* implement self signed cert and monitor/reload
* move go2rtc upstream to separate file
* add directory for ACME challenges
* make certsync more resilient
* add TLS docs
* add jwt secret info to docs
* reload the window on 401
* backend apis for auth
* add login page
* re-enable web linter
* fix login page routing
* bypass csrf for internal auth endpoint
* disable healthcheck in devcontainer target
* include login page in vite build
* redirect to login page on 401
* implement config for users and settings
* implement JWT actual secret
* add brute force protection on login
* add support for redirecting from auth failures on api calls
* return location for redirect
* default cookie name should pass regex test
* set hash iterations to current OWASP recommendation
* move users to database instead of config
* config option to reset admin password on startup
* user management UI
* check for deleted user on refresh
* validate username and fixes
* remove password constraint
* cleanup
* fix user check on refresh
* web fixes
* implement auth via new external port
* use x-forwarded-for to rate limit login attempts by ip
* implement logout and profile
* fixes
* lint fixes
* add support for user passthru from upstream proxies
* add support for specifying a logout url
* add documentation
* Update docs/docs/configuration/authentication.md
Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com>
* Update docs/docs/configuration/authentication.md
Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com>
---------
Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com>