Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-05-18 12:05:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
3x-ui/web/controller
History
MHSanaei b97ff40ad6
feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs 
Replace the single regenerable API token with a named-token list:
- New ApiToken model + service with constant-time auth matching
- Seeder migrates the legacy `apiToken` setting into a "default" row
- Security tab gets create/enable/delete UI; api-docs page links to it
- Dedicated "API Tokens" section in the in-panel docs

URL anchors now reflect the active tab/section on Settings, Xray, and
API Docs pages, so deep links like `/panel/settings#security` work.

Translations for the 8 new SecurityTab strings added across all locales.
2026-05-13 16:34:31 +02:00
..
api.go feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs 2026-05-13 16:34:31 +02:00
api_docs_test.go feat(api-docs): enhance in-panel API documentation (#4312) 2026-05-13 01:47:09 +02:00
base.go v3 2026-05-10 02:13:42 +02:00
custom_geo.go v3 2026-05-10 02:13:42 +02:00
dist.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
inbound.go fix: single inbound traffic reset resets all inbounds (#4334) (#4338) 2026-05-13 14:49:54 +02:00
index.go fix(auth): invalidate sessions when 2FA is enabled, fix dev 401 loop 2026-05-13 14:08:16 +02:00
login_limiter.go Implement CSRF protection and security hardening across the application (#4179) 2026-05-07 23:36:11 +02:00
login_limiter_test.go refactor(websocket): split controller into service + thin controller 2026-05-08 00:00:44 +02:00
node.go feat(nodes): traffic-writer queue, full-mirror sync, WS event fixes 2026-05-10 16:25:23 +02:00
server.go feat(panel): xray metrics dashboard with observatory probe history 2026-05-12 02:17:45 +02:00
setting.go feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs 2026-05-13 16:34:31 +02:00
util.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
util_test.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
websocket.go v3 2026-05-10 02:13:42 +02:00
xray_setting.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
xui.go feat(panel): in-panel API documentation page 2026-05-11 13:57:42 +02:00