release: 0.24.1

docs: add account recovery to README
fix: remove restrictive validation for group names
2025-12-24 01:11:52 +03:00 · 2025-01-13 15:14:10 +01:00 · 2025-01-13 15:13:56 +01:00 · 2025-01-13 12:38:02 +01:00 · 2025-01-13 12:32:22 +01:00 · 2025-01-12 01:21:47 +01:00
39 changed files with 369 additions and 176 deletions
--- a/.version
+++ b/.version
@@ -1 +1 @@
-0.23.0
+0.24.1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,25 @@
+## [](https://github.com/stonith404/pocket-id/compare/v0.24.0...v) (2025-01-13)
+
+
+### Bug Fixes
+
+* audit log table overflow if row data is long ([4d337a2](https://github.com/stonith404/pocket-id/commit/4d337a20c5cb92ef80bb7402f9b99b08e3ad0b6b))
+* optional arguments not working with `create-one-time-access-token.sh` ([8885571](https://github.com/stonith404/pocket-id/commit/888557171d61589211b10f70dce405126216ad61))
+* remove restrictive validation for group names ([be6e25a](https://github.com/stonith404/pocket-id/commit/be6e25a167de8bf07075b46f09d9fc1fa6c74426))
+
+## [](https://github.com/stonith404/pocket-id/compare/v0.23.0...v) (2025-01-11)
+
+
+### Features
+
+* add sorting for tables ([fd69830](https://github.com/stonith404/pocket-id/commit/fd69830c2681985e4fd3c5336a2b75c9fb7bc5d4))
+
+
+### Bug Fixes
+
+* pkce state not correctly reflected in oidc client info ([61d18a9](https://github.com/stonith404/pocket-id/commit/61d18a9d1b167ff59a59523ff00d00ca8f23258d))
+* send test email to the user that has requested it ([a649c4b](https://github.com/stonith404/pocket-id/commit/a649c4b4a543286123f4d1f3c411fe1a7e2c6d71))
+
 ## [](https://github.com/stonith404/pocket-id/compare/v0.22.0...v) (2025-01-03)


--- a/README.md
+++ b/README.md
@@ -10,6 +10,24 @@ The goal of Pocket ID is to be a simple and easy-to-use. There are other self-ho

 Additionally, what makes Pocket ID special is that it only supports [passkey](https://www.passkeys.io/) authentication, which means you don’t need a password. Some people might not like this idea at first, but I believe passkeys are the future, and once you try them, you’ll love them. For example, you can now use a physical Yubikey to sign in to all your self-hosted services easily and securely.

+## Table of Contents
+
+- [ Pocket ID](#-pocket-id)
+  - [Table of Contents](#table-of-contents)
+  - [Setup](#setup)
+    - [Before you start](#before-you-start)
+    - [Installation with Docker (recommended)](#installation-with-docker-recommended)
+    - [Unraid](#unraid)
+    - [Stand-alone Installation](#stand-alone-installation)
+    - [Nginx Reverse Proxy](#nginx-reverse-proxy)
+  - [Proxy Services with Pocket ID](#proxy-services-with-pocket-id)
+  - [Update](#update)
+    - [Docker](#docker)
+    - [Stand-alone](#stand-alone)
+  - [Environment variables](#environment-variables)
+  - [Account recovery](#account-recovery)
+  - [Contribute](#contribute)
+
 ## Setup

 > [!WARNING]  
@@ -157,6 +175,16 @@ docker compose up -d
 | `PORT`                       | `3000`                    | no                    | The port on which the frontend should listen.                                                                                                                                                                                                                                                                                                                             |
 | `BACKEND_PORT`               | `8080`                    | no                    | The port on which the backend should listen.                                                                                                                                                                                                                                                                                                                              |

+## Account recovery
+
+There are two ways to create a one-time access link for a user:
+
+1. **UI**: An admin can create a one-time access link for the user in the admin panel under the "Users" tab by clicking on the three dots next to the user's name and selecting "One-time link".
+2. **Terminal**: You can create a one-time access link for a user by running the `scripts/create-one-time-access-token.sh` script. To execute this script with Docker you have to run the following command:
+   ```bash
+   docker compose exec pocket-id sh "sh scripts/create-one-time-access-token.sh <username or email>"
+   ```
+
 ## Contribute

 You're very welcome to contribute to Pocket ID! Please follow the [contribution guide](/CONTRIBUTING.md) to get started.
--- a/backend/internal/controller/app_config_controller.go
+++ b/backend/internal/controller/app_config_controller.go
@@ -183,7 +183,9 @@ func (acc *AppConfigController) updateImage(c *gin.Context, imageName string, ol
 }

 func (acc *AppConfigController) testEmailHandler(c *gin.Context) {
-	err := acc.emailService.SendTestEmail()
+	userID := c.GetString("userID")
+
+	err := acc.emailService.SendTestEmail(userID)
 	if err != nil {
 		c.Error(err)
 		return
--- a/backend/internal/controller/audit_log_controller.go
+++ b/backend/internal/controller/audit_log_controller.go
@@ -3,8 +3,8 @@ package controller
 import (
 	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
+	"github.com/stonith404/pocket-id/backend/internal/utils"
 	"net/http"
-	"strconv"

 	"github.com/gin-gonic/gin"
 	"github.com/stonith404/pocket-id/backend/internal/service"
@@ -23,12 +23,16 @@ type AuditLogController struct {
 }

 func (alc *AuditLogController) listAuditLogsForUserHandler(c *gin.Context) {
+	var sortedPaginationRequest utils.SortedPaginationRequest
+	if err := c.ShouldBindQuery(&sortedPaginationRequest); err != nil {
+		c.Error(err)
+		return
+	}
+
 	userID := c.GetString("userID")
-	page, _ := strconv.Atoi(c.DefaultQuery("page", "1"))
-	pageSize, _ := strconv.Atoi(c.DefaultQuery("limit", "10"))

 	// Fetch audit logs for the user
-	logs, pagination, err := alc.auditLogService.ListAuditLogsForUser(userID, page, pageSize)
+	logs, pagination, err := alc.auditLogService.ListAuditLogsForUser(userID, sortedPaginationRequest)
 	if err != nil {
 		c.Error(err)
 		return
--- a/backend/internal/controller/oidc_controller.go
+++ b/backend/internal/controller/oidc_controller.go
@@ -5,8 +5,8 @@ import (
 	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
 	"github.com/stonith404/pocket-id/backend/internal/service"
+	"github.com/stonith404/pocket-id/backend/internal/utils"
 	"net/http"
-	"strconv"
 	"strings"
 )

@@ -153,11 +153,14 @@ func (oc *OidcController) getClientHandler(c *gin.Context) {
 }

 func (oc *OidcController) listClientsHandler(c *gin.Context) {
-	page, _ := strconv.Atoi(c.DefaultQuery("page", "1"))
-	pageSize, _ := strconv.Atoi(c.DefaultQuery("limit", "10"))
 	searchTerm := c.Query("search")
+	var sortedPaginationRequest utils.SortedPaginationRequest
+	if err := c.ShouldBindQuery(&sortedPaginationRequest); err != nil {
+		c.Error(err)
+		return
+	}

-	clients, pagination, err := oc.oidcService.ListClients(searchTerm, page, pageSize)
+	clients, pagination, err := oc.oidcService.ListClients(searchTerm, sortedPaginationRequest)
 	if err != nil {
 		c.Error(err)
 		return
--- a/backend/internal/controller/user_controller.go
+++ b/backend/internal/controller/user_controller.go
@@ -6,9 +6,9 @@ import (
 	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
 	"github.com/stonith404/pocket-id/backend/internal/service"
+	"github.com/stonith404/pocket-id/backend/internal/utils"
 	"golang.org/x/time/rate"
 	"net/http"
-	"strconv"
 	"time"
 )

@@ -37,11 +37,14 @@ type UserController struct {
 }

 func (uc *UserController) listUsersHandler(c *gin.Context) {
-	page, _ := strconv.Atoi(c.DefaultQuery("page", "1"))
-	pageSize, _ := strconv.Atoi(c.DefaultQuery("limit", "10"))
 	searchTerm := c.Query("search")
+	var sortedPaginationRequest utils.SortedPaginationRequest
+	if err := c.ShouldBindQuery(&sortedPaginationRequest); err != nil {
+		c.Error(err)
+		return
+	}

-	users, pagination, err := uc.UserService.ListUsers(searchTerm, page, pageSize)
+	users, pagination, err := uc.UserService.ListUsers(searchTerm, sortedPaginationRequest)
 	if err != nil {
 		c.Error(err)
 		return
--- a/backend/internal/controller/user_group_controller.go
+++ b/backend/internal/controller/user_group_controller.go
@@ -1,13 +1,12 @@
 package controller

 import (
-	"net/http"
-	"strconv"
-
 	"github.com/gin-gonic/gin"
 	"github.com/stonith404/pocket-id/backend/internal/dto"
 	"github.com/stonith404/pocket-id/backend/internal/middleware"
 	"github.com/stonith404/pocket-id/backend/internal/service"
+	"github.com/stonith404/pocket-id/backend/internal/utils"
+	"net/http"
 )

 func NewUserGroupController(group *gin.RouterGroup, jwtAuthMiddleware *middleware.JwtAuthMiddleware, userGroupService *service.UserGroupService) {
@@ -28,16 +27,20 @@ type UserGroupController struct {
 }

 func (ugc *UserGroupController) list(c *gin.Context) {
-	page, _ := strconv.Atoi(c.DefaultQuery("page", "1"))
-	pageSize, _ := strconv.Atoi(c.DefaultQuery("limit", "10"))
 	searchTerm := c.Query("search")
+	var sortedPaginationRequest utils.SortedPaginationRequest
+	if err := c.ShouldBindQuery(&sortedPaginationRequest); err != nil {
+		c.Error(err)
+		return
+	}

-	groups, pagination, err := ugc.UserGroupService.List(searchTerm, page, pageSize)
+	groups, pagination, err := ugc.UserGroupService.List(searchTerm, sortedPaginationRequest)
 	if err != nil {
 		c.Error(err)
 		return
 	}

+	// Map the user groups to DTOs. The user count can't be mapped directly, so we have to do it manually.
 	var groupsDto = make([]dto.UserGroupDtoWithUserCount, len(groups))
 	for i, group := range groups {
 		var groupDto dto.UserGroupDtoWithUserCount
--- a/backend/internal/dto/user_group_dto.go
+++ b/backend/internal/dto/user_group_dto.go
@@ -23,8 +23,8 @@ type UserGroupDtoWithUserCount struct {
 }

 type UserGroupCreateDto struct {
-	FriendlyName string `json:"friendlyName" binding:"required,min=3,max=30"`
-	Name         string `json:"name" binding:"required,min=3,max=30,userGroupName"`
+	FriendlyName string `json:"friendlyName" binding:"required,min=2,max=50"`
+	Name         string `json:"name" binding:"required,min=2,max=255"`
 }

 type UserGroupUpdateUsersDto struct {
--- a/backend/internal/dto/validations.go
+++ b/backend/internal/dto/validations.go
@@ -28,13 +28,6 @@ var validateUsername validator.Func = func(fl validator.FieldLevel) bool {
 	return matched
 }

-var validateUserGroupName validator.Func = func(fl validator.FieldLevel) bool {
-	// The string can only contain lowercase letters, numbers, and underscores
-	regex := "^[a-z0-9_]*$"
-	matched, _ := regexp.MatchString(regex, fl.Field().String())
-	return matched
-}
-
 var validateClaimKey validator.Func = func(fl validator.FieldLevel) bool {
 	// The string can only contain letters and numbers
 	regex := "^[A-Za-z0-9]*$"
@@ -53,13 +46,6 @@ func init() {
 			log.Fatalf("Failed to register custom validation: %v", err)
 		}
 	}
-
-	if v, ok := binding.Validator.Engine().(*validator.Validate); ok {
-		if err := v.RegisterValidation("userGroupName", validateUserGroupName); err != nil {
-			log.Fatalf("Failed to register custom validation: %v", err)
-		}
-	}
-
 	if v, ok := binding.Validator.Engine().(*validator.Validate); ok {
 		if err := v.RegisterValidation("claimKey", validateClaimKey); err != nil {
 			log.Fatalf("Failed to register custom validation: %v", err)
--- a/backend/internal/model/audit_log.go
+++ b/backend/internal/model/audit_log.go
@@ -9,11 +9,11 @@ import (
 type AuditLog struct {
 	Base

-	Event     AuditLogEvent
-	IpAddress string
-	Country   string
-	City      string
-	UserAgent string
+	Event     AuditLogEvent `sortable:"true"`
+	IpAddress string        `sortable:"true"`
+	Country   string        `sortable:"true"`
+	City      string        `sortable:"true"`
+	UserAgent string        `sortable:"true"`
 	UserID    string
 	Data      AuditLogData
 }
--- a/backend/internal/model/base.go
+++ b/backend/internal/model/base.go
@@ -9,8 +9,8 @@ import (

 // Base contains common columns for all tables.
 type Base struct {
-	ID        string `gorm:"primaryKey;not null"`
-	CreatedAt model.DateTime
+	ID        string         `gorm:"primaryKey;not null"`
+	CreatedAt model.DateTime `sortable:"true"`
 }

 func (b *Base) BeforeCreate(_ *gorm.DB) (err error) {
--- a/backend/internal/model/oidc.go
+++ b/backend/internal/model/oidc.go
@@ -36,7 +36,7 @@ type OidcAuthorizationCode struct {
 type OidcClient struct {
 	Base

-	Name         string
+	Name         string `sortable:"true"`
 	Secret       string
 	CallbackURLs CallbackURLs
 	ImageType    *string
--- a/backend/internal/model/user.go
+++ b/backend/internal/model/user.go
@@ -9,11 +9,11 @@ import (
 type User struct {
 	Base

-	Username  string
-	Email     string
-	FirstName string
-	LastName  string
-	IsAdmin   bool
+	Username  string `sortable:"true"`
+	Email     string `sortable:"true"`
+	FirstName string `sortable:"true"`
+	LastName  string `sortable:"true"`
+	IsAdmin   bool   `sortable:"true"`

 	CustomClaims []CustomClaim
 	UserGroups   []UserGroup `gorm:"many2many:user_groups_users;"`
--- a/backend/internal/model/user_group.go
+++ b/backend/internal/model/user_group.go
@@ -2,8 +2,8 @@ package model

 type UserGroup struct {
 	Base
-	FriendlyName string
-	Name         string `gorm:"unique"`
+	FriendlyName string `sortable:"true"`
+	Name         string `gorm:"unique" sortable:"true"`
 	Users        []User `gorm:"many2many:user_groups_users;"`
 	CustomClaims []CustomClaim
 }
--- a/backend/internal/service/audit_log_service.go
+++ b/backend/internal/service/audit_log_service.go
@@ -84,11 +84,11 @@ func (s *AuditLogService) CreateNewSignInWithEmail(ipAddress, userAgent, userID
 }

 // ListAuditLogsForUser retrieves all audit logs for a given user ID
-func (s *AuditLogService) ListAuditLogsForUser(userID string, page int, pageSize int) ([]model.AuditLog, utils.PaginationResponse, error) {
+func (s *AuditLogService) ListAuditLogsForUser(userID string, sortedPaginationRequest utils.SortedPaginationRequest) ([]model.AuditLog, utils.PaginationResponse, error) {
 	var logs []model.AuditLog
-	query := s.db.Model(&model.AuditLog{}).Where("user_id = ?", userID).Order("created_at desc")
+	query := s.db.Model(&model.AuditLog{}).Where("user_id = ?", userID)

-	pagination, err := utils.Paginate(page, pageSize, query, &logs)
+	pagination, err := utils.PaginateAndSort(sortedPaginationRequest, query, &logs)
 	return logs, pagination, err
 }

--- a/backend/internal/service/email_service.go
+++ b/backend/internal/service/email_service.go
@@ -44,9 +44,9 @@ func NewEmailService(appConfigService *AppConfigService, db *gorm.DB) (*EmailSer
 	}, nil
 }

-func (srv *EmailService) SendTestEmail() error {
+func (srv *EmailService) SendTestEmail(recipientUserId string) error {
 	var user model.User
-	if err := srv.db.First(&user).Error; err != nil {
+	if err := srv.db.First(&user, "id = ?", recipientUserId).Error; err != nil {
 		return err
 	}

--- a/backend/internal/service/oidc_service.go
+++ b/backend/internal/service/oidc_service.go
@@ -167,7 +167,7 @@ func (s *OidcService) GetClient(clientID string) (model.OidcClient, error) {
 	return client, nil
 }

-func (s *OidcService) ListClients(searchTerm string, page int, pageSize int) ([]model.OidcClient, utils.PaginationResponse, error) {
+func (s *OidcService) ListClients(searchTerm string, sortedPaginationRequest utils.SortedPaginationRequest) ([]model.OidcClient, utils.PaginationResponse, error) {
 	var clients []model.OidcClient

 	query := s.db.Preload("CreatedBy").Model(&model.OidcClient{})
@@ -176,7 +176,7 @@ func (s *OidcService) ListClients(searchTerm string, page int, pageSize int) ([]
 		query = query.Where("name LIKE ?", searchPattern)
 	}

-	pagination, err := utils.Paginate(page, pageSize, query, &clients)
+	pagination, err := utils.PaginateAndSort(sortedPaginationRequest, query, &clients)
 	if err != nil {
 		return nil, utils.PaginationResponse{}, err
 	}
--- a/backend/internal/service/user_group_service.go
+++ b/backend/internal/service/user_group_service.go
@@ -17,14 +17,26 @@ func NewUserGroupService(db *gorm.DB) *UserGroupService {
 	return &UserGroupService{db: db}
 }

-func (s *UserGroupService) List(name string, page int, pageSize int) (groups []model.UserGroup, response utils.PaginationResponse, err error) {
+func (s *UserGroupService) List(name string, sortedPaginationRequest utils.SortedPaginationRequest) (groups []model.UserGroup, response utils.PaginationResponse, err error) {
 	query := s.db.Preload("CustomClaims").Model(&model.UserGroup{})

 	if name != "" {
 		query = query.Where("name LIKE ?", "%"+name+"%")
 	}

-	response, err = utils.Paginate(page, pageSize, query, &groups)
+	// As userCount is not a column we need to manually sort it
+	isValidSortDirection := sortedPaginationRequest.Sort.Direction == "asc" || sortedPaginationRequest.Sort.Direction == "desc"
+	if sortedPaginationRequest.Sort.Column == "userCount" && isValidSortDirection {
+		query = query.Select("user_groups.*, COUNT(user_groups_users.user_id)").
+			Joins("LEFT JOIN user_groups_users ON user_groups.id = user_groups_users.user_group_id").
+			Group("user_groups.id").
+			Order("COUNT(user_groups_users.user_id) " + sortedPaginationRequest.Sort.Direction)
+
+		response, err := utils.Paginate(sortedPaginationRequest.Pagination.Page, sortedPaginationRequest.Pagination.Limit, query, &groups)
+		return groups, response, err
+	}
+
+	response, err = utils.PaginateAndSort(sortedPaginationRequest, query, &groups)
 	return groups, response, err
 }

--- a/backend/internal/service/user_service.go
+++ b/backend/internal/service/user_service.go
@@ -21,7 +21,7 @@ func NewUserService(db *gorm.DB, jwtService *JwtService, auditLogService *AuditL
 	return &UserService{db: db, jwtService: jwtService, auditLogService: auditLogService}
 }

-func (s *UserService) ListUsers(searchTerm string, page int, pageSize int) ([]model.User, utils.PaginationResponse, error) {
+func (s *UserService) ListUsers(searchTerm string, sortedPaginationRequest utils.SortedPaginationRequest) ([]model.User, utils.PaginationResponse, error) {
 	var users []model.User
 	query := s.db.Model(&model.User{})

@@ -30,7 +30,7 @@ func (s *UserService) ListUsers(searchTerm string, page int, pageSize int) ([]mo
 		query = query.Where("email LIKE ? OR first_name LIKE ? OR username LIKE ?", searchPattern, searchPattern, searchPattern)
 	}

-	pagination, err := utils.Paginate(page, pageSize, query, &users)
+	pagination, err := utils.PaginateAndSort(sortedPaginationRequest, query, &users)
 	return users, pagination, err
 }

--- a/backend/internal/utils/paging_util.go
+++ b/backend/internal/utils/paging_util.go
@@ -2,6 +2,7 @@ package utils

 import (
 	"gorm.io/gorm"
+	"reflect"
 )

 type PaginationResponse struct {
@@ -11,7 +12,36 @@ type PaginationResponse struct {
 	ItemsPerPage int   `json:"itemsPerPage"`
 }

-func Paginate(page int, pageSize int, db *gorm.DB, result interface{}) (PaginationResponse, error) {
+type SortedPaginationRequest struct {
+	Pagination struct {
+		Page  int `form:"pagination[page]"`
+		Limit int `form:"pagination[limit]"`
+	} `form:"pagination"`
+	Sort struct {
+		Column    string `form:"sort[column]"`
+		Direction string `form:"sort[direction]"`
+	} `form:"sort"`
+}
+
+func PaginateAndSort(sortedPaginationRequest SortedPaginationRequest, query *gorm.DB, result interface{}) (PaginationResponse, error) {
+	pagination := sortedPaginationRequest.Pagination
+	sort := sortedPaginationRequest.Sort
+
+	capitalizedSortColumn := CapitalizeFirstLetter(sort.Column)
+
+	sortField, sortFieldFound := reflect.TypeOf(result).Elem().Elem().FieldByName(capitalizedSortColumn)
+	isSortable := sortField.Tag.Get("sortable") == "true"
+	isValidSortOrder := sort.Direction == "asc" || sort.Direction == "desc"
+
+	if sortFieldFound && isSortable && isValidSortOrder {
+		query = query.Order(CamelCaseToSnakeCase(sort.Column) + " " + sort.Direction)
+	}
+
+	return Paginate(pagination.Page, pagination.Limit, query, result)
+
+}
+
+func Paginate(page int, pageSize int, query *gorm.DB, result interface{}) (PaginationResponse, error) {
 	if page < 1 {
 		page = 1
 	}
@@ -25,11 +55,11 @@ func Paginate(page int, pageSize int, db *gorm.DB, result interface{}) (Paginati
 	offset := (page - 1) * pageSize

 	var totalItems int64
-	if err := db.Count(&totalItems).Error; err != nil {
+	if err := query.Count(&totalItems).Error; err != nil {
 		return PaginationResponse{}, err
 	}

-	if err := db.Offset(offset).Limit(pageSize).Find(result).Error; err != nil {
+	if err := query.Offset(offset).Limit(pageSize).Find(result).Error; err != nil {
 		return PaginationResponse{}, err
 	}

--- a/backend/internal/utils/string_util.go
+++ b/backend/internal/utils/string_util.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"math/big"
 	"net/url"
+	"unicode"
 )

 // GenerateRandomAlphanumericString generates a random alphanumeric string of the given length
@@ -41,3 +42,23 @@ func GetHostnameFromURL(rawURL string) string {
 func StringPointer(s string) *string {
 	return &s
 }
+
+func CapitalizeFirstLetter(s string) string {
+	if s == "" {
+		return s
+	}
+	runes := []rune(s)
+	runes[0] = unicode.ToUpper(runes[0])
+	return string(runes)
+}
+
+func CamelCaseToSnakeCase(s string) string {
+	var result []rune
+	for i, r := range s {
+		if unicode.IsUpper(r) && i > 0 {
+			result = append(result, '_')
+		}
+		result = append(result, unicode.ToLower(r))
+	}
+	return string(result)
+}
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -1,6 +1,6 @@
 {
  "name": "pocket-id-frontend",
-  "version": "0.23.0",
+  "version": "0.24.1",
  "private": true,
  "scripts": {
    "dev": "vite dev --port 3000",
--- a/frontend/src/lib/components/advanced-table.svelte
+++ b/frontend/src/lib/components/advanced-table.svelte
@@ -5,26 +5,44 @@
 	import * as Select from '$lib/components/ui/select';
 	import * as Table from '$lib/components/ui/table/index.js';
 	import Empty from '$lib/icons/empty.svelte';
-	import type { Paginated } from '$lib/types/pagination.type';
+	import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 	import { debounced } from '$lib/utils/debounce-util';
+	import { cn } from '$lib/utils/style';
+	import { ChevronDown } from 'lucide-svelte';
 	import type { Snippet } from 'svelte';
+	import Button from './ui/button/button.svelte';

 	let {
 		items,
+		requestOptions = $bindable(),
 		selectedIds = $bindable(),
 		withoutSearch = false,
-		fetchItems,
+		defaultSort,
+		onRefresh,
 		columns,
 		rows
 	}: {
 		items: Paginated<T>;
+		requestOptions?: SearchPaginationSortRequest;
 		selectedIds?: string[];
 		withoutSearch?: boolean;
-		fetchItems: (search: string, page: number, limit: number) => Promise<Paginated<T>>;
-		columns: (string | { label: string; hidden?: boolean })[];
+		defaultSort?: { column: string; direction: 'asc' | 'desc' };
+		onRefresh: (requestOptions: SearchPaginationSortRequest) => Promise<Paginated<T>>;
+		columns: { label: string; hidden?: boolean; sortColumn?: string }[];
 		rows: Snippet<[{ item: T }]>;
 	} = $props();

+	if (!requestOptions) {
+		requestOptions = {
+			search: '',
+			sort: defaultSort,
+			pagination: {
+				page: items.pagination.currentPage,
+				limit: items.pagination.itemsPerPage
+			}
+		};
+	}
+
 	let availablePageSizes: number[] = [10, 20, 50, 100];

 	let allChecked = $derived.by(() => {
@@ -38,7 +56,8 @@
 	});

 	const onSearch = debounced(async (searchValue: string) => {
-		items = await fetchItems(searchValue, 1, items.pagination.itemsPerPage);
+		requestOptions.search = searchValue;
+		onRefresh(requestOptions);
 	}, 300);

 	async function onAllCheck(checked: boolean) {
@@ -59,11 +78,20 @@
 	}

 	async function onPageChange(page: number) {
-		items = await fetchItems('', page, items.pagination.itemsPerPage);
+		requestOptions!.pagination = { limit: items.pagination.itemsPerPage, page };
+		onRefresh(requestOptions!);
 	}

 	async function onPageSizeChange(size: number) {
-		items = await fetchItems('', 1, size);
+		requestOptions!.pagination = { limit: size, page: 1 };
+		onRefresh(requestOptions!);
+	}
+
+	async function onSort(column?: string, direction: 'asc' | 'desc' = 'asc') {
+		if (!column) return;
+
+		requestOptions!.sort = { column, direction };
+		onRefresh(requestOptions!);
 	}
 </script>

@@ -73,7 +101,7 @@
 		<p class="text-muted-foreground mt-3 text-sm">No items found</p>
 	</div>
 {:else}
-	<div class="w-full">
+	<div class="w-full overflow-x-auto">
 		{#if !withoutSearch}
 			<Input
 				class="mb-4 max-w-sm"
@@ -83,20 +111,40 @@
 			/>
 		{/if}

-		<Table.Root>
+		<Table.Root class="min-w-full table-auto">
 			<Table.Header>
 				<Table.Row>
 					{#if selectedIds}
-						<Table.Head>
+						<Table.Head class="w-12">
 							<Checkbox checked={allChecked} onCheckedChange={(c) => onAllCheck(c as boolean)} />
 						</Table.Head>
 					{/if}
 					{#each columns as column}
-						{#if typeof column === 'string'}
-							<Table.Head>{column}</Table.Head>
-						{:else}
-							<Table.Head class={column.hidden ? 'sr-only' : ''}>{column.label}</Table.Head>
-						{/if}
+						<Table.Head class={cn(column.hidden && 'sr-only', column.sortColumn && 'px-0')}>
+							{#if column.sortColumn}
+								<Button
+									variant="ghost"
+									class="flex items-center"
+									on:click={() =>
+										onSort(
+											column.sortColumn,
+											requestOptions.sort?.direction === 'desc' ? 'asc' : 'desc'
+										)}
+								>
+									{column.label}
+									{#if requestOptions.sort?.column === column.sortColumn}
+										<ChevronDown
+											class={cn(
+												'ml-2 h-4 w-4',
+												requestOptions.sort?.direction === 'asc' ? 'rotate-180' : ''
+											)}
+										/>
+									{/if}
+								</Button>
+							{:else}
+								{column.label}
+							{/if}
+						</Table.Head>
 					{/each}
 				</Table.Row>
 			</Table.Header>
@@ -104,7 +152,7 @@
 				{#each items.data as item}
 					<Table.Row class={selectedIds?.includes(item.id) ? 'bg-muted/20' : ''}>
 						{#if selectedIds}
-							<Table.Cell>
+							<Table.Cell class="w-12">
 								<Checkbox
 									checked={selectedIds.includes(item.id)}
 									onCheckedChange={(c) => onCheck(c as boolean, item.id)}
@@ -117,9 +165,7 @@
 			</Table.Body>
 		</Table.Root>

-		<div
-			class="mt-5 flex flex-col-reverse items-center justify-between gap-3 space-x-2 sm:flex-row"
-		>
+		<div class="mt-5 flex flex-col-reverse items-center justify-between gap-3 sm:flex-row">
 			<div class="flex items-center space-x-2">
 				<p class="text-sm font-medium">Items per page</p>
 				<Select.Root
--- a/frontend/src/lib/services/audit-log-service.ts
+++ b/frontend/src/lib/services/audit-log-service.ts
@@ -1,11 +1,11 @@
 import type { AuditLog } from '$lib/types/audit-log.type';
-import type { Paginated, PaginationRequest } from '$lib/types/pagination.type';
+import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 import APIService from './api-service';

 class AuditLogService extends APIService {
-	async list(pagination?: PaginationRequest) {
+	async list(options?: SearchPaginationSortRequest) {
 		const res = await this.api.get('/audit-logs', {
-			params: pagination
+			params: options
 		});
 		return res.data as Paginated<AuditLog>;
 	}
--- a/frontend/src/lib/services/oidc-service.ts
+++ b/frontend/src/lib/services/oidc-service.ts
@@ -1,9 +1,16 @@
 import type { AuthorizeResponse, OidcClient, OidcClientCreate } from '$lib/types/oidc.type';
-import type { Paginated, PaginationRequest } from '$lib/types/pagination.type';
+import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 import APIService from './api-service';

 class OidcService extends APIService {
-	async authorize(clientId: string, scope: string, callbackURL: string, nonce?: string, codeChallenge?: string, codeChallengeMethod?: string) {
+	async authorize(
+		clientId: string,
+		scope: string,
+		callbackURL: string,
+		nonce?: string,
+		codeChallenge?: string,
+		codeChallengeMethod?: string
+	) {
 		const res = await this.api.post('/oidc/authorize', {
 			scope,
 			nonce,
@@ -16,7 +23,14 @@ class OidcService extends APIService {
 		return res.data as AuthorizeResponse;
 	}

-	async authorizeNewClient(clientId: string, scope: string, callbackURL: string, nonce?: string, codeChallenge?: string, codeChallengeMethod?: string) {
+	async authorizeNewClient(
+		clientId: string,
+		scope: string,
+		callbackURL: string,
+		nonce?: string,
+		codeChallenge?: string,
+		codeChallengeMethod?: string
+	) {
 		const res = await this.api.post('/oidc/authorize/new-client', {
 			scope,
 			nonce,
@@ -29,12 +43,9 @@ class OidcService extends APIService {
 		return res.data as AuthorizeResponse;
 	}

-	async listClients(search?: string, pagination?: PaginationRequest) {
+	async listClients(options?: SearchPaginationSortRequest) {
 		const res = await this.api.get('/oidc/clients', {
-			params: {
-				search,
-				...pagination
-			}
+			params: options
 		});
 		return res.data as Paginated<OidcClient>;
 	}
--- a/frontend/src/lib/services/user-group-service.ts
+++ b/frontend/src/lib/services/user-group-service.ts
@@ -1,4 +1,4 @@
-import type { Paginated, PaginationRequest } from '$lib/types/pagination.type';
+import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 import type {
 	UserGroupCreate,
 	UserGroupWithUserCount,
@@ -7,12 +7,9 @@ import type {
 import APIService from './api-service';

 export default class UserGroupService extends APIService {
-	async list(search?: string, pagination?: PaginationRequest) {
+	async list(options?: SearchPaginationSortRequest) {
 		const res = await this.api.get('/user-groups', {
-			params: {
-				search,
-				...pagination
-			}
+			params: options
 		});
 		return res.data as Paginated<UserGroupWithUserCount>;
 	}
--- a/frontend/src/lib/services/user-service.ts
+++ b/frontend/src/lib/services/user-service.ts
@@ -1,14 +1,11 @@
-import type { Paginated, PaginationRequest } from '$lib/types/pagination.type';
+import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 import type { User, UserCreate } from '$lib/types/user.type';
 import APIService from './api-service';

 export default class UserService extends APIService {
-	async list(search?: string, pagination?: PaginationRequest) {
+	async list(options?: SearchPaginationSortRequest) {
 		const res = await this.api.get('/users', {
-			params: {
-				search,
-				...pagination
-			}
+			params: options
 		});
 		return res.data as Paginated<User>;
 	}
--- a/frontend/src/lib/types/pagination.type.ts
+++ b/frontend/src/lib/types/pagination.type.ts
@@ -3,6 +3,17 @@ export type PaginationRequest = {
 	limit: number;
 };

+export type SortRequest = {
+	column: string;
+	direction: "asc" | "desc";
+};
+
+export type SearchPaginationSortRequest = {
+	search?: string,
+	pagination?: PaginationRequest;
+	sort?: SortRequest;
+}
+
 export type PaginationResponse = {
 	totalPages: number;
 	totalItems: number;
--- a/frontend/src/routes/settings/+layout.svelte
+++ b/frontend/src/routes/settings/+layout.svelte
@@ -62,7 +62,7 @@
 					</nav>
 				</div>
 			</div>
-			<div class="flex w-full flex-col gap-5">
+			<div class="flex w-full flex-col gap-5 overflow-x-hidden">
 				{@render children()}
 			</div>
 		</main>
--- a/frontend/src/routes/settings/admin/oidc-clients/[id]/+page.svelte
+++ b/frontend/src/routes/settings/admin/oidc-clients/[id]/+page.svelte
@@ -21,14 +21,14 @@

 	const oidcService = new OidcService();

-	const setupDetails = {
+	const setupDetails = $state({
 		'Authorization URL': `https://${$page.url.hostname}/authorize`,
 		'OIDC Discovery URL': `https://${$page.url.hostname}/.well-known/openid-configuration`,
 		'Token URL': `https://${$page.url.hostname}/api/oidc/token`,
 		'Userinfo URL': `https://${$page.url.hostname}/api/oidc/userinfo`,
 		'Certificate URL': `https://${$page.url.hostname}/.well-known/jwks.json`,
-		PKCE: client.isPublic ? 'Enabled' : 'Disabled'
-	};
+		PKCE: client.pkceEnabled ? 'Enabled' : 'Disabled'
+	});

 	async function updateClient(updatedClient: OidcClientCreateWithLogo) {
 		let success = true;
@@ -39,6 +39,7 @@
 				: Promise.resolve();

 		client.isPublic = updatedClient.isPublic;
+		setupDetails.PKCE = updatedClient.pkceEnabled ? 'Enabled' : 'Disabled';

 		await Promise.all([dataPromise, imagePromise])
 			.then(() => {
--- a/frontend/src/routes/settings/admin/oidc-clients/oidc-client-list.svelte
+++ b/frontend/src/routes/settings/admin/oidc-clients/oidc-client-list.svelte
@@ -5,7 +5,7 @@
 	import * as Table from '$lib/components/ui/table';
 	import OIDCService from '$lib/services/oidc-service';
 	import type { OidcClient } from '$lib/types/oidc.type';
-	import type { Paginated, PaginationRequest } from '$lib/types/pagination.type';
+	import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 	import { axiosErrorToast } from '$lib/utils/error-util';
 	import { LucidePencil, LucideTrash } from 'lucide-svelte';
 	import { toast } from 'svelte-sonner';
@@ -14,6 +14,7 @@
 	let { clients: initialClients }: { clients: Paginated<OidcClient> } = $props();
 	let clients = $state<Paginated<OidcClient>>(initialClients);
 	let oneTimeLink = $state<string | null>(null);
+	let requestOptions: SearchPaginationSortRequest | undefined = $state();

 	$effect(() => {
 		clients = initialClients;
@@ -21,12 +22,6 @@

 	const oidcService = new OIDCService();

-	let pagination = $state<PaginationRequest>({
-		page: 1,
-		limit: 10
-	});
-	let search = $state('');
-
 	async function deleteClient(client: OidcClient) {
 		openConfirmDialog({
 			title: `Delete ${client.name}`,
@@ -37,7 +32,7 @@
 				action: async () => {
 					try {
 						await oidcService.removeClient(client.id);
-						clients = await oidcService.listClients(search, pagination);
+						clients = await oidcService.listClients(requestOptions!);
 						toast.success('OIDC client deleted successfully');
 					} catch (e) {
 						axiosErrorToast(e);
@@ -46,16 +41,17 @@
 			}
 		});
 	}
-
-	async function fetchItems(search: string, page: number, limit: number) {
-		return oidcService.listClients(search, { page, limit });
-	}
 </script>

 <AdvancedTable
 	items={clients}
-	{fetchItems}
-	columns={['Logo', 'Name', { label: 'Actions', hidden: true }]}
+	{requestOptions}
+	onRefresh={async(o) => clients = await oidcService.listClients(o)}
+	columns={[
+		{ label: 'Logo' },
+		{ label: 'Name', sortColumn: 'name' },
+		{ label: 'Actions', hidden: true }
+	]}
 >
 	{#snippet rows({ item })}
 		<Table.Cell class="w-8 font-medium">
--- a/frontend/src/routes/settings/admin/user-groups/user-group-form.svelte
+++ b/frontend/src/routes/settings/admin/user-groups/user-group-form.svelte
@@ -22,12 +22,11 @@
 	};

 	const formSchema = z.object({
-		friendlyName: z.string().min(2).max(30),
+		friendlyName: z.string().min(2).max(50),
 		name: z
 			.string()
 			.min(2)
-			.max(30)
-			.regex(/^[a-z0-9_]+$/, 'Name can only contain lowercase letters, numbers, and underscores')
+			.max(255)
 	});
 	type FormSchema = typeof formSchema;

--- a/frontend/src/routes/settings/admin/user-groups/user-group-list.svelte
+++ b/frontend/src/routes/settings/admin/user-groups/user-group-list.svelte
@@ -5,7 +5,7 @@
 	import * as DropdownMenu from '$lib/components/ui/dropdown-menu';
 	import * as Table from '$lib/components/ui/table';
 	import UserGroupService from '$lib/services/user-group-service';
-	import type { Paginated } from '$lib/types/pagination.type';
+	import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 	import type { UserGroup, UserGroupWithUserCount } from '$lib/types/user-group.type';
 	import { axiosErrorToast } from '$lib/utils/error-util';
 	import { LucidePencil, LucideTrash } from 'lucide-svelte';
@@ -16,6 +16,7 @@
 		$props();

 	let userGroups = $state<Paginated<UserGroupWithUserCount>>(initialUserGroups);
+	let requestOptions: SearchPaginationSortRequest | undefined = $state();

 	const userGroupService = new UserGroupService();

@@ -29,7 +30,7 @@
 				action: async () => {
 					try {
 						await userGroupService.remove(userGroup.id);
-						userGroups = await userGroupService.list();
+						userGroups = await userGroupService.list(requestOptions!);
 					} catch (e) {
 						axiosErrorToast(e);
 					}
@@ -38,13 +39,19 @@
 			}
 		});
 	}
-
-	async function fetchItems(search: string, page: number, limit: number) {
-		return userGroupService.list(search, { page, limit });
-	}
 </script>

-<AdvancedTable items={userGroups} {fetchItems} columns={['Friendly Name', 'Name', 'User Count', {label: "Actions", hidden: true}]}>
+<AdvancedTable
+	items={userGroups}
+	onRefresh={async (o) => (userGroups = await userGroupService.list(o))}
+	{requestOptions}
+	columns={[
+		{ label: 'Friendly Name', sortColumn: 'friendlyName' },
+		{ label: 'Name', sortColumn: 'name' },
+		{ label: 'User Count', sortColumn: 'userCount' },
+		{ label: 'Actions', hidden: true }
+	]}
+>
 	{#snippet rows({ item })}
 		<Table.Cell>{item.friendlyName}</Table.Cell>
 		<Table.Cell>{item.name}</Table.Cell>
--- a/frontend/src/routes/settings/admin/user-groups/user-selection.svelte
+++ b/frontend/src/routes/settings/admin/user-groups/user-selection.svelte
@@ -13,16 +13,15 @@
 	const userService = new UserService();

 	let users = $state(initialUsers);
-
-	function fetchItems(search: string, page: number, limit: number) {
-		return userService.list(search, { page, limit });
-	}
 </script>

 <AdvancedTable
 	items={users}
-	{fetchItems}
-	columns={['Name', 'Email']}
+	onRefresh={async (o) => (users = await userService.list(o))}
+	columns={[
+		{ label: 'Name', sortColumn: 'name' },
+		{ label: 'Email', sortColumn: 'email' }
+	]}
 	bind:selectedIds={selectedUserIds}
 >
 	{#snippet rows({ item })}
--- a/frontend/src/routes/settings/admin/users/user-list.svelte
+++ b/frontend/src/routes/settings/admin/users/user-list.svelte
@@ -7,7 +7,7 @@
 	import * as DropdownMenu from '$lib/components/ui/dropdown-menu';
 	import * as Table from '$lib/components/ui/table';
 	import UserService from '$lib/services/user-service';
-	import type { Paginated } from '$lib/types/pagination.type';
+	import type { Paginated, SearchPaginationSortRequest } from '$lib/types/pagination.type';
 	import type { User } from '$lib/types/user.type';
 	import { axiosErrorToast } from '$lib/utils/error-util';
 	import { LucideLink, LucidePencil, LucideTrash } from 'lucide-svelte';
@@ -15,20 +15,13 @@
 	import { toast } from 'svelte-sonner';
 	import OneTimeLinkModal from './one-time-link-modal.svelte';

-	let { users: initialUsers }: { users: Paginated<User> } = $props();
-	let users = $state<Paginated<User>>(initialUsers);
-	$effect(() => {
-		users = initialUsers;
-	});
+	let { users = $bindable() }: { users: Paginated<User> } = $props();
+	let requestOptions: SearchPaginationSortRequest | undefined = $state();

-	let userIdToCreateOneTimeLink: string | null =  $state(null);;
+	let userIdToCreateOneTimeLink: string | null = $state(null);

 	const userService = new UserService();

-	function fetchItems(search: string, page: number, limit: number) {
-		return userService.list(search, { page, limit });
-	}
-
 	async function deleteUser(user: User) {
 		openConfirmDialog({
 			title: `Delete ${user.firstName} ${user.lastName}`,
@@ -39,7 +32,7 @@
 				action: async () => {
 					try {
 						await userService.remove(user.id);
-						users = await userService.list();
+						users = await userService.list(requestOptions!);
 					} catch (e) {
 						axiosErrorToast(e);
 					}
@@ -52,16 +45,34 @@

 <AdvancedTable
 	items={users}
-	{fetchItems}
+	{requestOptions}
+	onRefresh={async (options) => (users = await userService.list(options))}
 	columns={[
-		'First name',
-		'Last name',
-		'Email',
-		'Username',
-		'Role',
-		{ label: 'Actions', hidden: true }
+		{
+			label: 'First name',
+			sortColumn: 'firstName'
+		},
+		{
+			label: 'Last name',
+			sortColumn: 'lastName'
+		},
+		{
+			label: 'Email',
+			sortColumn: 'email'
+		},
+		{
+			label: 'Username',
+			sortColumn: 'username'
+		},
+		{
+			label: 'Role',
+			sortColumn: 'isAdmin'
+		},
+		{
+			label: 'Actions',
+			hidden: true
+		}
 	]}
-	withoutSearch
 >
 	{#snippet rows({ item })}
 		<Table.Cell>{item.firstName}</Table.Cell>
--- a/frontend/src/routes/settings/audit-log/+page.server.ts
+++ b/frontend/src/routes/settings/audit-log/+page.server.ts
@@ -4,8 +4,10 @@ import type { PageServerLoad } from './$types';
 export const load: PageServerLoad = async ({ cookies }) => {
 	const auditLogService = new AuditLogService(cookies.get('access_token'));
 	const auditLogs = await auditLogService.list({
-		limit: 15,
-		page: 1,
+		sort: {
+			column: 'createdAt',
+			direction: 'desc'
+		}
 	});
 	return {
 		auditLogs
--- a/frontend/src/routes/settings/audit-log/audit-log-list.svelte
+++ b/frontend/src/routes/settings/audit-log/audit-log-list.svelte
@@ -11,13 +11,6 @@

 	const auditLogService = new AuditLogService();

-	async function fetchItems(search: string, page: number, limit: number) {
-		return await auditLogService.list({
-			page,
-			limit
-		});
-	}
-
 	function toFriendlyEventString(event: string) {
 		const words = event.split('_');
 		const capitalizedWords = words.map((word) => {
@@ -29,8 +22,16 @@

 <AdvancedTable
 	items={auditLogs}
-	{fetchItems}
-	columns={['Time', 'Event', 'Approximate Location', 'IP Address', 'Device', 'Client']}
+	onRefresh={async (options) => (auditLogs = await auditLogService.list(options))}
+	defaultSort={{ column: 'createdAt', direction: 'desc' }}
+	columns={[
+		{ label: 'Time', sortColumn: 'createdAt' },
+		{ label: 'Event', sortColumn: 'event' },
+		{ label: 'Approximate Location', sortColumn: 'city' },
+		{ label: 'IP Address', sortColumn: 'ipAddress' },
+		{ label: 'Device', sortColumn: 'device' },
+		{ label: 'Client' }
+	]}
 	withoutSearch
 >
 	{#snippet rows({ item })}
--- a/scripts/create-one-time-access-token.sh
+++ b/scripts/create-one-time-access-token.sh
@@ -1,6 +1,5 @@
 DB_PATH="./backend/data/pocket-id.db"
 DB_PROVIDER="${DB_PROVIDER:=sqlite}"
-USER_IDENTIFIER="$1"

 # Parse command-line arguments for the -d flag (database path)
 while getopts ":d:" opt; do
@@ -15,10 +14,12 @@ while getopts ":d:" opt; do
    esac
 done

+# Shift past the processed options
 shift $((OPTIND - 1))

 # Ensure username or email is provided as a parameter
-if [ -z "$1" ]; then
+USER_IDENTIFIER="$1"
+if [ -z "$USER_IDENTIFIER" ]; then
    echo "Usage: $0 [-d <database_path>] <username or email>"
    if [ "$DB_PROVIDER" == "sqlite" ]; then
        echo "-d <database_path> (optional): Path to the SQLite database file. Default: $DB_PATH"
@@ -104,4 +105,4 @@ else
    echo "Error creating access token."
    exit 1
 fi
-echo "================================================="
+echo "================================================="
Author	SHA1	Message	Date
Elias Schneider	5c57beb4d7	release: 0.24.1	2025-01-13 15:14:10 +01:00
Elias Schneider	2a984eeaf1	docs: add account recovery to README	2025-01-13 15:13:56 +01:00
Elias Schneider	be6e25a167	fix: remove restrictive validation for group names	2025-01-13 12:38:02 +01:00
Elias Schneider	888557171d	fix: optional arguments not working with `create-one-time-access-token.sh`	2025-01-13 12:32:22 +01:00
Elias Schneider	4d337a20c5	fix: audit log table overflow if row data is long	2025-01-12 01:21:47 +01:00
Elias Schneider	69afd9ad9f	release: 0.24.0	2025-01-11 23:46:39 +01:00
Elias Schneider	fd69830c26	feat: add sorting for tables	2025-01-11 20:32:22 +01:00
Elias Schneider	61d18a9d1b	fix: pkce state not correctly reflected in oidc client info	2025-01-10 09:32:51 +01:00
Elias Schneider	a649c4b4a5	fix: send test email to the user that has requested it	2025-01-10 09:25:26 +01:00
@@ -1 +1 @@
 .23.0
 .24.1