Sanskaran 0.9.x
Overview
Sanskaran 0.9.x ek mahatvapurna release hai jo ek vyapak Upyogkarta Pahunch Niyantran aur Suraksha Pranali pesh karti hai. Yah release duplistatus ko ek khuli pahunch wale application se ek surakshit, bahu-upyogkarta pranali mein badal deti hai, jismein bhumika-aadhaarit pahunch niyantran, vyapak audit logging, aur enterprise-grade suraksha suvidhaen hain. Sabhi vidyamaan karyakshamata ab authentication ke peeche surakshit hai, yah sunishchit karte hue ki keval adhikrit upyogkarta hi backup monitoring tak pahunch sakte hain aur ise prabandhit kar sakte hain.
Breaking Changes
Authentication Anivarya
- Sabhi prishth ab authentication ki maang karte hain - Application tak pahunchne ke liye upyogkartaon ko pravesh karna hoga
- Default admin account svayan banaya jaata hai:
- Username:
admin - Password:
Duplistatus09(pahli baar pravesh karne par badalna hoga)
- Username:
- Vidyamaan sessions asafal kiye jaate hain - Upgrade ke baad sabhi upyogkartaon ko pravesh karna hoga
- API endpoints ab authentication ki maang karte hain - Bahari integrations mein session cookies shamil hone chahiye ya authenticated requests ka upyog karna chahiye
Sanskaran 0.9.x mein upgrade karne ke baad sabhi upyogkartaon ko pravesh karna hoga. Default admin credentials admin/Duplistatus09 hain. Pahli baar pravesh karne ke turant baad password badlein.
Database Schema Migration
- Vidyamana installations ke liye v3.1 se v4.0 tak svayanpravartit migration
- Nayi tables jodi gayi hain:
users,sessions,audit_log - Migration se pehle database backup svayan banaya jaata hai
- Nayi installations seedhe schema v4.0 ke saath shuru hoti hain (migration ki avashyakta nahin hai)
New Features
Upyogkarta Pahunch Niyantran aur Suraksha Pranali
Authentication Pranali
- Upyogkarta pravesh/pravesh se baahar niklein karyakshamata surakshit session prabandhan ke saath
- Password-aadhaarit authentication bcrypt hashing ke saath (lagat kaarak 12)
- Account lockout mechanism (5 asafal prayas, 15-minute lockout)
- Pahli baar pravesh karne par anivarya password badlav
- Password policy ka pravartan:
- Nyunatam 8 akshar
- Kam se kam ek uppercase akshar
- Kam se kam ek lowercase akshar
- Kam se kam ek sankhya
- Vishesh akshar vaikalpik hain
- "Mujhe yaad rakhein" karyakshamata localStorage mein username persistence ke saath
- Session-aadhaarit authentication database-backed sessions ke saath (in-memory ka sthan leta hai)
- CSRF suraksha authentication ke saath integrate ki gayi
- Session suraksha ke liye HTTP-only cookies
- Suraksha monitoring ke liye IP pata aur upyogkarta agent tracking
Upyogkarta Prabandhan (Keval Admin)
- Upyogkarta nirman svayanpravartit aarthik password generation ke saath
- Upyogkarta soochi khoj, pagination, aur filtering ke saath
- Upyogkarta editing (username, admin sthiti, password badlav ki avashyakta)
- Password reset karyakshamata aarthik password pradarshan ke saath
- Upyogkarta hatana suraksha upaayon ke saath (akhiri admin ko hatane se rokta hai)
- Bhumika-aadhaarit pahunch niyantran (Admin/Upyogkarta bhumikaen)
- Stithi sanketak (Sakriya, Lock Kiya, Password Badalna Hai)
- Antim login tracking aur pradarshan
Audit Logging Pranali
- Sabhi pranali badlavon aur upyogkarta kriyaon ke liye vyapak audit trail
- Audit log viewer advanced filtering ke saath:
- Taareekh shrinkhala filtering
- Upyogkarta filtering
- Kriya filtering
- Category filtering
- Stithi filtering
- Niryaat karyakshamata (CSV aur JSON format mein)
- Audit log aankde aur analytics
- Configurable retention period (30-365 din, default: 90 din)
- Automatic cleanup cron job (rooj 2 AM UTC par chalta hai)
- Manual cleanup API with dry-run support
- Audit logging ke liye:
- Authentication events (login, Pravesh se baahar niklein, Password parivartan, account lockouts)
- Upyogkarta prabandhan operations (create, update, Delete karein, Password reset)
- Configuration parivartan (Email, NTFY, Templates, Vilambit tolerance, backup Sammaan)
- Backup operations (collection, deletion, cleanup)
- Server prabandhan (add, update, delete)
- Pranali operations (migrations, cleanup, Suchnaayein)
Sammaan Prushth Punardesign
- Modern sidebar navigation with collapsible sidebar
- Upyogkarta-vishisht sidebar state persistence (collapsed/expanded preference saved per user)
- Grouped settings sections:
- Suchnaayein: Backup suchnaayein, Backup monitoring, Templates
- Integrations: NTFY, Email
- Pranali: Server, Upyogkarta (admin only), Audit log
- Sticky sidebar that remains visible while scrolling
- Responsive design with optimised spacing
- Sammaan icon and "Pranali Sammaan" shirshak in sidebar header
- Peechhe button integrated into app header
Upyogkarta Interface Sudhar
- Standalone pravesh karein page with modern design
- "Mujhe yaad rakhein" checkbox on pravesh karein form for username persistence
- Dikhayein/chhipe password buttons on pravesh karein and password change forms
- Password badlein modal with real-time validation checklist
- Upyogkarta indicator and pravesh se baahar niklein button in app header
- Bhumika-based UI visibility (admin-only features hidden from regular users)
- Stithi badges and indicators throughout the UI
- Upyogkarta-vishisht preferences stored in localStorage (e.g., sidebar collapsed state)
Suraksha Visheshtaayein
- Password hashing with bcrypt (industry-standard)
- Sensitive data sanitization in audit logs (passwords, tokens, secrets never logged)
- Rate limiting for pravesh karein attempts
- Session expiration (24 ghante)
- CSRF token validation for all state-changing operations
- Admin recovery CLI tool for password reset if locked out
Developer Tools
- Admin recovery CLI script (
admin-recovery) for easy execution in Docker containers - Works both locally and in Docker with automatic path detection
- Comprehensive TypeScript interfaces (no
anytypes) - Pravesh karein middleware for route protection
- Audit logger utility class with convenience methods
🚀 Migration Notes
Version 0.8.x Se
Is release introduces pravesh karein and requires all users to log in. When upgrading from version 0.8.x:
- Automatic Database Migration: The application will automatically migrate your database schema from v3.1 to v4.0
- Database Backup: An automatic backup is created before migration
- Default Admin Account: A default admin account is created:
- Username:
admin - Password:
Duplistatus09 - Aapko is password ko pehle pravesh karein par badalna hoga
- Username:
- Session Invalidation: All existing sessions are invalidated
- Upyogkarta Pravesh karein Required: All users must log in after upgrade
- API Pramanikaran: Bahari integrations ko pramanikaran shamil karne ke liye update kiya jana chahiye
Suraksha Sambandhi Vichar
- Default Password Badlein: Pahle pravesh ke turant baad default admin password badlein
- Upyogkarta Khate Banayein: Access ki zaroorat wale pratyek vyakti ke liye alag upyogkarta khate banayein
- Audit Logs Ki Samiksha Karein: Suraksha nigrani ke liye niyamit roop se audit logs ki janch karein
- Retention Configure Karein: Apni compliance avashyaktaon ke aadhar par uchit audit log retention avadhi nirdharit karein
- Master Key Ka Backup: Yadi 0.8.x se upgrade kar rahe hain, to
.duplistatus.keyfile ka backup lena sunishchit karein
Pahle Pravesh Ke Kadam
- Default credentials (
admin/Duplistatus09) ke saath Pravesh karein - Sanket diye jaane par password badlein (pahle pravesh par majboor)
- Anya upyogkartaon ke liye upyogkarta khate banayein (Sammaan → Upyogkarta)
- Yadi avashyak ho to audit log retention configure karein (Sammaan → Audit Log)
- Pranali ke sahi dhang se kaam karne ki pushti ke liye audit logs ki samiksha karein
🐛 Bug Fixes
- Server restart hone par session persistence samasyaon ko theek kiya gaya
- Pramanikaran vifaltaon ke liye truti handling mein sudhar
- Password validation feedback mein sudhar
- Sammaan page mein UI inconsistencies ko theek kiya gaya
- Audit log filtering performance mein sudhar
API Endpoints
Pramanikaran Endpoints
POST /api/auth/login- Upyogkarta pramanikaranPOST /api/auth/logout- Session samaptiGET /api/auth/me- Vartaman upyogkarta ki jankariPOST /api/auth/change-password- Password badlav
Upyogkarta Prabandhan Endpoints (Keval Admin)
GET /api/users- Upyogkartaon ki soochiPOST /api/users- Upyogkarta banayeinPATCH /api/users/{id}- Upyogkarta update kareinDELETE /api/users/{id}- Upyogkarta ko delete karein
Audit Log Endpoints
GET /api/audit-log- Audit logs query kareinGET /api/audit-log/download- Audit logs export kareinGET /api/audit-log/stats- Audit aankdePOST /api/audit-log/cleanup- Manual cleanup (keval admin)GET /api/audit-log/retention- Retention setting prapt kareinPATCH /api/audit-log/retention- Retention update karein (keval admin)
Sabhi API endpoints ko ab pramanikaran ki avashyakta hogi. Pramanikaran par vivaran ke liye API Sandarbh dekhein.
Sahayata
Sahayata Prapt Karna
- Dastavezikaran: Upyogkarta Guide
- API Sandarbh: API Dastavezikaran
- Migration Guide: Sanskaran Upgrade Migration
- Admin Recovery: Admin Account Recovery
- Samuday: GitHub Charcha
- Samasyaen: GitHub Samasyaen
Trutiyon Ki Report Karna
Jab koi samasya report karein, to nimnalikhit shamil karein:
- Sanskaran: 0.9.x
- Operating system aur sanskaran
- Docker sanskaran
- Truti sandesh aur logs
- Punarutpadan ke liye kadam
- Upyogkarta bhumika (Prabandhak/Upyogkarta) yadi prasangik ho
Changelog
Vistrit badlav
- Joda gaya: Purn pramanikaran aur adhikrit pranali
- Joda gaya: Bhumika-aadhaarit access control ke saath upyogkarta prabandhan
- Joda gaya: Vistrit audit logging pranali
- Joda gaya: Collapsible sidebar ke saath Sammaan prushth ka punardesign
- Joda gaya: Prabandhak recovery CLI tool
- Joda gaya: Password niti pravartan
- Joda gaya: Khata band karne ka mechanism
- Joda gaya: Database persistence ke saath session prabandhan
- Badla gaya: Sabhi prushthon ko ab pramanikaran ki avashyakta hai
- Badla gaya: Database schema v3.1 se v4.0 tak
- Badla gaya: Session storage in-memory se database-backed mein
- Badla gaya: Sammaan prushth ka layout aur navigation
- Sudhara gaya: Server restart mein session persistence
- Sudhara gaya: Vibhinn UI asangatiyan
- Behtar kiya gaya: Vistrit audit logging ke saath suraksha posture
- Behtar kiya gaya: Aadhunik login aur Sammaan prushthon ke saath upyogkarta anubhav
- Behtar kiya gaya: TypeScript interfaces aur DRY principles ke saath code ki gunavatta
License
Yah pariyojana Apache License 2.0 ke tahat license prapt hai.
Copyright © 2025 Waldemar Scudeller Jr.