75 Commits

Author	SHA1	Message	Date
Yuliia Pominchuk	dd812c5010	fix(core): Emit missing auth audit events for OIDC and SSO-restricted login (#29856)	2026-05-06 19:00:20 +00:00
Irénée	1b995cde18	feat(core): Enable instance owner setup via environment variables (#27859) ... Co-authored-by: James Gee <1285296+geemanjs@users.noreply.github.com>	2026-04-08 13:03:50 +00:00
Stephen Wright	a8f5ee3aeb	feat: Enable secure invite links (#27107)	2026-03-17 15:58:47 +00:00
Guillaume Jacquart	e9a5d76475	chore(core): Extract email auth handler. extract login method into multiple functions (#25246)	2026-02-05 13:00:49 +00:00
Guillaume Jacquart	642cb061ed	chore(core): Add auth handler registry to reverse control of the ldap call (#25078)	2026-02-03 13:23:06 +00:00
Guillaume Jacquart	6ccffed46d	chore(core): Extract ldap into module, and introduce auth handler for registering it (#24494)	2026-01-23 09:39:52 +00:00
Tomi Turtiainen	8e0de0be02	feat(core): Add limits to fields used for rate limiter keys (#24665)	2026-01-22 10:09:20 +00:00
Tomi Turtiainen	d9862bb4aa	feat(core): Implement two-layered rate limiting system (#24636)	2026-01-21 14:02:05 +00:00
Guillaume Jacquart	62afac3e1c	fix(core): Check user auth identities to know whether or not they can update their profile (#24524)	2026-01-19 14:05:52 +00:00
Stephen Wright	e0f9381468	feat: Accept invitation to use new JWT for tamper proof invites (#24025)	2026-01-08 13:40:41 +00:00
Stephen Wright	f73eba7c86	feat: Block invite acceptance on SSO systems (#21830)	2025-11-13 18:33:39 +00:00
Andreas Fitzek	27fd768deb	fix(core): Include role in user-invite-email-click (#21546)	2025-11-04 16:26:35 +01:00
Andreas Fitzek	42d8ae92bc	chore(core): Only allow owners to log in during oidc SSO (#19974)	2025-09-24 17:30:58 +02:00
Andreas Fitzek	ecad12b77a	chore(core): Use roles from database in global roles (#18768)	2025-08-26 17:53:46 +02:00
Andreas Fitzek	a21a03d4b0	Revert "chore(core): Use roles from database in global roles (#17853)" (#18738)	2025-08-25 14:29:28 +02:00
Andreas Fitzek	a8e4387f4d	chore(core): Use roles from database in global roles (#17853)	2025-08-22 16:02:01 +02:00
Andreas Fitzek	657e5a3b3a	feat(core): Allow enforcement of MFA usage on instance (#16556) ... Co-authored-by: Marc Littlemore <marc@n8n.io> Co-authored-by: Csaba Tuncsik <csaba.tuncsik@gmail.com>	2025-07-02 11:03:10 +02:00
Iván Ovejero	7c33292483	refactor(core): Move integration test utils for insights (#16693)	2025-06-25 17:32:54 +02:00
Iván Ovejero	31b6f32a36	perf(core): Lazyload LDAP during bootup (#15907)	2025-06-02 15:04:54 +02:00
Iván Ovejero	c229e915ea	refactor(core): Move Logger to @n8n/backend-common (#15721)	2025-05-30 12:57:47 +02:00
Iván Ovejero	e122b3f0f9	refactor(core): Move UserRepository and subscribers to @n8n/db (#15352)	2025-05-13 15:24:26 +02:00
Iván Ovejero	20834abb56	refactor(core): Move interrelated entities to @n8n/db (#15050)	2025-05-02 12:19:32 +02:00
Iván Ovejero	70b93f2f53	refactor(core): Split out database types (#14942)	2025-04-28 16:15:20 +02:00
Iván Ovejero	e6381e09e3	refactor(core): Introduce @n8n/decorators package (#14784)	2025-04-23 16:39:49 +02:00
Ricardo Espinoza	17738c5096	fix(core): Do not validate email when LDAP is enabled (#13605)	2025-03-03 19:15:52 +01:00
कारतोफ्फेलस्क्रिप्ट™	371a09de96	refactor(core): Port 3 more controllers to use DTOs (no-changelog) (#12375)	2024-12-26 16:09:42 +01:00
Iván Ovejero	f754b22a3f	refactor(core): Mark all backend Enterprise Edition files and dirs (#12350)	2024-12-24 13:02:05 +01:00
कारतोफ्फेलस्क्रिप्ट™	471d7b9420	refactor(core): Move Logger to core (no-changelog) (#12310)	2024-12-23 13:46:13 +01:00
Ricardo Espinoza	70706d81e1	refactor: Standardize MFA code and recovery code naming across code base (#12011)	2024-12-03 07:15:29 -05:00
Iván Ovejero	3a9c65e1cb	refactor(core): Modernize logger service (#11031)	2024-10-01 12:16:09 +02:00
Tomi Turtiainen	5156313074	refactor(core): Enable import/order eslint rule (#10794)	2024-09-12 19:07:18 +03:00
Iván Ovejero	6485ca0a4b	refactor(core): Enforce filename casing in cli package (no-changelog) (#10594)	2024-08-28 17:57:46 +02:00
Iván Ovejero	fd58a272e1	refactor(core): Standardize filename casing for controllers and databases (no-changelog) (#10564)	2024-08-27 16:44:32 +02:00
Iván Ovejero	f667b384c9	refactor(core): Standardize filenames in cli (no-changelog) (#10484) ... Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>	2024-08-22 11:10:37 +02:00
कारतोफ्फेलस्क्रिप्ट™	9fe6a71690	feat(core): Logout should invalidate the auth token (no-changelog) (#10335)	2024-08-22 09:33:06 +02:00
Iván Ovejero	6b52bebf52	refactor(core): Tear down internal hooks (no-changelog) (#10340)	2024-08-12 10:13:15 +02:00
Iván Ovejero	aa0a470dce	refactor(core): Clean up event relays (no-changelog) (#10284)	2024-08-02 16:52:49 +02:00
Tomi Turtiainen	d6770b5fca	fix(core): Flush instance stopped event immediately (#10238)	2024-07-30 14:49:41 +03:00
Iván Ovejero	aba1c64500	refactor(core): Rename EventRelay to EventService (no-changelog) (#10110)	2024-07-19 12:55:38 +02:00
Iván Ovejero	199dff4fb3	refactor(core): Decouple event bus from internal hooks (no-changelog) (#9724)	2024-06-20 12:32:22 +02:00
कारतोफ्फेलस्क्रिप्ट™	3b70330ff6	refactor(core): Auto-register controllers at startup (no-changelog) (#9781)	2024-06-19 09:57:40 +02:00
कारतोफ्फेलस्क्रिप्ट™	7be616e583	feat(core): Allow customizing rate limits on a per-route basis, and add rate limiting to more endpoints (#9522) ... Co-authored-by: Omar Ajoue <krynble@gmail.com>	2024-06-03 11:20:51 +02:00
कारतोफ्फेलस्क्रिप्ट™	5887ed6498	refactor(core): Extract all Auth-related User columns into a separate entity (#9557) ... Co-authored-by: Ricardo Espinoza <ricardo@n8n.io>	2024-05-31 09:40:19 +02:00
Csaba Tuncsik	596c472ecc	feat: RBAC (#8922) ... Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Val <68596159+valya@users.noreply.github.com> Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Danny Martini <danny@n8n.io> Co-authored-by: Danny Martini <despair.blue@gmail.com> Co-authored-by: Iván Ovejero <ivov.src@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> Co-authored-by: oleg <me@olegivaniv.com> Co-authored-by: Michael Kret <michael.k@radency.com> Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com> Co-authored-by: Elias Meire <elias@meire.dev> Co-authored-by: Giulio Andreini <andreini@netseven.it> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com>	2024-05-17 10:53:15 +02:00
कारतोफ्फेलस्क्रिप्ट™	28261047c3	feat(core): Prevent session hijacking (#9057)	2024-04-09 11:20:35 +02:00
कारतोफ्फेलस्क्रिप्ट™	a6446fe057	feat(core): Rate-limit login endpoint to mitigate brute force password guessing attacks (#9028)	2024-04-03 12:15:19 +02:00
कारतोफ्फेलस्क्रिप्ट™	db4a419c8d	refactor(core): Enforce authorization by default on all routes (no-changelog) (#8762)	2024-02-28 17:02:18 +01:00
कारतोफ्फेलस्क्रिप्ट™	56c8791aff	refactor(core): Remove all legacy auth middleware code (no-changelog) (#8755)	2024-02-28 13:12:28 +01:00
कारतोफ्फेलस्क्रिप्ट™	d6deceacde	refactor(core): Remove roleId indirection (no-changelog) (#8413)	2024-01-24 13:38:57 +01:00
Cornelius Suermann	d597c2ab29	feat: Extend collection of usage metrics during license renewal (no-changelog) (#8369) ... Co-authored-by: Iván Ovejero <ivov.src@gmail.com>	2024-01-22 12:29:28 +01:00