agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-06-06 15:49:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
26,059 Commits 3 Branches 19 Tags
1f83fdc3cb7c623ef6f5ccbbbe56ebdfaf108696
Commit Graph

49 Commits

Author SHA1 Message Date
Rebeka Dekany e29662c951 Tear down bs5-auth-pages feature flag (#27035) 
* Remove auth-pages-bs5 test assignment setPassword

* Remove auth-pages-bs5 test assignment passwordReset

* Remove auth-pages-bs5 test assignment primaryEmailCheck

* Remove auth-pages-bs5 test assignment reconfirm

* Remove - bootstrap5PageStatus = 'enabled'

* Remove primary-email-check.less

* Fix spacing

* Remove unused translations

* Removed unused SplitTestHandler

* Update password_reset_sentence_case to password_reset

GitOrigin-RevId: d5a5c9a1576f325186aa103c4b7ad8fb819b790a
 2025-07-14 08:05:56 +00:00
Andrew Rumble 23f76f9745 Convert return new Promise to await new Promise 
GitOrigin-RevId: 49404748cc90cb7bdef0460f7e9837196f81cae8
 2025-06-25 08:06:59 +00:00
Andrew Rumble 0f268d6bdc Change imports that use chai to use vitest 
GitOrigin-RevId: 59d780f754adbb5160a2de8e5eca1def6968584b
 2025-06-10 08:05:18 +00:00
Andrew Rumble 20619a740a Update test files with vitest compat changes 
GitOrigin-RevId: 494f906089d250268a5ff8c8a2150ff2692c37e2
 2025-05-29 08:05:06 +00:00
Andrew Rumble 4cced4dcb8 Rename test files for vitest 
GitOrigin-RevId: f8792c0ce5eeb4843a534d3ff83e011d25fb65e0
 2025-05-29 08:05:00 +00:00
M Fahru 06a5d4b096 Merge pull request #22609 from overleaf/mf-migrate-aux-password-pages-to-bs5 
[web] Migrate reset password page to bootstrap 5 and website redesign

GitOrigin-RevId: 613865379d094b305c6dc78f74dc70341214f4ed
 2025-01-28 09:05:35 +00:00
Antoine Clausse b78faef983 [web] Add audit logs for clear_sessions_set_must_reconfirm script, "must-reset-password-set" and "must-reset-password-unset" (#21776) 
* Promisify clear_sessions_set_must_reconfirm.mjs

* Add test on PasswordResetTests.mjs

* Add `must-reset-password-unset` audit log

* Add `must-reset-password-set` audit log

* Add test ClearSessionsSetMustReconfirmTests.mjs

* Fixup bad copy-paste in test: `must-reset-password-set` -> `must-reset-password-unset`

* Check `must_reconfirm` before calling `removeReconfirmFlag`

Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>

* Fix unit test

* Use `promiseMapWithLimit`

* Add `{ script: true }` to AuditLog. Also use `undefined` instead of `null` for consistency

---------

Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
GitOrigin-RevId: 522026c82196d263c196503d899b8c57b05b31dd
 2024-11-15 09:05:21 +00:00
Andrew Rumble 46e22c2021 Update tests 
GitOrigin-RevId: 9272720e0f6865c54257c43bd98d8e6003251aa2
 2024-10-17 08:06:17 +00:00
Jimmy Domagala-Tang 55587bc24d Merge pull request #19152 from overleaf/jdt-project-permissions 
Allow checking permissions for all users on a project and rename checkPermissions -> AssertPermissions

GitOrigin-RevId: 511356cf2fe68367e284347e68e59f6116bd0f80
 2024-07-03 08:04:19 +00:00
Antoine Clausse 7fae1cbb2c [web] Update revokeAllUserSessions and rename it to removeSessionsFromRedis (#18360) 
* Fix `revokeAllUserSessions` call in `_cleanupUser`

The user object should be passed, not the _id

* Change `revokeAllUserSessions` signature, take `req` and `stayLoggedIn` arguments

* Update uses of `revokeAllUserSessions`

* Fix promisified `revokeAllUserSessions` args

* Update tests

* Destroy or Regenerate the session in the end of `revokeAllUserSessions`

Per https://github.com/overleaf/internal/issues/17036#issuecomment-1938398570

* Revert "Destroy or Regenerate the session in the end of `revokeAllUserSessions`"

This reverts commit fe30734dbe45b27d2931d2e43a711d591bb85787.

* Rename `revokeAllUserSessions` to `removeSessionsFromRedis`

* Fixup tests

* Fix: add optional chaining in `req.sessionID` (!!)

GitOrigin-RevId: d41676bf00f463230af495e09c65fb9ee521f49f
 2024-05-20 08:04:12 +00:00
Jessica Lawshe f76717c696 Merge pull request #17793 from overleaf/jel-password-token-when-managed-linked 
[web] Check permissions when using password reset token

GitOrigin-RevId: b5339d5ad5322fcae7beaa99fb40a87ffb938b52
 2024-04-25 08:04:58 +00:00
M Fahru f16618fac5 Merge pull request #17548 from overleaf/mf-promisify-render-set-password-form 
[web] promisify renderSetPasswordForm

GitOrigin-RevId: 3a79a7fd23de2d7ff87a833204298aed6cc303a5
 2024-03-29 09:04:26 +00:00
Jessica Lawshe 36062fbebb Merge pull request #17351 from overleaf/jel-async-getUserForPasswordResetToken 
[web] Promisify getUserForPasswordResetToken

GitOrigin-RevId: 4b0363b390af155f1bae4332fba7cf10c130e1c6
 2024-03-12 09:03:35 +00:00
Jessica Lawshe feaea10def Merge pull request #17329 from overleaf/jel-async-peekValueFromToken 
[web] Promisify peekValueFromToken

GitOrigin-RevId: 4a7f6ae793ff0a1bd22c89c963881ef0957e29e8
 2024-03-12 09:03:32 +00:00
Jessica Lawshe c97e8462f7 Merge pull request #17091 from overleaf/jel-promisify-password-reset 
[web] Promisify password reset

GitOrigin-RevId: bc8399727a86276b1d5baa380369d988772c268a
 2024-02-19 09:04:29 +00:00
Mathias Jakobsen 5e083dffd5 Merge pull request #15822 from overleaf/mj-audit-log-tokens 
[web] Add audit logs for token expiration operations

GitOrigin-RevId: 220fe017cf508ead986a4cd2bd9009035418ce43
 2023-11-21 09:03:59 +00:00
June Kelly 0dfaf145ac [web] Password set/reset: reject current password (redux) (#8956) 
* [web] set-password: reject same as current password

* [web] Add 'peek' operation on tokens

This allows us to improve the UX of the reset-password form,
by not invalidating the token in the case where the new
password will be rejected by validation logic.

We give up to three attempts before invalidating the token.

* [web] Add hide-on-error feature to async forms

This allows us to hide the form elements when certain
named error conditions occur.

* [web] reset-password: handle same-password rejection

We also change the implementation to use the new
peekValueFromToken API, and to expire the token explicitely
after it has been used to set the new password.

* [web] Validate OneTimeToken when loading password reset form

* [web] Rate limit GET: /user/password/set

Now that we are peeking at OneTimeToken when accessing this page,
we add rate to the GET request, matching that of the POST request.

* [web] Tidy up pug layout and mongo query for token peeking

Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a
 2022-09-28 08:06:54 +00:00
Henry Oswald 68b61bbcaf Merge pull request #8939 from overleaf/revert-8882-jk-web-reject-same-password 
Revert "[web] Password set/reset: reject current password"

GitOrigin-RevId: f14f970fe93064658a8659537c5cb417e34e2751
 2022-07-20 08:04:00 +00:00
June Kelly f83ea0eae9 Merge pull request #8882 from overleaf/jk-web-reject-same-password 
[web] Password set/reset: reject current password

GitOrigin-RevId: 2c40dda4926d9c68564ae5126b3393b9286bb661
 2022-07-20 08:03:36 +00:00
Jakob Ackermann b027ef95e5 Merge pull request #7986 from overleaf/jpa-eslint-8 
[misc] upgrade eslint packages to the latest version everywhere

GitOrigin-RevId: f1480d4a171acef82fb26c4aa54be3a6088b0ab3
 2022-05-17 08:05:59 +00:00
June Kelly b49c6cd8c5 Merge pull request #5976 from overleaf/jk-login-audit-log-type 
[web] Add 'method' info to login audit log

GitOrigin-RevId: 093fe885bc1b688aebd640d6762f031c752191d4
 2022-01-14 09:02:28 +00:00
Alf Eaton 01042eb030 [web] Upgrade Prettier to match version in monorepo root (#6231) 
GitOrigin-RevId: 02f97af1b9704782eee77a0b7dfc477ada23e34d
 2022-01-11 09:03:23 +00:00
Hugh O'Brien d0e59b79a9 Merge pull request #5688 from overleaf/jpa-invalid-password-message 
[web] password reset: validate user password ahead of invalidating token

GitOrigin-RevId: ba3e6549f53675a2216e2fc24293276c1968d416
 2021-11-10 09:02:38 +00:00
Jakob Ackermann fae4b96762 Merge pull request #5349 from overleaf/jpa-no-depreacted-api 
[misc] fix eslint violations for node/no-depreacted-api

GitOrigin-RevId: 0f7d64984da9e789c4ab95381db34afb89fa1a94
 2021-10-21 08:03:18 +00:00
June Kelly 489ac6b515 Merge pull request #5366 from overleaf/jk-move-password-reset-audit-log 
[web] audit password reset before taking action

GitOrigin-RevId: 672f712658b4669a5a750dbc6f97d24ce35c332d
 2021-10-21 08:03:00 +00:00
Jakob Ackermann d3009db5b6 Merge pull request #5124 from overleaf/jk-de-ng-set-password-page 
[web] de-ng set password form

GitOrigin-RevId: d8ebf9f794454d5772e13ab783892d2bba6eed87
 2021-09-24 08:03:23 +00:00
June Kelly 04292464b6 Merge pull request #5107 from overleaf/jk-de-ng-reconfirm-and-pw-reset 
[web] de-ng password reset and must-reconfirm forms

GitOrigin-RevId: 2101493ff017ba56214c6f981129f94eb9db46aa
 2021-09-17 08:03:02 +00:00
Jakob Ackermann 9d00c351a8 Merge pull request #4327 from overleaf/jpa-pw-reset-captcha 
[misc] add captcha on password reset requests

GitOrigin-RevId: 9a23b9c9dee2c56345e9c1846861c05c25126802
 2021-07-28 02:06:02 +00:00
Jakob Ackermann 5e773ce950 Merge pull request #4101 from overleaf/ae-settings-module 
Migrate from `settings-sharelatex` to `@overleaf/settings`

GitOrigin-RevId: 9a298ba26382180c1351683c5fddc9004418c1e6
 2021-07-08 02:08:28 +00:00
Alf Eaton 1be43911b4 Merge pull request #3942 from overleaf/prettier-trailing-comma 
Set Prettier's "trailingComma" setting to "es5"

GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
 2021-04-28 02:10:01 +00:00
Alf Eaton 1ebc8a79cb Merge pull request #3495 from overleaf/ae-prettier-2 
Upgrade Prettier to v2

GitOrigin-RevId: 85aa3fa1acb6332c4f58c46165a43d1a51471f33
 2021-04-15 02:05:22 +00:00
Eric Mc Sween 9ddaa8c9f6 Merge pull request #3830 from overleaf/em-upgrade-node-12 
Upgrade to Node 12

GitOrigin-RevId: 19870922884b7c98e7e5f2c94df21829672d2db5
 2021-04-01 02:05:52 +00:00
Miguel Serrano d65db1acf0 Merge pull request #3824 from overleaf/jpa-password-reset-email-forwarding 
[misc] fix passing around of users email as part of password reset

GitOrigin-RevId: 54e8cde9867a2ce735bc7ebe281ead19ef49e6cd
 2021-04-01 02:05:04 +00:00
Alf Eaton 2ff1cf43d6 Merge pull request #3470 from overleaf/eslint 
Upgrade and configure ESLint

GitOrigin-RevId: ad5aeaf85e72c847a125ff3a9db99a12855e38aa
 2020-12-16 03:08:28 +00:00
Shane Kilkelly e9f7a17093 Merge pull request #3234 from overleaf/sk-fix-password-validation-email 
Overhaul password validation

GitOrigin-RevId: a591c4e192e30a0ac053eab6f80627543a8a92fe
 2020-10-23 02:04:39 +00:00
Simon Detheridge fdcf327ae7 Merge pull request #3231 from overleaf/jpa-hide-internal-error-messages 
[misc] PasswordResetController: do not expose internal error messages

GitOrigin-RevId: 9eca5e7f5367559d5340363ef859589e218e817f
 2020-09-29 02:05:30 +00:00
Jessica Lawshe 552fb56b74 Merge pull request #3078 from overleaf/jel-log-password-reset-by-token 
Update audit log when password reset by token

GitOrigin-RevId: 2ae7f59c5cdf2723e541a99c58c36564cc82adbf
 2020-08-13 15:46:10 +00:00
Miguel Serrano 0583f7a667 Merge pull request #2746 from overleaf/ew-jpa-fix-deprecated-express-methods 
[misc] fix express deprecations

GitOrigin-RevId: 78c730578c6a671f142837c98f98d5fd260332a5
 2020-05-07 03:27:56 +00:00
Eric Mc Sween 1dc325d1c7 Merge pull request #2750 from overleaf/ta-activate-finish-login 
Don't Bypass FinishLogin on Password Reset

GitOrigin-RevId: 92567c893afb4aa64fa045151678d33c877d8f71
 2020-04-24 03:30:45 +00:00
Eric Mc Sween 93fe30a451 Merge pull request #2412 from overleaf/em-password-trim 
Preserve spaces in password in password reset flow

GitOrigin-RevId: 9a2dfb2988ae99be73934b722e635056b5ab1a18
 2019-12-02 14:09:57 +00:00
Eric Mc Sween 2603597150 Merge pull request #2221 from overleaf/em-ownership-transfer-emails 
Project ownership transfer emails

GitOrigin-RevId: 3d33147c18e2d652976b3dac7453c0407c81314e
 2019-10-15 13:30:10 +00:00
Simon Detheridge 7588393580 Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows 
Enforce consistent callback style in mocha tests

GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
 2019-08-07 15:29:25 +00:00
Ersun Warncke d624c29b6f remove v1 deps for password change/reset 
GitOrigin-RevId: be25f19ae589c50bfde0b170860127fa8d6f63b7
 2019-07-17 15:09:24 +00:00
Eric Mc Sween d7549544d6 Merge pull request #1950 from overleaf/em-password-reset 
Fetch user by email when validating password reset

GitOrigin-RevId: 9f113f1393e322611b1e7af5aec1ac25a38a122d
 2019-07-16 09:22:15 +00:00
Shane Kilkelly 238e2b2565 Merge pull request #1937 from overleaf/spd-sandboxedmodule-global-console 
Add 'console' to SandboxedModule globals

GitOrigin-RevId: fad442ca128561a4fa193b929f217cf31ad0f043
 2019-07-15 10:44:47 +00:00
Eric Mc Sween a31090daab Merge pull request #1944 from overleaf/em-password-reset 
Store the email address in the password reset token data

GitOrigin-RevId: 9aa2eaff49de9ac88258cb996202934dab71cc0a
 2019-07-04 12:51:16 +00:00
Simon Detheridge 757ae39487 Merge pull request #1899 from overleaf/spd-implicit-return-tests 
Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests

GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
 2019-06-21 13:58:57 +00:00
Ersun Warncke 8cc9bc5335 write to v1/v2 on register, password change and reset 
GitOrigin-RevId: 29045912319d1d387613ec55c6620852d8857614
 2019-06-19 11:06:21 +00:00
Alasdair Smith 0ca81de78c Merge pull request #1717 from overleaf/as-decaffeinate-backend 
Decaffeinate backend

GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
 2019-05-29 09:32:21 +00:00