vikunja/pkg/user
kolaente 1bf0f8d47a feat(events): add auth boundary events
LoginSucceededEvent fires from NewUserAuthTokenResponse (the chokepoint
where local, LDAP and OIDC logins converge), LoginFailedEvent from
handleFailedPassword on every failed password check, LogoutEvent from
the logout handler, and APIToken issued/revoked/used events from the
token model and auth middleware. The token events carry IDs only since
the freshly created token struct holds the raw token string and the
poison queue logs message payloads.

None of these events have a listener yet — the audit registration adds
them. Dispatching to a topic without subscribers is a no-op.
2026-06-12 10:34:57 +02:00
..
caldav_token.go fix(caldav): eliminate nested db session in CalDAV auth 2026-03-03 10:41:19 +01:00
db.go feat: register Vikunja tables with db package at init 2026-03-04 15:37:54 +01:00
delete.go fix: address review comments on session lifecycle 2026-02-25 11:03:02 +01:00
error.go feat: always enable bot users 2026-05-04 10:38:53 +00:00
error_test.go feat: always enable bot users 2026-05-04 10:38:53 +00:00
events.go feat(events): add auth boundary events 2026-06-12 10:34:57 +02:00
is_admin_test.go feat(user): extract last-admin guard and close invariant gaps 2026-04-20 18:55:06 +00:00
main_test.go feat: move to slog for logging 2025-07-21 18:15:39 +02:00
notifications.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
test.go test: add TOTP fixture and load it in user test bootstrap 2026-03-23 10:34:49 +00:00
token.go docs(api/v2): tag CalDAV token fields for the v2 schema 2026-06-10 17:55:52 +00:00
totp.go docs(api/v2): tag TOTP fields for the v2 schema 2026-06-10 17:58:16 +00:00
totp_test.go test(user): cover TOTP lockout persistence and password-reset unlock 2026-04-09 16:08:26 +00:00
update_email.go refactor(user): extract shared account orchestration into models/user/shared for v1+v2 2026-06-11 07:02:31 +00:00
update_email_test.go fix(user): persist status on email updates (#1084) 2025-08-04 14:07:00 +00:00
user.go feat(events): add auth boundary events 2026-06-12 10:34:57 +02:00
user_claims_test.go feat(user): extract last-admin guard and close invariant gaps 2026-04-20 18:55:06 +00:00
user_create.go feat(user): add CreateBotUser 2026-05-01 14:44:10 +00:00
user_email_confirm.go fix(user): handle status errors in pkg/user callers, remove redundant checks 2026-03-23 12:06:16 +00:00
user_email_confirm_test.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
user_password_reset.go fix(user): handle status errors in pkg/user callers, remove redundant checks 2026-03-23 12:06:16 +00:00
user_test.go feat(user): add CreateBotUser 2026-05-01 14:44:10 +00:00
users_project.go refactor(user): share user-search logic between v1 and v2 2026-06-11 20:07:43 +00:00
validator.go feat(api): enforce password validation on reset and update flows 2026-02-25 13:44:56 +01:00