mirror of
https://github.com/actualbudget/actual.git
synced 2026-07-16 07:04:23 -05:00
Closed
opened 2026-05-16 14:42:49 -05:00 by GiteaMirror
·
0 comments
No Branch/Tag Specified
master
dependabot/npm_and_yarn/npm_and_yarn-cd62b4b37a
api-browser-custom-data-dir
tabedzki/feat/replacing-month-picker-with-day-picker
delay-initial-sync-until-loaded
jfdoming/mobile-app-build
cross-version-sync-compat
jfdoming/api-tokens-part-1
jfdoming/api-tokens-part-2
jfdoming/api-tokens-part-3
jfdoming/mobile-app-updates
claude/budget-version-migration-compat-151jlr
claude/worker-error-serialization-9iqtl7
claude/react-table-library-research-afx83z
claude/issue-8401-regression-test-9nw9l3
jfdoming/mobile-app-foundation-part-1
jfdoming/mobile-app-scaffold
release
ai-fix-cleanup-def-8290
claude/relaxed-shannon-jusywa
claude/fervent-keller-s6f2fq
claude/determined-feynman-st1y9z
claude/wizardly-einstein-vi2wce
claude/sweet-albattani-7nseio
feat/bank-sync-per-budget-file
claude/affectionate-cannon-y0kc82
claude/dependabot-findings-m9pgmb
claude/mac-app-ios-publish-zjs1lz
claude/vigilant-tesla-aiiyos
depot-migrate-secrets-1781296330308
claude/quirky-cerf-v5qck7
claude/animation-removal-alternative-2etfh1
claude/netlify-preview-comments-consolidate-9XPYa
osc/7391-error-boundaries-reports
claude/pensive-dijkstra-7DYui
claude/server-app-version-mismatch-HTCGv
claude/pr-8027-review-feedback-mELuO
claude/zealous-wozniak-e5pO0
claude/intelligent-heisenberg-BSHJq
claude/translation-download-refactor-jFRsO
claude/mobile-performance-ideas-G9PAO
claude/github-issue-7988-5A5ly
blacksmith-migration-ff70d2d
claude/great-mayer-KRvOk
claude/react-native-ios-compilation-fcJh5
claude/serene-goldberg-58xv0
claude/kind-euler-LVG3K
release-automation/edge-nightly
7710-bundle-migrations
claude/fix-docker-build-error-WMfed
claude/llm-compatible-release-notes-t20Nr
7710-tests-tdd
cursor/transaction-table-rewrite-f077
claude/plan-ci-secure-context-OtEe1
claude/fix-issue-7667-DPXi3
cursor/resolve-pr-7449-ee11
claude/fix-typescript-build-error-JPtZ5
copilot/add-repository-configs-to-packages
worktree-compressed-drifting-ritchie
claude/api-consumer-verification-kfz1K
pr-7454
claude/fix-issue-7410-LLLQ4
revert-7281-generate-icons
react-query-useSchedules
copilot/sub-pr-6140
package-upgrades
v26.7.0
v26.6.0
v26.5.2
v26.5.1
v26.5.0
v26.4.0
v26.3.0
v26.2.1
v26.2.0
v26.1.0
v25.12.0
v25.11.0
v25.10.0
v25.9.0
v25.8.0
v25.7.1
v25.7.0
v25.6.1
v25.6.0
v25.5.0
v25.4.0
v25.3.1
v25.3.0
v25.2.1
v25.2.0
v25.1.0
v24.12.0
v24.11.0
v24.10.1
v24.10.0
v24.9.0
v24.8.0
v24.7.0
v24.6.0
v24.5.0
v24.4.0
v24.3.0
v24.2.0
v24.1.0
v23.12.0
v23.11.0
v23.10.0
v23.9.0
v23.8.1
v23.8.0
v23.7.2
v23.7.1
v23.7.0
v23.6.0
v23.5.0
v23.4.2
v23.4.1
v23.4.0
v23.3.2
v23.3.0
v23.2.9
v23.2.5
v23.1.12
v22.12.9
Labels
Clear labels
AI generated
API
bank sync
budgeting
bug
can’t replicate
dependencies
docker
documentation
electron
experimental feature
feature
feedback
goal templates
good first issue
help wanted
importers
maintenance
needs info
needs testing
needs triage
needs votes
openid
payees
pull-request
regression
reports
responsive
rules
schedules
server
✨ merged
split transactions
tech debt
tech-support
theme
transaction import
transaction reconciliation
transactions
translations
upstream
user interface
✅ approved
wontfix
Mirrored from GitHub Pull Request
No Label
pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/actual#73546
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/actualbudget/actual/pull/1164
Author: @apilat
Created: 6/22/2023
Status: ❌ Closed
Base:
master← Head:openid📝 Commits (5)
e3a1cd6OpenId implementationcb75f63Fix bootstrap (doesn't include OpenID yet)03acb3bAdd frontend for OpenID bootstrap2e13fedAddress code review28c323eFix typecheck and add release notes📊 Changes
8 files changed (+257 additions, -37 deletions)
View changed files
📝
packages/desktop-client/src/components/manager/ManagementApp.js(+4 -0)📝
packages/desktop-client/src/components/manager/subscribe/Bootstrap.tsx(+56 -12)📝
packages/desktop-client/src/components/manager/subscribe/Login.tsx(+52 -19)➕
packages/desktop-client/src/components/manager/subscribe/OpenIdCallback.tsx(+16 -0)➕
packages/desktop-client/src/components/manager/subscribe/OpenIdForm.tsx(+76 -0)📝
packages/loot-core/src/server/main.ts(+30 -5)📝
packages/loot-core/src/types/main-handlers.d.ts(+17 -1)➕
upcoming-release-notes/1164.md(+6 -0)📄 Description
Partially addresses #61 and #515 by adding support for OpenID Connect and generally a more flexible approach to authenticating with the server. Sister PR for server available as actualbudget/actual-server#219
The flow of the bootstrap/login process is
/bootstraprequest which now accepts an additional parameteropenid: {issuer, client_id, client_secret, server_hostname}.GET /login-methodsto receive a list of supported login methods (currently password or openid)POST /login-openidwithreturn_urlparameter (pointing back to the frontend), server returnsredirect_urlleading to the openid issuer, client redirects/login-openid/cbon server/login/openid-cbon client, passing the tokenSome of the changes in the code and not backwards compatible (most importantly server SQL schema and /account/bootstrap behavior). I'm not sure what the project's approach to such changes is - it might be possible to add in special cases to allow a client to connect to an older server. However, this might not be necessary if users are expected to self-host instances and upgrade the server and client in tandem.
A more pressing issue is database schema migration - I couldn't find any precedent for how this is done in the server so I would appreciate the maintainer's view on the best approach to do this.
For a user that doesn't use OpenID, this PR slightly changes the bootstrap behavior for passwords as well. Namely, after setting up the password in /bootstrap, the user isn't instantly granted access but instead redirected to /login. This is quite an important change for OpenID as otherwise the user has no way of knowing whether the OpenID configuration works at all. In the case of password authentication, misconfiguration is less likely but nevertheless double-checking the user remembers the password doesn't seem too inconvenient to me.
I am not very familiar with React, so let me know if I have broken any coding conventions. Likewise with web design, I welcome improvements to the presentation of the login/bootstrap screens.
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.