073eff74ef
Implement OIDC Back-Channel Logout 1.0 (RFC). When enabled, the IdP can POST a signed logout_token JWT to invalidate user sessions server-side. - Add BackchannelLogoutHandler: JWT verification via jose, jti replay protection with bounded cache, session destruction by sub or sid - Add oidcSessionId column to sessions table with index for fast lookups - Add backchannel logout route (POST /auth/openid/backchannel-logout) - Notify connected clients via socket to redirect to login page - Add authOpenIDBackchannelLogoutEnabled toggle in schema-driven settings UI - Migration v2.34.0 adds oidcSessionId column and index - Polish settings UI: auto-populate loading state, subfolder dropdown options, KeyValueEditor fixes, localized descriptions via descriptionKey, duplicate key detection, success/error toasts - Localize backchannel logout toast (ToastSessionEndedByProvider) - OidcAuthStrategy tests now use real class via require-cache stubbing |
||
|---|---|---|
| .. | ||
| changelog.md | ||
| readme.md | ||
| v2.15.0-series-column-unique.js | ||
| v2.15.1-reindex-nocase.js | ||
| v2.15.2-index-creation.js | ||
| v2.17.0-uuid-replacement.js | ||
| v2.17.3-fk-constraints.js | ||
| v2.17.4-use-subfolder-for-oidc-redirect-uris.js | ||
| v2.17.5-remove-host-from-feed-urls.js | ||
| v2.17.6-share-add-isdownloadable.js | ||
| v2.17.7-add-indices.js | ||
| v2.19.1-copy-title-to-library-items.js | ||
| v2.19.4-improve-podcast-queries.js | ||
| v2.20.0-improve-author-sort-queries.js | ||
| v2.26.0-create-auth-tables.js | ||
| v2.33.0-oidc-scopes-and-group-map.js | ||
| v2.34.0-backchannel-logout.js | ||
Database Migrations
This directory contains all the database migration scripts for the server.
What is a migration?
A migration is a script that changes the structure of the database. This can include creating tables, adding columns, or modifying existing columns. A migration script consists of two parts: an "up" script that applies the changes to the database, and a "down" script that undoes the changes.
Guidelines for writing migrations
When writing a migration, keep the following guidelines in mind:
-
You must name your migration script according to the following convention:
<server_version>-<migration_name>.js. For example,v2.14.0-create-users-table.js.server_versionshould be the version of the server that the migration was created for (this should usually be the next server release).migration_nameshould be a short description of the changes that the migration makes.
-
The script should export two async functions:
upanddown. Theupfunction should contain the script that applies the changes to the database, and thedownfunction should contain the script that undoes the changes. Theupanddownfunctions should accept a single object parameter with acontextproperty that contains a reference to a SequelizeQueryInterfaceobject, and a Logger object for logging. A typical migration script might look like this:async function up({ context: { queryInterface, logger } }) { // Upwards migration script logger.info('migrating ...'); ... } async function down({ context: { queryInterface, logger } }) { // Downward migration script logger.info('reverting ...'); ... } module.exports = {up, down} -
Always implement both the
upanddownfunctions. -
The
upanddownfunctions should be idempotent (i.e., they should be safe to run multiple times). -
Prefer using only
queryInterfaceandloggerparameters, thesequelizemodule, and node.js built-in modules in your migration scripts. You can require other modules, but be aware that they might not be available or change from they ones you tested with. -
It's your responsibility to make sure that the down migration reverts the changes made by the up migration.
-
Log detailed information on every step of the migration. Use
Logger.info()andLogger.error(). -
Test tour migrations thoroughly before committing them.
- write unit tests for your migrations (see
test/server/migrationsfor an example) - you can force a server version change by modifying the
versionfield inpackage.jsonon your dev environment (but don't forget to revert it back before committing)
- write unit tests for your migrations (see
How migrations are run
Migrations are run automatically when the server starts, when the server detects that the server version has changed. Migrations are always run in server version order (from oldest to newest up migrations if the server version increased, and from newest to oldest down migrations if the server version decreased). Only the relevant migrations are run, based on the new and old server versions.
This means that you can switch between server releases without having to worry about running migrations manually. The server will automatically apply the necessary migrations when it starts.