| Commit message (Collapse) | Author |
|---|
|
That helps remove duplicated code and rustc/cargo will now also show
dead code correctly.
|
|
|
|
## Summary
This PR enables the Atuin CLI to authenticate with Atuin Hub, unifying
authentication across CLI sync and Hub features (AI, runbooks, etc.).
### Key Changes
- **Dual auth support**: New `AuthToken` enum supports both `Bearer`
(Hub) and `Token` (legacy CLI) authentication
- **Smart protocol selection**: New `sync_protocol` setting
(`auto`/`hub`/`legacy`) determines auth method. By default,
`api.atuin.sh` uses Hub auth; custom sync addresses use legacy auth
- **Hub login flow**: `atuin login` now initiates an OAuth-like flow for
Hub users—generates a code, user authorizes in browser, CLI polls for
completion
- **Account linking**: After Hub auth, silently attempts to link
existing CLI sync account to Hub account for seamless migration
- **Graceful fallback**: `sync_auth_token()` prefers Hub token when
available, falls back to CLI session token
### Auth Flow
1. User runs `atuin login` (with default sync address)
2. CLI requests auth code from Hub, displays URL
3. User opens URL, logs in/registers on Hub
4. Hub attaches API token to code
5. CLI polls, receives token, saves as hub session
6. If user had existing CLI sync account, it's automatically linked
### Backward Compatibility
- Existing self-hosted users: unaffected (legacy auth via `Token`
header)
- Existing `api.atuin.sh` users: continue working with CLI session until
they run `atuin login`
- New users: go through Hub flow automatically
## Test Plan
- [ ] New user registration via Hub flow
- [ ] Existing CLI user can still sync without changes
- [ ] `atuin login` links CLI account to Hub account
- [ ] Self-hosted users unaffected by changes
- [ ] AI commands work after Hub auth
---------
Co-authored-by: Ellie Huxtable <ellie@elliehuxtable.com>
|
|
<!-- Thank you for making a PR! Bug fixes are always welcome, but if
you're adding a new feature or changing an existing one, we'd really
appreciate if you open an issue, post on the forum, or drop in on
Discord -->
## Checks
- [ ] I am happy for maintainers to push small adjustments to this PR,
to speed up the review cycle
- [ ] I have checked that there are no existing pull requests for the
same thing
|
|
<!-- Thank you for making a PR! Bug fixes are always welcome, but if
you're adding a new feature or changing an existing one, we'd really
appreciate if you open an issue, post on the forum, or drop in on
Discord -->
## Checks
- [ ] I am happy for maintainers to push small adjustments to this PR,
to speed up the review cycle
- [ ] I have checked that there are no existing pull requests for the
same thing
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
* chore: update to rust 1.88
* clippy + fmt
* update ci version
* update flake
|
|
|
|
* chore: upgrade to 2024 edition
* ugh unsafe
* format
* nixxxxxxxxxxx why
|
|
|
|
* add verified column to users table
* add database functions to check if verified, or to verify
* getting there
* verification check
* use base64 urlsafe no pad
* add verification client
* clippy
* correct docs
* fix integration tests
|
|
|
|
For Atuin Cloud, we rate limit login attempts (and a few other endpoints). Ensure that the user gets a descriptive response
For self hosted users, if you wish to rate limit, I'd suggest
configuring this with your reverse proxy.
|
|
I'd like to tidy up the root a little, and it's nice to have all the
rust crates in one place
|
|
1. Start on a home page, can sort onboarding/etc from there
2. Introduce zustand for state management. It's nice!
Did a production build and clicked around for a while. Memory usage
seems nice and chill.
|
|
|
|
Hi!
I've been trying to get atuin set up on the illumos machine I built for work
@oxidecomputer, and I ran into a few issues which are fixed here:
1. The `clipboard` feature was only supported on Windows, Mac and Linux. I've
added a platform gate for that.
2. The `atomic-write-file` crate needed an update to the version of `nix` --
that is included.
3. As part of this, I found a [security
bug](https://rustsec.org/advisories/RUSTSEC-2024-0020.html) in the whoami
crate. The bug has been fixed upstream and I've included it.
whoami 1.5.0 deprecates the `hostname` function, which produced some fresh
warnings. While fixing the warnings I also took the liberty of doing some
code rearrangement, adding a few functions that wrap some common operations. I
didn't really know where to put those functions, so I created a new `utils`
module for it. If you have a better place to put them, I'm happy to change
the PR.
Feel free to make any changes to this PR if you like before landing it, or to
ask for review.
As a followup I'm also happy to set up a cross-compile build for atuin on
illumos. It's a bit harder to run tests in CI for illumos at the moment, but
I'm trying to get a project started up to make that happen in the future as
well.
|
|
This will
1. Wipe the remote store
2. Upload all of the local store to remote
Imagine the scenario where you end up with some mixed keys locally :(
You confirm this with
```
atuin store verify
```
You then fix it locally with
```
atuin store purge
```
Ensure that your local changes are reflected remotely with
```
atuin store push --force
```
and then (another PR, coming soon), update all other hosts with
```
atuin store pull --force
```
|
|
* Add change-password command & support on server
* Add a test for password change
* review: run format
---------
Co-authored-by: Ellie Huxtable <ellie@elliehuxtable.com>
|
|
* chore: add feature to allow always disable check update
In the packaging rules of some distributions, the software's self-update check needs to be permanently turned off
This commit will make it easier for these users to
* fix: formatting
---------
Co-authored-by: Ellie Huxtable <ellie@elliehuxtable.com>
|
|
* feat: make deleting from the UI work with record store sync
* sort cli delete too
* teeny bit more logs
|
|
Hopefully this helps users get more descriptive errors, and give more
descriptive bug reports
|
|
|
|
* feat: rework record sync for improved reliability
So, to tell a story
1. We introduced the record sync, intended to be the new algorithm to
sync history.
2. On top of this, I added the KV store. This was intended as a simple
test of the record sync, and to see if people wanted that sort of
functionality
3. History remained syncing via the old means, as while it had issues it
worked more-or-less OK. And we are aware of its flaws
4. If KV syncing worked ok, history would be moved across
KV syncing ran ok for 6mo or so, so I started to move across history.
For several weeks, I ran a local fork of Atuin + the server that synced
via records instead.
The record store maintained ordering via a linked list, which was a
mistake. It performed well in testing, but was really difficult to debug
and reason about. So when a few small sync issues occured, they took an
extremely long time to debug.
This PR is huge, which I regret. It involves replacing the "parent"
relationship that records once had (pointing to the previous record)
with a simple index (generally referred to as idx). This also means we
had to change the recordindex, which referenced "tails". Tails were the
last item in the chain.
Now that we use an "array" vs linked list, that logic was also replaced.
And is much simpler :D
Same for the queries that act on this data.
----
This isn't final - we still need to add
1. Proper server/client error handling, which has been lacking for a
while
2. The actual history implementation on top
This exists in a branch, just without deletions. Won't be much to
add that, I just don't want to make this any larger than it already
is
The _only_ caveat here is that we basically lose data synced via the old
record store. This is the KV data from before.
It hasn't been deleted or anything, just no longer hooked up. So it's
totally possible to write a migration script. I just need to do that.
* update .gitignore
* use correct endpoint
* fix for stores with length of 1
* use create/delete enum for history store
* lint, remove unneeded host_id
* remove prints
* add command to import old history
* add enable/disable switch for record sync
* add record sync to auto sync
* satisfy the almighty clippy
* remove file that I did not mean to commit
* feedback
|
|
* feat: add semver checking to client requests
This enforces that the client and the server run the same major version
in order to sync successfully.
We're using the `Atuin-Version` http header to transfer this information
If the user is not on the same MAJOR, then they will see an error like
this
> Atuin version mismatch! In order to successfully sync, the client and the server must run the same *major* version
> Client: 17.1.0
> Server: 18.1.0
> Error: could not sync records due to version mismatch
This change means two things
1. We will now only increment major versions if there is a breaking
change for sync
2. We can now add breaking changes to sync, for any version >17.1.0.
Clients will fail in a meaningful way.
* lint, fmt, etc
* only check for client newer than server
* Add version header to client too
|
|
* fix timestamp
* add sync test
* skip all sync tests
|
|
|
|
* Add connect timeout and overall timeout
* Make it configurable
* Fix test
* Add docs
|
|
* replace chrono with time
* Fix test chrono usage
---------
Co-authored-by: Ellie Huxtable <ellie@elliehuxtable.com>
|
|
* Add record migration
* Add database functions for inserting history
No real tests yet :( I would like to avoid running postgres lol
* Add index handler, use UUIDs not strings
* Fix a bunch of tests, remove Option<Uuid>
* Add tests, all passing
* Working upload sync
* Record downloading works
* Sync download works
* Don't waste requests
* Use a page size for uploads, make it variable later
* Aaaaaand they're encrypted now too
* Add cek
* Allow reading tail across hosts
* Revert "Allow reading tail across hosts"
Not like that
This reverts commit 7b0c72e7e050c358172f9b53cbd21b9e44cf4931.
* Handle multiple shards properly
* format
* Format and make clippy happy
* use some fancy types (#1098)
* use some fancy types
* fmt
* Goodbye horrible tuple
* Update atuin-server-postgres/migrations/20230623070418_records.sql
Co-authored-by: Conrad Ludgate <conradludgate@gmail.com>
* fmt
* Sort tests too because time sucks
* fix features
---------
Co-authored-by: Conrad Ludgate <conradludgate@gmail.com>
|
|
|
|
|
|
* Stop running triggers on history delete
* Move to account management dir
* Alter trigger function to only run for inserts
* wip
* Add atuin account subcommands, and re-org delete
* Clarify docs
* Delete silly dupe migration
* Um where did this come from
* Oops, insert only plz
|
|
* Added DELETE register endpoint
* Added remove function to database
* Added unregister to client
* Updated docs
* Renamed functions
* Reformatting
* Used execute instead of fetch in delete_user
|
|
* chore: uuhhhhhh crypto lol
* remove dead code
* fix key decoding
* use inplace encryption
|
|
* Drop events. I'd still like to do them, but differently
* Start adding delete api stuff
* Set mailmap
* Delete delete delete
* Fix tests
* Make clippy happy
|
|
* Try to make clippy happy đŸ¥º
* Fmt
* I missed one (can't run clippy locally on airport wifi...)
|
|
* Add automatic update checking
* Add setting to opt out of update checks
* Document options
* no
* no
* also no
* Make clippy happy
* Update atuin-client/src/settings.rs
Co-authored-by: Conrad Ludgate <conradludgate@gmail.com>
* fix features
Co-authored-by: Conrad Ludgate <conradludgate@gmail.com>
Co-authored-by: Conrad Ludgate <conrad.ludgate@truelayer.com>
|
|
* add some error messages
* fmt
|
|
* ignore JB IDEs
* tidy-up imports
* add rustfmt config
|
|
|
|
* use feature flags
* fmt
* fix features
* update ci
* fmt
Co-authored-by: Ellie Huxtable <ellie@elliehuxtable.com>
|
|
* use bail macro
replace client database errors
remove dead code
* fix test
|
|
|
|
|
|
The data part of the add history request is actually a string. I don't
want to introduce any structure here, and would rather keep it as "just
a blob". Even if that blob has structure secretly!
My fault for missing this in the last review
|
|
* make everything a cow
* fmt + clippy
|
|
Also allow unique listing and more ergonomic cwd usage
|
