval from 1 minute to 1 second for faster request handling.
Removed redundant rate-limit response headers and improved query methods for fetching punishment history. Refactored methods to handle cases where partial names are empty and added escaping for underscores in search names.
Introduced a rate-limiting feature using Spring AOP and a custom `RateLimit` annotation. Includes `InMemoryRateLimiterService`, `RateLimitAspect`, and related classes for controlling request limits. Applied rate limiting to specific API controllers to enhance system stability and prevent abuse.
Introduced a new API endpoint `/history/total` for fetching the total counts of bans, mutes, kicks, and warnings. Added database mapping and DTO classes to support this functionality, along with necessary schema and controller updates.
The database tables are now automatically created
The history lookup now uses a view for names (for simplicity and readability)
The all history lookup now uses a view combining all punishment history for efficiency
Redesigned history-related APIs to streamline handling of user and UUID punishments, moving from POST to GET endpoints. Added support for LiteBans database with mappers for retrieving punishment records by name and UUID, and implemented global exception handling for better error reporting. Updated schema paths and added enums (UserType, HistoryType) and a new Gradle dependency.
Updated API definitions and endpoints to better support punishment history and team queries. Introduced new parameters, schemas, and operations to improve functionality, and reorganized related controllers into appropriate packages.
Modularized OpenAPI definitions by splitting into dedicated files for teams, bans, and errors. Improved backend logging for database connections, CORS configuration, and debugging. Updated application properties to support environment-specific CORS origins and logging levels.
The TeamMemberDto import was unnecessary and not used in the code. Removing it improves code cleanliness and reduces potential confusion. This is a minor optimization with no functional changes.
Reorganized database-related code into a dedicated module, added mappings for UUID handling, and updated SQL queries for clarity. Enhanced team members API to use player data directly, ensuring consistency and better handling of UUIDs. Introduced new database table for connection settings and adjusted Gradle configurations for modularization.
akastijn
Teriuihi
