[PR #919] [CLOSED] feat: Two-Factor Authentication & OIDC/SSO – full implementation with admin UI #1134

New issue

Closed

opened 2026-05-06 12:35:15 +02:00 by BreizhHardware · 0 comments

BreizhHardware commented 2026-05-06 12:35:15 +02:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/maziggy/bambuddy/pull/919
Author: @netscout2001
Created: 4/8/2026
Status: ❌ Closed

Base: dev ← Head: feature/2fa-oidc-authentication

---

📝 Commits (10+)

• 97ade90 feat: add 2FA (TOTP + Email OTP) and OIDC authentication
• 1c9d1d4 i18n: improve 2FA translations across all locales
• ce7a949 test: add 2FA/OIDC unit and integration tests; fix auth middleware public routes
• 1e74ad8 security: fix 4 vulnerabilities found during manual audit
• 926a800 refactor: replace in-memory auth state with persistent DB tables
• 3b3f0e9 chore: add uv.lock for reproducible dependency resolution
• 0bdb856 feat: add 2FA & OIDC settings UI under Authentication tab
• d83effb fix: move twoFa/oidc i18n keys under settings namespace
• 9ff2810 fix: correctly nest twoFa/oidc i18n keys inside settings block
• ea1b784 fix: resolve TypeScript build errors in OIDCProviderSettings

📊 Changes

32 files changed (+4850 additions, -481 deletions)

View changed files

📝 backend/app/api/routes/auth.py (+42 -0)
➕ backend/app/api/routes/mfa.py (+1263 -0)
📝 backend/app/core/database.py (+10 -0)
📝 backend/app/main.py (+11 -0)
📝 backend/app/models/__init__.py (+10 -0)
➕ backend/app/models/auth_ephemeral.py (+72 -0)
➕ backend/app/models/oidc_provider.py (+70 -0)
➕ backend/app/models/user_otp_code.py (+36 -0)
➕ backend/app/models/user_totp.py (+46 -0)
📝 backend/app/schemas/auth.py (+157 -3)
📝 backend/tests/conftest.py (+4 -0)
➕ backend/tests/integration/test_mfa_api.py (+676 -0)
➕ backend/tests/unit/test_mfa_helpers.py (+49 -0)
📝 frontend/src/api/client.ts (+144 -3)
➕ frontend/src/components/OIDCProviderSettings.tsx (+344 -0)
➕ frontend/src/components/TwoFactorSettings.tsx (+432 -0)
📝 frontend/src/contexts/AuthContext.tsx (+18 -5)
📝 frontend/src/i18n/locales/de.ts (+91 -0)
📝 frontend/src/i18n/locales/en.ts (+91 -0)
📝 frontend/src/i18n/locales/fr.ts (+91 -0)

...and 12 more files

📄 Description

.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/maziggy/bambuddy/pull/919 **Author:** [@netscout2001](https://github.com/netscout2001) **Created:** 4/8/2026 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `feature/2fa-oidc-authentication` --- ### 📝 Commits (10+) - [`97ade90`](https://github.com/maziggy/bambuddy/commit/97ade90834354e533cb75eda49b2589f5f624cc8) feat: add 2FA (TOTP + Email OTP) and OIDC authentication - [`1c9d1d4`](https://github.com/maziggy/bambuddy/commit/1c9d1d46176d5d6cf1f4050ad4a6fe7353bb5531) i18n: improve 2FA translations across all locales - [`ce7a949`](https://github.com/maziggy/bambuddy/commit/ce7a9491e7d2723b5063e953783b942b61b423cd) test: add 2FA/OIDC unit and integration tests; fix auth middleware public routes - [`1e74ad8`](https://github.com/maziggy/bambuddy/commit/1e74ad824ecf6d44aa1d706531bb9d88a4e3f611) security: fix 4 vulnerabilities found during manual audit - [`926a800`](https://github.com/maziggy/bambuddy/commit/926a800366dadc915e4f3d6ce087da25f382845b) refactor: replace in-memory auth state with persistent DB tables - [`3b3f0e9`](https://github.com/maziggy/bambuddy/commit/3b3f0e9334d0818b3681577b75988863086203bd) chore: add uv.lock for reproducible dependency resolution - [`0bdb856`](https://github.com/maziggy/bambuddy/commit/0bdb8565247253125f44617761d5464618c6688c) feat: add 2FA & OIDC settings UI under Authentication tab - [`d83effb`](https://github.com/maziggy/bambuddy/commit/d83effb4321c8687a560950d61809836a88f41bb) fix: move twoFa/oidc i18n keys under settings namespace - [`9ff2810`](https://github.com/maziggy/bambuddy/commit/9ff2810e8991b4caddf352279e3e9a605ba57af0) fix: correctly nest twoFa/oidc i18n keys inside settings block - [`ea1b784`](https://github.com/maziggy/bambuddy/commit/ea1b7849828cc1cb954b77cf6cc9fd8b9bf0273f) fix: resolve TypeScript build errors in OIDCProviderSettings ### 📊 Changes **32 files changed** (+4850 additions, -481 deletions) <details> <summary>View changed files</summary> 📝 `backend/app/api/routes/auth.py` (+42 -0) ➕ `backend/app/api/routes/mfa.py` (+1263 -0) 📝 `backend/app/core/database.py` (+10 -0) 📝 `backend/app/main.py` (+11 -0) 📝 `backend/app/models/__init__.py` (+10 -0) ➕ `backend/app/models/auth_ephemeral.py` (+72 -0) ➕ `backend/app/models/oidc_provider.py` (+70 -0) ➕ `backend/app/models/user_otp_code.py` (+36 -0) ➕ `backend/app/models/user_totp.py` (+46 -0) 📝 `backend/app/schemas/auth.py` (+157 -3) 📝 `backend/tests/conftest.py` (+4 -0) ➕ `backend/tests/integration/test_mfa_api.py` (+676 -0) ➕ `backend/tests/unit/test_mfa_helpers.py` (+49 -0) 📝 `frontend/src/api/client.ts` (+144 -3) ➕ `frontend/src/components/OIDCProviderSettings.tsx` (+344 -0) ➕ `frontend/src/components/TwoFactorSettings.tsx` (+432 -0) 📝 `frontend/src/contexts/AuthContext.tsx` (+18 -5) 📝 `frontend/src/i18n/locales/de.ts` (+91 -0) 📝 `frontend/src/i18n/locales/en.ts` (+91 -0) 📝 `frontend/src/i18n/locales/fr.ts` (+91 -0) _...and 12 more files_ </details> ### 📄 Description . --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

BreizhHardware 2026-05-06 12:35:15 +02:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

github-repo-stats

bug-report-assets

dev

0.2.4b3

0.2.4b2

0.2.4b1

pr/1114

0.2.3.2

0.2.3.1

0.2.3

0.2.3b3

0.2.3b2

0.2.3b1

0.2.2.2

0.2.2.1

0.2.2b3

0.2.2

0.2.2b2

0.2.2b1

0.2.1.1

0.2.1

0.2.1b3

0.2.1b2

0.2.1b

0.2.0

0.2.0b

0.1.5-2-ctrl

v0.2.4b4-daily.20260508

v0.2.4b2

v0.2.4b3

v0.2.4b1

v0.2.3.2

v0.2.3.1

v0.2.3

v0.2.3b3

v0.2.3b2

v0.2.3b1-daily.20260407

v0.2.3b1

v0.2.2.2

v0.2.2.1

v0.2.3b1-daily.20260318

v0.2.3b1-daily.20260317

v0.2.3b1-daily.20260316

v0.2.2

v0.2.2b4-daily.20260314

v0.2.2b4-daily.20260313

v0.2.2b3-daily.20260312

v0.2.2b3-1

v0.2.2b2

v0.2.2-b2

v0.2.2b3

v0.2.2-b1

v0.2.2b1

v0.2.1.1

v0.2.1

v0.2.1b3

v0.2.1b2

v0.2.1b

v0.2.0

v0.1.9

v0.1.8.1

v0.1.8

v0.1.7

v0.1.6.2

v0.1.6.1

v0.1.6-hotfix

v0.1.6

v0.1.6b11

v0.1.6b10

v0.1.6b9

v0.1.6b8

v0.1.6b7

v0.1.6b6

v0.1.6b5

v0.1.6b4

v0.1.6b3

v0.1.6b2

v0.1.6b

v0.1.5-final

v0.1.5b7

v0.1.5b6

v0.1.5b5

v0.1.5b4

v0.1.5b3

v0.1.5b2

v0.1.5b

v0.1.4

v0.1.3

v0.1.2-bugfix

v0.1.2-final

v0.1.2

0.1.1

Labels

Clear labels   

A1

  

automated

  

automated

  

bug

  

bug

  

Closed due to inactivity

  

contrib

  

dependencies

  

dependencies

  

duplicate

  

enhancement

  

feedback

  

hold

  

invalid

  

Notes

  

P1S

  

pull-request

Mirrored from GitHub Pull Request

  

security

  

security

  

ThumbsUp

  

user-report

  

wontfix

No labels

A1

automated

automated

bug

bug

Closed due to inactivity

contrib

dependencies

dependencies

duplicate

enhancement

feedback

hold

invalid

Notes

P1S

pull-request

security

security

ThumbsUp

user-report

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/bambuddy#1134

No description provided.