Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2026-03-04 02:20:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,691 Commits 167 Branches 167 Tags
0b86dd79d35555a986fba9612b6b4bf8256c88cd
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Ludy 0b86dd79d3 feat(security): add TOTP-based multi-factor authentication with backend and UI support (#5417) 
# Description of Changes

This pull request introduces several improvements and new features
across the authentication and admin data APIs, with a particular focus
on multi-factor authentication (MFA) support and better handling of user
settings. The changes include integrating MFA status into account data
responses, masking sensitive user settings in admin views, and
refactoring code to use more robust user creation methods. Additionally,
there are minor code cleanups and consistency improvements.

### Multi-factor Authentication (MFA) Integration

* Added `mfaEnabled` and `mfaRequired` fields to the `AccountData`
response, populated using the new `MfaService`, to provide clients with
MFA status information for users.
[[1]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1R430-R431)
[[2]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1R72)
[[3]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1L83-R86)
[[4]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1R98)
[[5]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1R574-R575)

### User Settings Handling and Security

* Admin settings API now returns user settings for each user, with the
`mfaSecret` field masked to protect sensitive information. This is
achieved by fetching settings via `findByIdWithSettings` and
copying/masking the relevant field before returning.
[[1]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1R252-R259)
[[2]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1L302-R322)
[[3]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1R378)
[[4]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1R563)

### Refactoring and Code Consistency

* Refactored user creation in `InitialSecuritySetup` to use the
`SaveUserRequest` builder and `saveUserCore` for better maintainability
and clarity, replacing direct calls to `saveUser`.
[[1]](diffhunk://#diff-0c7960a6283a07c4905ac9785b2820b412574c9f86918ada30caba0356d34850R22)
[[2]](diffhunk://#diff-0c7960a6283a07c4905ac9785b2820b412574c9f86918ada30caba0356d34850L116-R124)
[[3]](diffhunk://#diff-0c7960a6283a07c4905ac9785b2820b412574c9f86918ada30caba0356d34850L130-R144)
[[4]](diffhunk://#diff-0c7960a6283a07c4905ac9785b2820b412574c9f86918ada30caba0356d34850L140-R160)
* Standardized checks for internal team membership by comparing with
`TeamService.INTERNAL_TEAM_NAME` on the left side for consistency.
[[1]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1L267-R273)
[[2]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1L332-R351)
[[3]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1L421-R443)
[[4]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1L449-R471)
[[5]](diffhunk://#diff-2ead183708656f2c6894b28457623820c83b1ed4b0814533caa0e8f0dd6fbcd1L462-R485)

### API and DTO Changes

* Changed the login API to accept `UsernameAndPassMfa` instead of
`UsernameAndPass`, paving the way for MFA code support in authentication
requests.
[[1]](diffhunk://#diff-9ca4f9246abe79368552264e2e18d7ed039e084c70c0794eb02cfd1b75fbd8a8L30-R41)
[[2]](diffhunk://#diff-9ca4f9246abe79368552264e2e18d7ed039e084c70c0794eb02cfd1b75fbd8a8L61-R71)
* Updated import statements and controller dependencies to include new
DTOs and services related to MFA.
[[1]](diffhunk://#diff-9ca4f9246abe79368552264e2e18d7ed039e084c70c0794eb02cfd1b75fbd8a8L14-R19)
[[2]](diffhunk://#diff-9ca4f9246abe79368552264e2e18d7ed039e084c70c0794eb02cfd1b75fbd8a8R56-R57)

These updates improve security, prepare the system for MFA rollout, and
make admin and authentication APIs more robust and informative.

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-01-23 21:34:57 +00:00
.devcontainer
chore: update development configs, formatting tools, and CI enhancements (#4130)
2025-08-08 12:52:51 +01:00
.github
Add sync-versions job to GitHub Actions workflow (#5228)
2026-01-22 19:23:52 +00:00
.vscode
V2 Auto rename (#4244)
2025-09-05 17:12:52 +01:00
app
feat(security): add TOTP-based multi-factor authentication with backend and UI support (#5417)
2026-01-23 21:34:57 +00:00
devGuide
refactor: remove legacy Thymeleaf web UI controllers and templates (#5406)
2026-01-21 21:58:29 +00:00
devTools
build(deps-dev): bump stylelint-config-standard from 39.0.1 to 40.0.0 in /devTools (#5504)
2026-01-21 22:24:29 +00:00
docker
removal of old java desktop + workspace change in tauri (#5459)
2026-01-23 11:42:33 +00:00
docs
V1 merge (#5193)
2025-12-21 10:40:32 +00:00
frontend
feat(security): add TOTP-based multi-factor authentication with backend and UI support (#5417)
2026-01-23 21:34:57 +00:00
gradle/wrapper
Upgrade Gradle to 8.14 in CI Workflows and Gradle Wrapper (#3425)
2025-04-27 16:17:07 +01:00
images
Revert "[ImgBot] Optimize images" (#5293)
2025-12-22 22:10:23 +00:00
scripts
removal of old java desktop + workspace change in tauri (#5459)
2026-01-23 11:42:33 +00:00
testing
build(deps): bump reportlab from 4.4.5 to 4.4.9 in /testing/cucumber (#5505)
2026-01-21 22:24:58 +00:00
.dockerignore
java frontend (#5097)
2025-12-02 17:15:29 +00:00
.editorconfig
Add linting to frontend (#4341)
2025-09-04 14:08:28 +01:00
.git-blame-ignore-revs
refactor: move modules under app/ directory and update file paths (#3938)
2025-07-14 20:53:11 +01:00
.gitattributes
refactor: move modules under app/ directory and update file paths (#3938)
2025-07-14 20:53:11 +01:00
.gitignore
refactor(security): clean up SSO handling, harden URL parsing, and bump dependencies (#5523)
2026-01-22 19:39:34 +00:00
.pre-commit-config.yaml
deps(ci): update Dependabot, pre-commit tooling, and testing dependencies (#5170)
2025-12-27 23:56:57 +00:00
ADDING_TOOLS.md
refactor: remove legacy Thymeleaf web UI controllers and templates (#5406)
2026-01-21 21:58:29 +00:00
build.gradle
refactor(security): clean up SSO handling, harden URL parsing, and bump dependencies (#5523)
2026-01-22 19:39:34 +00:00
CLAUDE.md
removal of old java desktop + workspace change in tauri (#5459)
2026-01-23 11:42:33 +00:00
CONTRIBUTING.md
DATABASE.md
feat(database): make backup schedule configurable via system keys (#4251)
2025-09-04 15:02:31 +01:00
DeveloperGuide.md
refactor: remove legacy Thymeleaf web UI controllers and templates (#5406)
2026-01-21 21:58:29 +00:00
gradle.properties
build(local): simplify writeVersion task with WriteProperties plugin and enable build caching (#4139)
2025-08-08 10:36:30 +01:00
gradlew
Upgrade Gradle to 8.14 in CI Workflows and Gradle Wrapper (#3425)
2025-04-27 16:17:07 +01:00
gradlew.bat
HowToUseOCR.md
launch4jConfig.xml
ci: enhance GitHub Actions workflows with Gradle setup, caching improvements, and Docker image testing (#3956)
2025-07-16 17:17:11 +01:00
LICENSE
Update LICENSE with proprietary directory details
2025-11-27 11:11:53 +00:00
README.md
Update wording for third-party services reference
2025-12-02 19:14:03 +00:00
SECURITY.md
settings.gradle
chore(ci): enable Gradle dependency caching across GitHub workflows (#5400)
2026-01-19 19:03:50 +00:00
test_globalsign.pdf
V2 Validate PDF Signature tool (#4679)
2025-10-16 13:45:59 +01:00
test_irs_signed.pdf
V2 Validate PDF Signature tool (#4679)
2025-10-16 13:45:59 +01:00
WINDOWS_SIGNING.md
Add initial Windows signing infrastructure (#4945)
2025-11-20 12:21:42 +00:00

README.md

Stirling PDF logo

Stirling PDF - The Open-Source PDF Platform

Stirling PDF is a powerful, open-source PDF editing platform. Run it as a personal desktop app, in the browser, or deploy it on your own servers with a private API. Edit, sign, redact, convert, and automate PDFs without sending documents to external services.

Docker Pulls Discord OpenSSF Scorecard GitHub Repo stars

Stirling PDF - Dashboard

Key Capabilities

  • Everywhere you work - Desktop client, browser UI, and self-hosted server with a private API.
  • 50+ PDF tools - Edit, merge, split, sign, redact, convert, OCR, compress, and more.
  • Automation & workflows - No-code pipelines direct in UI with APIs to process millions of PDFs.
  • Enterprisegrade - SSO, auditing, and flexible onprem deployments.
  • Developer platform - REST APIs available for nearly all tools to integrate into your existing systems.
  • Global UI - Interface available in 40+ languages.

For a full feature list, see the docs: https://docs.stirlingpdf.com

Quick Start

docker run -p 8080:8080 docker.stirlingpdf.com/stirlingtools/stirling-pdf

Then open: http://localhost:8080

For full installation options (including desktop and Kubernetes), see our Documentation Guide.

Resources

Support

Contributing

We welcome contributions! Please see CONTRIBUTING.md for guidelines.

For development setup, see the Developer Guide.

For adding translations, see the Translation Guide.

License

Stirling PDF is open-core. See LICENSE for details.

Reference in New Issue View Git Blame Copy Permalink
Description
locally hosted web application that allows you to perform various operations on PDF files
dockerjavapdfpdf-converterpdf-manipulationpdf-mergerpdf-ocrpdf-toolspdf-web-appspdfmerger
Readme MIT 608 MiB
Languages
TypeScript 47.1%
Java 42.9%
CSS 2.8%
Python 2.5%
Shell 1.3%
Other 3.2%