<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Adds CLI authentication for NodeJS with new error handling and updates
dependencies.
>
> - **CLI Authentication**:
> - Adds `promptCliLogin()` method in `_StackClientAppImplIncomplete` to
handle CLI authentication, returning a refresh token or error.
> - Handles errors `CliAuthError`, `CliAuthExpiredError`, and
`CliAuthUsedError`.
> - **Error Handling**:
> - Adds `CliAuthError`, `CliAuthExpiredError`, and `CliAuthUsedError`
to `known-errors.tsx`.
> - **Dependencies**:
> - Adds `open` to `dependencies` in `package.json`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 98b0ccd0d2. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add API endpoint to revoke API keys found through credential scanning,
with email notifications and error handling.
>
> - **Behavior**:
> - Adds `POST` endpoint in `route.tsx` to revoke API keys found through
credential scanning.
> - Handles errors for non-existent, public, expired, and already
revoked API keys.
> - Sends email notifications to affected users or team members.
> - **Email**:
> - Adds `getSharedEmailConfig()` in `emails.tsx` for shared email
configuration.
> - **Testing**:
> - Adds tests in `revoke.test.ts` for user and team API key revocation,
including email notifications and error handling for non-existent and
already revoked keys.
> - **Errors**:
> - Adds `PublicApiKeyCannotBeRevoked` error in `known-errors.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for a67021bf47. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
- Added new config json schema and helper functions
- Separated the internal project and client project so we can later
change the internal project APIs without breaking backward compatibility
- Added database to config json and config json to project type so we
can test and compare the result in production
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/99619123-6be5-4788-aebe-5fc2a9a36245"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/660677bf-f19a-4673-94c8-59ac50eb6ae5"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/11ae63c4-5813-4fd8-aa01-fa580d2103be"
/>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduces API key management for users and teams, integrating with
existing project configurations and permissions, and adds comprehensive
tests and examples.
>
> - **API Key Management**:
> - Introduces `ProjectApiKey` model in `schema.prisma` for managing API
keys.
> - Adds `createApiKeyHandlers` in `handlers.tsx` to handle API key CRUD
operations.
> - Implements API key creation, revocation, and validation logic.
> - **Permissions and Configurations**:
> - Adds `allowUserApiKeys` and `allowTeamApiKeys` to `ProjectConfig` in
`schema.prisma`.
> - Updates `TeamSystemPermission` enum to include `MANAGE_API_KEYS`.
> - Ensures API key operations respect project configurations and
user/team permissions.
> - **Testing and Examples**:
> - Adds extensive tests in `api-keys.test.ts` to cover various API key
scenarios.
> - Updates example projects to demonstrate API key usage.
> - **Miscellaneous**:
> - Refactors existing code to integrate API key functionalities.
> - Updates documentation and type definitions to reflect new API key
features.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 96f60c57f0. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Enhance permission management by adding unique constraints, handling
duplicate ID errors, and updating frontend and backend logic with
comprehensive tests.
>
> - **Database**:
> - Add unique constraint on `Permission` table for `[tenancyId,
queryableId]` in `migration.sql`.
> - Update `schema.prisma` to reflect new unique constraints.
> - **Backend**:
> - Update `crud.tsx` files to handle `PERMISSION_ID_ALREADY_EXISTS`
error using `isErrorForNonUniquePermission()`.
> - Add `isPrismaUniqueConstraintViolation()` in `prisma-client.tsx` to
identify unique constraint violations.
> - Add `PermissionIdAlreadyExists` error in `known-errors.tsx`.
> - **Frontend**:
> - Update `page-client.tsx` and `permission-table.tsx` to check for
duplicate permission IDs before creation.
> - **Tests**:
> - Add tests in `project-permission-definitions.test.ts` and
`team-permission-definitions.test.ts` to verify duplicate ID handling.
> - Ensure permissions cannot be created with duplicate IDs across
project and team contexts.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b3ccd15bca. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: Zai Shi <zaishi00@outlook.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Renamed user-related permissions to project-related permissions across
the codebase, affecting enums, schemas, APIs, models, and tests.
>
> - **Behavior**:
> - Renamed `USER` to `PROJECT` in `PermissionScope` enum in
`schema.prisma` and `migration.sql`.
> - Updated `isDefaultUserPermission` to `isDefaultProjectPermission` in
`schema.prisma` and `migration.sql`.
> - Removed `jwks.json/route.ts` file.
> - **API Changes**:
> - Renamed `user-permission-definitions` and `user-permissions`
endpoints to `project-permission-definitions` and `project-permissions`
in `route.tsx` files.
> - Updated CRUD handlers in `crud.tsx` files to reflect new naming.
> - **Models**:
> - Updated models in `permissions.tsx` to use `ProjectPermission` and
`AdminProjectPermission`.
> - Updated `KnownErrors` to use `ProjectPermissionRequired`.
> - **Tests**:
> - Renamed test files and updated test cases in
`e2e/tests/backend/endpoints/api/v1` to reflect new naming.
> - **Misc**:
> - Updated `admin-app-impl.ts`, `client-app-impl.ts`, and
`server-app-impl.ts` to use new project permission naming.
> - Updated `schema-fields.ts` to reflect new permission ID schema.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 08924f5241. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Adds user permissions management, including models, API endpoints, and
tests, alongside existing team permissions.
>
> - **Behavior**:
> - Adds user permissions alongside team permissions, allowing for
user-specific permission management.
> - Introduces `ProjectUserDirectPermission` model in `schema.prisma`
for direct user permissions.
> - Updates `PermissionScope` enum from `GLOBAL` to `USER`.
> - **API**:
> - Adds CRUD endpoints for user permissions in `user-permissions` and
`user-permission-definitions`.
> - Updates existing team permission endpoints to support user
permissions.
> - **Tests**:
> - Adds e2e tests for user permissions in `user-permissions.test.ts`
and `user-permission-definitions.test.ts`.
> - Updates existing tests to include user permissions where applicable.
> - **Misc**:
> - Updates `adminInterface.ts` and `server-app-impl.ts` to handle user
permissions.
> - Modifies `known-errors.tsx` to include `UserPermissionRequired`
error.
> - Adjusts `project-configs` and `projects` to include user default
permissions.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 8b73e668e2. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds `updatePassword` method to `StackServerInterface` and updates
`_StackServerAppImplIncomplete` to use it for password updates.
>
> - **Behavior**:
> - Adds `updatePassword` method to `StackServerInterface` in
`serverInterface.ts` to update user passwords via POST to
`/auth/password/update`.
> - Handles `PasswordConfirmationMismatch` and
`PasswordRequirementsNotMet` errors.
> - **Implementation**:
> - Updates `updatePassword` method in `_StackServerAppImplIncomplete`
in `server-app-impl.ts` to use `StackServerInterface.updatePassword`.
> - Requires `oldPassword` in `updatePassword` options.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 5dd07df3ee. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Enhance email configuration handling, add email listing endpoint and
tests, and update schemas for improved security and functionality.
>
> - **Email Configuration**:
> - Refactor `prismaModelToCrud` in `crud.tsx` to expand `sender_config`
into detailed fields.
> - Use `emailConfigWithoutPasswordSchema` in `emails.ts` for
`sender_config`.
> - **API Changes**:
> - Update `internalEmailsCrudHandlers` in `crud.tsx` to use
`auth.tenancy.id` for filtering emails and limit results to 100.
> - Add `route.tsx` to export `GET` handler for listing emails.
> - **Testing**:
> - Add `email.test.ts` to test email listing, project isolation, and
admin access restrictions.
> - Add `resetContext` function in `backend-helpers.ts` to reset test
context.
> - **Miscellaneous**:
> - Implement `emailConfigWithoutPasswordSchema` in `projects.ts` to
exclude password from email config.
> - Update `snapshot-serializer.ts` to strip `sent_at_millis` field.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 6721f4e13a. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add webhooks for team permission creation and deletion, updating CRUD
operations and tests to support this functionality.
>
> - **Webhooks**:
> - Add `sendTeamPermissionCreatedWebhook` and
`sendTeamPermissionDeletedWebhook` in `webhooks.tsx`.
> - Trigger `sendTeamPermissionCreatedWebhook` on permission creation in
`team-memberships/crud.tsx` and `team-permissions/crud.tsx`.
> - Trigger `sendTeamPermissionDeletedWebhook` on permission deletion in
`team-permissions/crud.tsx`.
> - **CRUD Operations**:
> - Modify `addUserToTeam` in `team-memberships/crud.tsx` to return
permission IDs.
> - Update `onCreate` and `onDelete` handlers in
`team-permissions/crud.tsx` to handle webhooks.
> - **Tests**:
> - Add tests in `team-memberships.test.ts` and
`team-permissions.test.ts` to verify webhook triggers for permission
creation and deletion.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 5067753761. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Add some buttons to user details page
<img width="1443" alt="image"
src="https://github.com/user-attachments/assets/1c8fa865-29bc-43e7-ab77-f8ef55f934a4"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add impersonate and delete functionalities to user details page with
new dialogs and error handling.
>
> - **User Interface**:
> - Added `Impersonate` and `Delete` buttons to user details page in
`page-client.tsx`.
> - Introduced `DropdownMenu` for user actions in `page-client.tsx`.
> - **Dialogs**:
> - Moved `DeleteUserDialog` and `ImpersonateUserDialog` to
`user-dialogs.tsx`.
> - Updated `DeleteUserDialog` to redirect after deletion.
> - **Server Interface**:
> - Updated `getServerUserById()` in `serverInterface.ts` to handle
`UserNotFound` error.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 0576c20f76. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Zai Shi <zaishi00@outlook.com>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add SentEmails dashboard table with backend API and frontend
components to display email logs.
>
> - **Backend**:
> - Add `crud.tsx` to define CRUD operations for `SentEmail` using
`prismaClient`.
> - Add `route.tsx` to expose `GET` endpoint for listing sent emails.
> - **Frontend**:
> - Update `page-client.tsx` to include `EmailSendDataTable` component
displaying email logs.
> - Define `emailTableColumns` for `DataTable` in `page-client.tsx`.
> - **Shared Interfaces**:
> - Add `InternalEmailsCrud` and `sentEmailReadSchema` in `emails.ts`.
> - Extend `StackAdminApp` to include `listSentEmails()` method.
> - Define `AdminSentEmail` type in `email/index.ts` and export it in
`index.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for fe32ecbc33. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: devin-ai-integration[bot] <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: ryan@stack-auth.com <ryan@stack-auth.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<img width="1443" alt="image"
src="https://github.com/user-attachments/assets/611ede72-4d46-41dc-adea-9546c04b199a"
/>
Adds new active sessions page to settings
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds an active sessions page to settings, enabling users to view and
manage their sessions, with backend support for session listing and
deletion.
>
> - **Active Sessions Page**:
> - Adds `ActiveSessionsPage` component in `account-settings.tsx` to
display active sessions.
> - Allows revoking individual sessions or all sessions except the
current one.
> - **Backend Changes**:
> - Adds `sessionsCrudHandlers` in `crud.tsx` for session management
(list, delete).
> - Updates `ProjectUserRefreshToken` model in `schema.prisma` to
include `id` and `isImpersonation` fields.
> - Implements session listing and deletion in `serverInterface.ts` and
`client-app-impl.ts`.
> - **Error Handling**:
> - Introduces `CannotDeleteCurrentSession` error in `known-errors.tsx`.
> - **Testing**:
> - Adds tests for session management in
`endpoints/api/v1/auth/sessions` tests.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ba78df0928. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: TheCactusBlue <thecactusblue@gmail.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
