hesoyam/trihuy-russian
1
0
Fork 0
Code Issues Pull Requests Actions 7 Packages Projects Releases 1 Wiki Activity
Files
b97ff40ad6ea8996d6bfc168e592a59f64146ef5
trihuy-russian/web/service
T
History
MHSanaei b97ff40ad6 feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs 
Replace the single regenerable API token with a named-token list:
- New ApiToken model + service with constant-time auth matching
- Seeder migrates the legacy `apiToken` setting into a "default" row
- Security tab gets create/enable/delete UI; api-docs page links to it
- Dedicated "API Tokens" section in the in-panel docs

URL anchors now reflect the active tab/section on Settings, Xray, and
API Docs pages, so deep links like `/panel/settings#security` work.

Translations for the 8 new SecurityTab strings added across all locales.
2026-05-13 16:34:31 +02:00
..
api_token.go
feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs
2026-05-13 16:34:31 +02:00
config.json
dokodemo-door, socks renamed to mixed, tunnel
2025-09-09 13:57:40 +02:00
custom_geo_test.go
v3
2026-05-10 02:13:42 +02:00
custom_geo.go
fix(security): SSRF-guard node and remote HTTP clients
2026-05-13 13:33:53 +02:00
inbound.go
fix(inbound): require email when adding or updating a client
2026-05-13 13:45:31 +02:00
metric_history.go
feat(panel): xray metrics dashboard with observatory probe history
2026-05-12 02:17:45 +02:00
node.go
fix(security): SSRF-guard node and remote HTTP clients
2026-05-13 13:33:53 +02:00
nord.go
feat(xray/nord): searchable server list + colored load tag, surface API errors
2026-05-11 10:06:01 +02:00
outbound.go
feat(xray/outbounds): TCP probe mode + Test All + timing breakdown
2026-05-11 04:17:23 +02:00
panel_other.go
feat: add panel update functionality via web GUI (#4117)
2026-04-28 18:46:55 +02:00
panel_test.go
feat: add panel update functionality via web GUI (#4117)
2026-04-28 18:46:55 +02:00
panel_unix.go
feat: add panel update functionality via web GUI (#4117)
2026-04-28 18:46:55 +02:00
panel.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
port_conflict_test.go
fix(inbounds): scope port check to node and preserve caller tag
2026-05-11 12:51:45 +02:00
port_conflict.go
fix(inbounds): scope port check to node and preserve caller tag
2026-05-11 12:51:45 +02:00
server_vlessenc_test.go
Feat: clarify VLESS encryption auth selection (#4271)
2026-05-12 11:39:28 +02:00
server.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
setting_security_test.go
feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs
2026-05-13 16:34:31 +02:00
setting.go
feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs
2026-05-13 16:34:31 +02:00
tgbot_test.go
Implement CSRF protection and security hardening across the application (#4179)
2026-05-07 23:36:11 +02:00
tgbot.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
traffic_writer_test.go
Fix: traffic writer restart freeze (#4265)
2026-05-12 11:36:05 +02:00
traffic_writer.go
Fix: traffic writer restart freeze (#4265)
2026-05-12 11:36:05 +02:00
url_safety.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
user.go
fix(auth): invalidate sessions when 2FA is enabled, fix dev 401 loop
2026-05-13 14:08:16 +02:00
warp.go
v3
2026-05-10 02:13:42 +02:00
websocket.go
v3
2026-05-10 02:13:42 +02:00
xray_metrics.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
xray_setting_test.go
xray-setting: pin api routing rule to index 0 on save (#4124)
2026-04-28 17:49:39 +02:00
xray_setting.go
v3
2026-05-10 02:13:42 +02:00
xray.go
fix(nodes): bind form-encoded posts and skip node inbounds in central xray
2026-05-10 11:32:06 +02:00