server/routers/badger/verifySession.ts : verifyResourceSession() updated code behind "cleanHost" var to a regex which strips the trailing :port for any port (rather than a string match for 80/443)
src/app/auth/resource/[resourceId]/page.tsx : ResourceAuthPage() added a secondary match for serverResourceHost and redirectHost that accounts for ports
server/routers/badger/exchangeSession.ts : Updated exchangeSession() to use the same "cleanHost" type var (with port-stripping) as in verifyResourceSession(), replaced references to "host" with "cleanHost"
In NixOS, we wrap these files in a bash script to allow users to just run them as normal executables, instead of calling them as arguments to Node.JS. In our build scripts, we just add the shebang after the files have been compiled, but adding it upstream will allow all Pangolin users to just run ./server.mjs to start their Pangolin instances.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
The password for secure authentication may be sensitive, so it is best
to not leave it lying around in a config file. This commit introduces
the EMAIL_SMTP_PASS environment variable, which can be set to configure
the SMTP password without writing it to the configuration file.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
and preventing users from changing the email they were invited with.
- Update invite link generation to include email parameter in URL
- Modify signup form to pre-fill and lock email field when provided via invite
- Update invite page and status card to preserve email through redirect chain
- Ensure existing invite URLs continue to work without breaking changes
