rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app
History
Andras Bacsai 90ddbb3572 feat(security): support expiration on API tokens with warning notifications 
Add optional expiration to personal API tokens. Users pick a duration
(1/7/30/60/90 days or Never) at creation time. Expired tokens are
rejected by Sanctum, pruned hourly by sanctum:prune-expired, and a
team notification fires ~24h before expiry so owners can rotate
before API calls start failing.

- ApiTokens Livewire component stores expires_at from expiresInDays
- Rework issued-tokens UI from card grid to table (matches other views)
- New ApiTokenExpirationWarningJob scheduled hourly (idempotent via RateLimiter)
- New ApiTokenExpiringNotification (email/discord/telegram/slack/pushover)
- api_token_expiring added to alwaysSendEvents so users cannot silence
  expiry warnings from the per-event notification toggle UI
- sanctum:prune-expired cadence moved from daily to hourly

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 14:28:38 +02:00
..
Actions fix(database): enforce credential format validation and sanitize init/SSL arguments 2026-04-20 13:58:36 +02:00
Console feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Contracts
Data refactor: simplify remote process chain and harden ActivityMonitor 2026-03-26 13:26:16 +01:00
Enums
Events Make proxy restart run as background job to prevent localhost lockout 2025-12-03 10:30:12 +01:00
Exceptions feat(api): Improve OpenAPI spec and add rate limit handling for Hetzner 2025-12-11 12:12:43 +01:00
Helpers fix(ssh): handle chmod failures gracefully and simplify key management 2026-03-16 21:27:10 +01:00
Http fix(database): enforce credential format validation and sanitize init/SSL arguments 2026-04-20 13:58:36 +02:00
Jobs feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Listeners fix(proxy): defer UI refresh until Traefik version check completes 2025-12-27 15:16:58 +01:00
Livewire feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Models refactor(auth): upgrade email verification hash to sha256 2026-04-20 12:09:48 +02:00
Notifications feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Policies chore: prepare for PR 2026-02-25 11:18:46 +01:00
Providers refactor(api): validate and throttle feedback endpoint 2026-04-19 14:41:47 +02:00
Repositories
Rules refactor(storage): tighten S3 endpoint URL validation 2026-04-20 11:50:19 +02:00
Services refactor: remove verbose logging and use explicit exception types 2026-03-20 15:57:26 +01:00
Support fix(database): skip credential pattern validation for unchanged values 2026-04-20 13:58:44 +02:00
Traits feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
View/Components feat(forms): make textarea monospace opt-in and improve multiline toggle 2026-03-31 15:37:42 +02:00