ai-workspace-services/accounts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,345 Commits 18 Branches 2 Tags 70 MiB
cbda9eb581
Commit Graph

1345 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Haitao Pan
cbda9eb581
Merge pull request #7 from cloud-neutral-toolkit/codex/fix/sandbox-sync-all-regions 
fix(agent-server): sync all eligible users
 2026-02-07 03:27:23 +08:00
Haitao Pan
414a9a417f fix(agent-server): sync all eligible users 2026-02-07 03:24:57 +08:00
Haitao Pan
25d842804d
Merge pull request #6 from cloud-neutral-toolkit/codex/fix/sandbox-sync-all-regions 
fix(sandbox): sync sandbox client on all agent nodes
 2026-02-07 03:07:01 +08:00
Haitao Pan
627df39684 fix(sandbox): sync sandbox client on all agent nodes 2026-02-07 03:01:50 +08:00
Haitao Pan
3cfaa1f65b
Merge pull request #5 from cloud-neutral-toolkit/codex/fix/guest-sandbox-demo 
fix(sandbox): expose internal sandbox guest endpoint
 2026-02-07 02:35:58 +08:00
Haitao Pan
957d56c090 fix(sandbox): expose internal sandbox guest endpoint 2026-02-07 02:31:52 +08:00
Haitao Pan
8ebc370a28 refactor: replace direct error comparison with errors.Is for ErrUserNotFound 2026-02-07 02:24:32 +08:00
Haitao Pan
6117e6f769 feat: export additional is type-checking utility functions from lodash 2026-02-07 02:24:19 +08:00
Haitao Pan
b5ee9723c8 fix(account): relax isReadOnlyAccount to allow MFA setup and fix build 2026-02-07 02:24:04 +08:00
Haitao Pan
7aa99b43d8 feat: Dynamically set session cookie domain based on the public URL. 2026-02-07 02:23:53 +08:00
Haitao Pan
3b980a7ff2 chore: Update Next.js routes type definition import path to include . 2026-02-06 23:20:27 +08:00
Haitao Pan
56166f6fd3 feat: Extend VLESS node fallback logic to include demo users, use request host as an additional fallback, and normalize '*' as an empty host. 2026-02-06 22:59:46 +08:00
Haitao Pan
235b1f57a3 feat: Provide fallback Vless nodes for sandbox users and refine proxy UUID database update logic. 2026-02-06 22:37:15 +08:00
Haitao Pan
48102e95ad feat: Add local-test.yaml configuration, modify user not found API response to include mfa_enabled status, and add 5xx error logging. 2026-02-06 22:31:50 +08:00
Haitao Pan
de66aec30e feat: Implement database session fallback for token validation in the authentication middleware. 2026-02-06 22:16:28 +08:00
Haitao Pan
51336af5b7 feat: Implement session store fallback for token validation in the authentication middleware. 2026-02-06 19:02:48 +08:00
Haitao Pan
2c69f3c156 style: update SandboxEmail constant to lowercase. 2026-02-06 18:53:00 +08:00
Haitao Pan
8412e3ff95 docs: Update Sandbox and Root Assume implementation report. 2026-02-06 18:28:02 +08:00
Haitao Pan
97b7d64de3 fix: Remove redundant agent routes and handlers from main.go to resolve startup panic. 2026-02-06 18:18:46 +08:00
Haitao Pan
17909d57d2 fix: sandbox binding + agent sandbox sync + uuid rotation 2026-02-06 18:06:20 +08:00
Haitao Pan
d1195bbc75 fix: Implement missing ClearSandboxAgents method. 2026-02-06 16:44:11 +08:00
Haitao Pan
b6ab404206 fix: Remove duplicate route registration causing panic on startup. 2026-02-06 16:40:31 +08:00
Haitao Pan
1bfe4f1d53 fix: Robust DB connection retries and move sandbox routes to admin group. 2026-02-06 16:21:29 +08:00
Haitao Pan
9169192144 docs: add implementation report for Sandbox Mode and Agent Sync stability fixes 2026-02-06 13:28:33 +08:00
Haitao Pan
51358586e1 chore: unblock push by tuning gitleaks + report path 2026-02-06 13:24:49 +08:00
Haitao Pan
33bd1b8beb fix: Refine error reporting in agent sync and fix lints. 2026-02-06 13:13:44 +08:00
Haitao Pan
3b818314db fix: Filter out wildcard agent (*) from the nodes list in SandboxNodeBindingPanel. 2026-02-06 13:12:40 +08:00
Haitao Pan
c366e96e5d fix: Ensure users table has required columns for agent sync and add explicit migrations. 2026-02-06 13:10:18 +08:00
Haitao Pan
4503b053f7 feat: Implement sandbox agent functionality with dedicated user, admin API, and agent-side user filtering. 2026-02-06 13:03:47 +08:00
Haitao Pan
508e98504a feat: Add empty gitleaks final scrub configuration file. 2026-02-06 13:03:14 +08:00
Haitao Pan
882378e328 test: Replace hardcoded test password with a named variable in api_test.go and add api.test. 2026-02-06 12:29:10 +08:00
Haitao Pan
ba85a0236b feat: Add expressions_v2.txt with new redaction patterns for sensitive data. 2026-02-06 12:22:31 +08:00
Haitao Pan
d0537acafd docs: restore archival records and runbooks 2026-02-06 12:13:29 +08:00
Haitao Pan
a705f16cbb chore: Add gitleaks secret scanning report. 2026-02-06 12:11:39 +08:00
Haitao Pan
df6f1dd92b Runbook: Moved into github-org-cloud-neutral-toolkit/docs/ 2026-02-06 12:10:21 +08:00
Haitao Pan
04ff61f952 feat: Update agent API paths to /api/agent-server/v1, modify route registration for improved error handling, and add INTERNAL_SERVICE_TOKEN to Cloud Run. 2026-02-06 12:07:24 +08:00
Haitao Pan
fbe04d37b1 fix(agent-server): authenticate /v1/nodes via session tokens 2026-02-05 17:39:43 +08:00
Haitao Pan
cc0ff117f6 chore: commit pending agent/controller updates and docs 2026-02-05 16:56:17 +08:00
Haitao Pan
4b4a2069b3 feat(agent): expose canonical /api/agent-server/v1/nodes 2026-02-05 16:52:10 +08:00
Haitao Pan
700a1db5e3 docs: update runbook for fixing agent 404 errors and UUID changes. 2026-02-05 15:41:19 +08:00
Haitao Pan
c353a43547 docs: Add runbook for fixing Agent 404 errors and UUID changes. 2026-02-05 15:22:50 +08:00
Haitao Pan
d849e3e6cc fix(admin): complete management APIs for console integration 2026-02-05 15:01:12 +08:00
Haitao Pan
3ffd39cc8b feat: add public.agents table and its set_updated_at trigger. 2026-02-05 13:10:56 +08:00
Haitao Pan
e48c23fab5 feat: add agent loading debug logging and fix nodes endpoint response format 2026-02-05 12:17:35 +08:00
Haitao Pan
e75b2d45e3 feat: Implement persistent session management by moving session logic to the store interface and adding a sessions table. 2026-02-05 11:27:11 +08:00
Haitao Pan
4d5aae09ad fix: correct sessions table column name in applyRBACSchema to user_uuid 2026-02-05 11:10:25 +08:00
Haitao Pan
dc348238f1 fix: correct sessions table column names from user_id to user_uuid 
- Fixed CreateSession and GetSession SQL queries to use user_uuid instead of user_id
- Added unique constraint on sessions.token column for proper upsert support
- Created migration file to add the unique index to existing databases

This fixes the 500 error on /api/auth/login caused by session creation failure
 2026-02-05 11:00:57 +08:00
Haitao Pan
bc2562b877 fix: move mfa/status endpoint outside auth middleware and implement persistent session storage 
- Moved /api/auth/mfa/status outside authProtected group to allow pre-login MFA checks
- Added session management to Store interface with CreateSession, GetSession, DeleteSession
- Implemented session persistence in both memoryStore and postgresStore
- Updated handler to use store-based sessions instead of in-memory map
- Added database schema for users, sessions, agents, and email_blacklist tables
- This fixes the 401 error when checking MFA status before login
 2026-02-05 09:37:04 +08:00
Haitao Pan
29bb103aa3 fix(config): remove empty agents.credentials to enable INTERNAL_SERVICE_TOKEN fallback 
The empty credentials array was preventing the INTERNAL_SERVICE_TOKEN
environment variable from being used for agent authentication.
 2026-02-05 08:52:43 +08:00
Haitao Pan
8b8a2aa3fa feat(agent-persistence): implement PostgreSQL persistence for agent registry 
Core Changes:
- Add Agent struct and management methods to Store interface
- Implement PostgreSQL store methods (UpsertAgent, ListAgents, DeleteAgent, DeleteStaleAgents)
- Integrate persistence into Registry with async database writes
- Add Load() method to restore agents from database on startup
- Implement runAgentCleanup background task (5min interval, 10min stale threshold)

Database:
- Update agents table schema to use JSONB for groups field
- Add indexes on last_heartbeat and healthy columns
- Support health tracking and automatic cleanup of stale agents

Documentation:
- Add comprehensive DB access and upgrade guide
- Include agent persistence implementation plan
- Document diagnostic procedures and troubleshooting steps
- Add walkthrough of multi-agent support implementation

This enables:
- Persistent agent state across service restarts
- Automatic cleanup of offline agents
- Multi-agent support with shared token authentication
 2026-02-05 08:34:25 +08:00