Add modular application packages with backup-aware install/upgrade/downgrade,
DNF-backed version lists with TTL caching, and HTML bootstrap for faster loads.
Improve the version picker (labels, selection state, background meta refresh) and
route applicationMeta through shared page meta cache. Update static assets and
cache buster for manageServices.js. Repository also includes related updates to
serviceManager, upgrade tooling, website functions, and user management from this
development tree.
populateCurrentRecords() always showed Users successfully fetched on every
successful fetch, so delete/edit/ACL/suspend showed two popups. Add optional
suppressSuccessNotify; use silent refresh after mutations and on initial load.
- robust_delete_administrator: use ORM delete when webauthn_credentials exists; else SQL DELETE after optional webauthn row cleanup and recursive child admins
- Fixes MySQL 1146 ProgrammingError on submitUserDeletion for installs without webauthn migrations
- JSON responses use application/json; errors include deleteStatus for listUsers UI
- After invalid/missing HomeDirectory id, resolve home_dir from best path like auto mode
- Handle MultipleObjectsReturned on path lookup; use get_or_create for UserHomeMapping
- Clear errors for ACL.DoesNotExist and IntegrityError (duplicate username)
- Ensure JSON error responses include createStatus and application/json
- Initialize selectedACL in create user template so JSON POST always includes ACL
- Explicit option values; pass default_acl_name from view for ng-init
- Coerce websitesLimit to int; validate selectedACL before ACL.objects.get
- ensure_csrf_cookie on createUser page load
- Optional /etc/cyberpanel/csrf_trusted_origins for HTTPS IP:port panels
- Allow changeUserACL on getUserHomeDirectories (parity with create user page)
- Sync public/static and static copies of userManagment.js with app static
- Create User: Don't show 'Unknown error' on load; fix inverted success/failure
logic in static/ and public/static/ userManagment.js
- List Users: Use <button> for Edit/Delete/Suspend/Activate; add showModalById/
hideModalById for Bootstrap 3/5; fix public/static missing modal show calls
- Modify User: Fix inverted canotModifyUser/canotFetchDetails in all three
userManagment.js copies; hide modify error when only fetching details
- Add deploy-createuser-fix.sh to copy fixed JS and run collectstatic on server
- Removed {% load user_filters %} which is not needed in v2.4.4
- Removed Home Directory selection section (not in v2.4.4)
- Changed securityLevels to use direct Django template rendering instead of JSON encoding
- Template now matches GitHub v2.4.4 exactly
- Introduced a new endpoint to manually regenerate the 2FA secret for users.
- Updated views to handle 2FA secret regeneration, including security checks and logging.
- Enhanced the user interface with a button to regenerate the 2FA secret, along with appropriate alerts and confirmations.
- Updated JavaScript to manage the regeneration process and display the new secret key and QR code provisioning URI.
https://github.com/usmannasir/cyberpanel/issues/1577
> Thank you!
>
> One more question: is it possible to add WebAuthn 2FA/passkeys/passwordless authentication? Right now, the panel login is the weakest link (assuming SSH key login for the server and tight security on the website).
It has now been added:
https://github.com/usmannasir/cyberpanel/issues/1509#issuecomment-3315474043
