domnitor

Malin/domnitor

Fork 0

Commit Graph

Author	SHA1	Message	Date
Hosteroid	e334f7c9d6	Add domain status notifications & login alerts Introduce richer notifications and domain status handling across the app. - NotificationService: Add domain status alert formatting/sending, in-app notifications for available/registered/redemption/pending_delete, richer session_new and session_failed notifications (geolocation + UA parsing) and helpers for human-readable status labels. - Auth/TwoFactor: Emit notifications for successful logins (including remember-me and 2FA) and failed login attempts; update last-login timestamp on various flows. - DomainController: Wrap bulk domain create in try/catch to handle duplicate race conditions and log failures. - WhoisService: Detect redemption_period and pending_delete statuses from WHOIS/EPP statuses. - Settings/Setting: Add settings support for notification status triggers and bump default app_version to 1.1.2; persist/update status trigger values. - Views/Layout/View helpers: Add parsing/formatting for login notification data, add new status labels/classes (available, redemption_period, pending_delete), update notification icons/colors mapping. - Top-nav & Notifications UI: Enhance dropdown with rich login/failed-login display (flags, device icons), clickable domain redirects when marking read, badge IDs for dynamic updates. - Error admin UI: Add copy error report button with robust clipboard fallback and toast UI reused from messages; improved copy UX in admin index/detail. - Installer: Add new migration 024 to installer migration lists and adjust detected toVersion to 1.1.2. - DB: Add migration file 024_add_status_notifications_v1.1.2.sql (new file). These changes add user-facing alerts for domain lifecycle events and stronger login/security notifications while improving UI feedback and robustness during bulk operations.	2026-02-08 22:58:59 +02:00
Hosteroid	a29becc944	Add CSRF, CAPTCHA, and input validation improvements Introduces CSRF protection to all sensitive controller actions, integrates configurable CAPTCHA (reCAPTCHA v2/v3, Turnstile) for authentication and registration flows, and centralizes input validation via a new InputValidator helper. Adds new helpers and services for CSRF and CAPTCHA, updates settings and migration for CAPTCHA configuration, and enhances logging and error handling in TLD registry import processes. Also improves validation for user, domain, group, and profile inputs throughout the application.	2025-10-10 00:04:12 +03:00
Hosteroid	e5b9599755	Upgraded to 1.1.0 1.1.0 (2025-10-09) - User Notifications System - In-app notification center with 7 notification types, filtering, pagination - Advanced Session Management - Database-backed sessions with geolocation (country, city, ISP) - Remote Session Control - Terminate any device instantly with immediate logout validation - Enhanced Profile Page - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - MVC Architecture Refactoring - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - Geolocation Tracking - IP-based location detection using ip-api.com, country flags with flag-icons - Device Detection - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - Auto-Detected Cron Paths - Settings show actual installation paths (thanks @jadeops) - Welcome Notifications - Sent to new users on registration or fresh install - Upgrade Notifications - Admins notified on system updates with version & migration count - Web-Based Installer - Replaces CLI, auto-generates encryption key, one-time password display - Web-Based Updater - `/install/update` for running new migrations with smart detection - User Registration - Full signup flow with email verification, password reset, resend verification - User Management - CRUD for users with filtering, sorting, pagination (admin-only) - Remember Me - 30-day secure tokens linked to sessions, cascade deletion on logout - Session Validator - Middleware validates sessions on every request for instant remote logout - Consistent UI/UX - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - Smart Migrations - Consolidated schema for fresh installs, incremental for upgrades - XSS Protection - htmlspecialchars() applied across all user-facing data (thanks @jadeops)	2025-10-09 18:02:46 +03:00

Author

SHA1

Message

Date

Hosteroid

e334f7c9d6

Add domain status notifications & login alerts

Introduce richer notifications and domain status handling across the app.

- NotificationService: Add domain status alert formatting/sending, in-app notifications for available/registered/redemption/pending_delete, richer session_new and session_failed notifications (geolocation + UA parsing) and helpers for human-readable status labels.
- Auth/TwoFactor: Emit notifications for successful logins (including remember-me and 2FA) and failed login attempts; update last-login timestamp on various flows.
- DomainController: Wrap bulk domain create in try/catch to handle duplicate race conditions and log failures.
- WhoisService: Detect redemption_period and pending_delete statuses from WHOIS/EPP statuses.
- Settings/Setting: Add settings support for notification status triggers and bump default app_version to 1.1.2; persist/update status trigger values.
- Views/Layout/View helpers: Add parsing/formatting for login notification data, add new status labels/classes (available, redemption_period, pending_delete), update notification icons/colors mapping.
- Top-nav & Notifications UI: Enhance dropdown with rich login/failed-login display (flags, device icons), clickable domain redirects when marking read, badge IDs for dynamic updates.
- Error admin UI: Add copy error report button with robust clipboard fallback and toast UI reused from messages; improved copy UX in admin index/detail.
- Installer: Add new migration 024 to installer migration lists and adjust detected toVersion to 1.1.2.
- DB: Add migration file 024_add_status_notifications_v1.1.2.sql (new file).

These changes add user-facing alerts for domain lifecycle events and stronger login/security notifications while improving UI feedback and robustness during bulk operations.

2026-02-08 22:58:59 +02:00

Hosteroid

a29becc944

Add CSRF, CAPTCHA, and input validation improvements

Introduces CSRF protection to all sensitive controller actions, integrates configurable CAPTCHA (reCAPTCHA v2/v3, Turnstile) for authentication and registration flows, and centralizes input validation via a new InputValidator helper. Adds new helpers and services for CSRF and CAPTCHA, updates settings and migration for CAPTCHA configuration, and enhances logging and error handling in TLD registry import processes. Also improves validation for user, domain, group, and profile inputs throughout the application.

2025-10-10 00:04:12 +03:00

Hosteroid

e5b9599755

Upgraded to 1.1.0

1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)

2025-10-09 18:02:46 +03:00

3 Commits