agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-06-02 13:49:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,384 Commits 3 Branches 19 Tags
29105911c509f7f2fe2ff9f5d6b81ba106dd91a2
Commit Graph

57 Commits

Author SHA1 Message Date
Brian Gough 29105911c5 Merge pull request #17732 from overleaf/bg-session-mitigation-initial-protoype 
anonymous cookie-based sessions module

GitOrigin-RevId: 75fe2d48fa384ba8d07c0b478a9a5a907a2b3b67
 2024-04-26 08:04:54 +00:00
David ce00af7838 Merge pull request #18011 from overleaf/dp-make-_getRedirectFromSession-public 
Make _getRedirectFromSession a public method

GitOrigin-RevId: 6538e4ec25e607d32beb944370d151d4f1a3709c
 2024-04-24 08:04:13 +00:00
roo hutton 754609f379 Merge pull request #17830 from overleaf/rh-reduce-staff-access-session 
[web] Reduce size of staffAccess field in session

GitOrigin-RevId: 7745dc595e8096caef04fd140b47532f0775f165
 2024-04-12 08:06:35 +00:00
Thomas 811173d32d Merge pull request #17569 from overleaf/tm-account-suspension 
Add the ability to suspend user accounts

GitOrigin-RevId: 5e57f29941434c78a47354baca83527213f9b9b5
 2024-03-22 09:03:06 +00:00
Miguel Serrano abe33de010 [web] upgrade @node-oauth/oauth2-server to ^5.1.0, (#16705) 
* [web] upgrade @node-oauth/oauth2-server to ^5.1.0,

* Added `expressify` to middleware returned by Authentication.requireOauth()

* Extracted OAuth2 scope transformation to utilities

* Throw an error with undefined SAML scopes

GitOrigin-RevId: 00dfe81c707e9a3fcf9bb10e007c1fc646f7b9dd
 2024-02-09 09:05:20 +00:00
Jakob Ackermann 63520c7076 Merge pull request #16859 from overleaf/jpa-sharelatex-cleanup 
[misc] ShareLaTeX cleanup - high impact

GitOrigin-RevId: 6dcce9b0f15e30f7afcf6d69c3df36a369f38120
 2024-02-09 09:04:11 +00:00
Jakob Ackermann 880087945e Merge pull request #16854 from overleaf/jpa-overleaf-integration-core-tests 
[web] enable overleaf-integration module when running SaaS tests

GitOrigin-RevId: 36eda6ef448604a55f8dc8daac5ce29af23b6b0b
 2024-02-05 09:04:05 +00:00
Jakob Ackermann 797f2c518d Merge pull request #16514 from overleaf/jpa-enforce-oauth-scope 
[web] restrict access to oauth endpoints to their respective clients

GitOrigin-RevId: 6ffa6008130588e44d336e2af32584ee20ad3ffc
 2024-01-18 09:04:28 +00:00
Mathias Jakobsen c371732e6e Merge pull request #16186 from overleaf/mj-mongo-object-id 
[web] Use constructor for ObjectId

GitOrigin-RevId: 9eb8b377ea599605b72af237d1ab12f4d8287162
 2023-12-19 09:04:02 +00:00
Miguel Serrano 771f07d7ad Merge pull request #16202 from overleaf/msm-passport-upgrade-2 
[web] passport + passport-saml updates (post revert)

GitOrigin-RevId: e1fa5757e15b3ac733511570637d39297247e050
 2023-12-14 09:03:24 +00:00
Miguel Serrano 369d5cb406 Merge pull request #16190 from overleaf/revert-15519-em-upgrade-passport 
Revert "Upgrade passport"

GitOrigin-RevId: 34a5442d6dae9623463908f92ab103bdc16f1b67
 2023-12-12 09:04:23 +00:00
Miguel Serrano d96283e593 Merge pull request #15519 from overleaf/em-upgrade-passport 
Upgrade passport

GitOrigin-RevId: b93bfcab39ba3d2ab4efb4814371defec8ca95c4
 2023-12-12 09:04:08 +00:00
Eric Mc Sween 21971956b7 Merge pull request #12219 from overleaf/em-camel-case-web 
Camel case variables in web

GitOrigin-RevId: 28e61b759b27f71265f33ab64f588374dba610e0
 2023-03-22 09:05:04 +00:00
June Kelly 9e824ac93c Merge pull request #9951 from overleaf/jk-audit-failed-login-attempts 
[web] Audit failed login attempts

GitOrigin-RevId: 19325f808f77584891e1e12b5ed7aaa16aa6aec9
 2022-10-20 08:03:44 +00:00
Eric Mc Sween e0d91eaa26 Merge pull request #7906 from overleaf/em-downgrade-logs 
Downgrade all INFO logs to DEBUG

GitOrigin-RevId: 05ed582ef0721fcada059f0ad158565f50feca27
 2022-05-17 08:05:26 +00:00
Jakob Ackermann e82a053c85 Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app 
[misc] move admin capability from www. to admin. subdomain

GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459
 2022-04-05 12:18:24 +00:00
Jakob Ackermann d812b88e76 Merge pull request #6457 from overleaf/jpa-harden-login 
[web] harden login process

GitOrigin-RevId: 5c0b7cc725efd5e3e879067ad8a42fe46a47b60d
 2022-01-27 09:03:38 +00:00
Jakob Ackermann d720d6affa Merge pull request #6317 from overleaf/jpa-send-explicit-content-type 
[web] send explicit content type in responses

GitOrigin-RevId: d5aeaba57a7d2fc053fbf5adc2299fb46e435341
 2022-01-18 09:03:18 +00:00
June Kelly c72ec548bb Merge pull request #5976 from overleaf/jk-login-audit-log-type 
[web] Add 'method' info to login audit log

GitOrigin-RevId: 093fe885bc1b688aebd640d6762f031c752191d4
 2022-01-14 09:02:28 +00:00
Alf Eaton 50df230846 [web] Upgrade Prettier to match version in monorepo root (#6231) 
GitOrigin-RevId: 02f97af1b9704782eee77a0b7dfc477ada23e34d
 2022-01-11 09:03:23 +00:00
Brian Gough 108c99cf53 Merge pull request #6141 from overleaf/bg-update-basic-auth 
[web] remove deprecated basic-auth-connect module

GitOrigin-RevId: b18435c98696858da70f3a715258c3c7a86c3b54
 2021-12-20 09:03:06 +00:00
Alexandre Bourdin 3577f25ba2 Merge pull request #5051 from overleaf/ab-web-mono-analytics-id 
Analytics ID Support (v2)

GitOrigin-RevId: 707f62697f6566d8aad22e424684d97f7bc147df
 2021-09-13 08:03:14 +00:00
Alexandre Bourdin 5b8de28250 Merge pull request #5050 from overleaf/revert-4639-ab-web-mono-analytics-id 
Revert "Analytics ID support"

GitOrigin-RevId: cc5da762ba1bafcbcea65ed0dd86342896b6d1eb
 2021-09-10 08:04:47 +00:00
Alexandre Bourdin 6dd641e0e6 Merge pull request #4639 from overleaf/ab-web-mono-analytics-id 
Analytics ID support

GitOrigin-RevId: 820a6c0f4d19f046f6c791ce4dc64dbc80748924
 2021-09-10 08:04:31 +00:00
Alexandre Bourdin 9468e5cb4f Merge pull request #4338 from overleaf/ab-session-manager 
Extract functions from AuthenticationController to SessionManager

GitOrigin-RevId: 86870ce03a762e1a837dcf493759e8851e759883
 2021-07-28 12:36:22 +00:00
Jakob Ackermann 5e773ce950 Merge pull request #4101 from overleaf/ae-settings-module 
Migrate from `settings-sharelatex` to `@overleaf/settings`

GitOrigin-RevId: 9a298ba26382180c1351683c5fddc9004418c1e6
 2021-07-08 02:08:28 +00:00
Jakob Ackermann 95c83866c5 Merge pull request #4112 from overleaf/tm-private-api-basic-auth 
Add requireBasicAuth middleware and refactor httpAuth to use it

GitOrigin-RevId: 7f68c0dc4a40102bfe4a97711def517e465ec7fd
 2021-06-01 02:05:46 +00:00
Alf Eaton 1be43911b4 Merge pull request #3942 from overleaf/prettier-trailing-comma 
Set Prettier's "trailingComma" setting to "es5"

GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
 2021-04-28 02:10:01 +00:00
Alf Eaton 1ebc8a79cb Merge pull request #3495 from overleaf/ae-prettier-2 
Upgrade Prettier to v2

GitOrigin-RevId: 85aa3fa1acb6332c4f58c46165a43d1a51471f33
 2021-04-15 02:05:22 +00:00
Shane Kilkelly 04fa863f9f Merge pull request #3892 from overleaf/sk-reroll-csrf 
Regenerate CSRF token on login

GitOrigin-RevId: 501582b34794a822f4c9fe3af2575b5756511e06
 2021-04-10 02:05:13 +00:00
Eric Mc Sween 9ddaa8c9f6 Merge pull request #3830 from overleaf/em-upgrade-node-12 
Upgrade to Node 12

GitOrigin-RevId: 19870922884b7c98e7e5f2c94df21829672d2db5
 2021-04-01 02:05:52 +00:00
Timothée Alby 8ec7ebe645 Merge pull request #3713 from overleaf/jpa-login-event-drop-pii 
[AuthenticationController] do not include PII as part of login event

GitOrigin-RevId: 274378b3a21945637dc33d2cfb39a53e9aaad9b7
 2021-03-30 02:05:09 +00:00
Jakob Ackermann 0ca9d0236c Merge pull request #3750 from overleaf/jpa-req-ip-in-unit-tests 
[misc] test/unit: add req.ip to MockRequest helper

GitOrigin-RevId: 07b1cf11f20eccb4c002a21f4a59588d201a3f0c
 2021-03-27 03:05:10 +00:00
Alasdair Smith 7cbf2cdd9e Merge pull request #3496 from overleaf/ae-eslint-dot-notation 
Enable the eslint dot-notation rule

GitOrigin-RevId: e11cbad3e8a77a4a60590d3674fbf34feccc5bc9
 2020-12-17 03:07:31 +00:00
Christopher Hoskin 1e8598a8d9 Merge pull request #3331 from overleaf/csh-issue-3661-bump-agents 
Update metrics module

GitOrigin-RevId: bdef141035f277ce4863f14f8a6e166d710b1111
 2020-10-31 03:05:30 +00:00
Jessica Lawshe 1ca50eeb98 Merge pull request #3179 from overleaf/jel-remove-sudo-mode 
Remove SudoMode

GitOrigin-RevId: 9419f9b28e5051a1c5abd29f498f72448d1afd33
 2020-10-07 02:04:29 +00:00
Jakob Ackermann 018a44eeb5 Merge pull request #3185 from overleaf/jpa-normalize-mongo-imports 
[misc] normalize mongo imports

GitOrigin-RevId: ac653d9982e0d36736b90f4c03d4c00be88ea76a
 2020-09-25 02:04:20 +00:00
Jakob Ackermann 674954f96f Merge pull request #3094 from overleaf/sk-restrict-admin-flag 
Check domain of emails on admin users

GitOrigin-RevId: 75de9cff30e3c628249fcd0ea3446a33d51d39b4
 2020-08-20 02:06:19 +00:00
Jakob Ackermann 1f6499b5ea Merge pull request #3053 from overleaf/jpa-spd-accepts 
[misc] reland 3004: unify detection of json requests and skip issuing of redirects

GitOrigin-RevId: fa43b3b4d23deb581496ed70ae8f28b805555d64
 2020-07-28 02:06:27 +00:00
Timothée Alby 5d7fd2a9d8 Merge pull request #2751 from overleaf/ta-finish-login-private 
Don't Export `afterLoginSessionSetup`

GitOrigin-RevId: 46818a70566b8ec56e1a40c7f0d9758d2ac2c100
 2020-04-29 03:22:04 +00:00
Miguel Serrano f39a650823 Merge pull request #2749 from overleaf/ew-ta-google-2fa-error 
fix ERR_HTTP_HEADERS_SENT error with oauth and 2fa

GitOrigin-RevId: b70bd79fb544121337be27349a967d52da115930
 2020-04-23 03:29:21 +00:00
Timothée Alby 05a2529881 Merge pull request #2689 from overleaf/ta-pre-finish-login-hook 
Add preFinishLogin Hook

GitOrigin-RevId: 8379e0643866feef95c648a2db4d8665420e615b
 2020-04-02 03:19:27 +00:00
Shane Kilkelly cfaab43b08 Merge pull request #2325 from overleaf/ta-http-auth-constant-time 
Use Constant Time Comparison in for HTTP Authentication

GitOrigin-RevId: dc9604c18831293c6da3e96dd2b0488daaa81946
 2019-11-07 10:48:28 +00:00
Brian Gough 45ebc42bf6 Merge pull request #2276 from overleaf/bg-reject-invalid-sessions 
reject invalid sessions

GitOrigin-RevId: 5dc59609d01d7ad9bc29f9bf18faee1165d10689
 2019-10-22 09:25:33 +00:00
Brian Gough 8ffaa5b0ca Merge pull request #2271 from overleaf/bg-reject-invalid-sessions 
reject invalid sessions with middleware

GitOrigin-RevId: 07ab8829cbed92bbcb90b2c5f2c9d049e05b77cd
 2019-10-22 07:46:41 +00:00
Simon Detheridge 68c16dcb73 Merge pull request #2263 from overleaf/spd-revert-revert 
Revert "Revert "Merge pull request #2249"

GitOrigin-RevId: 70b0da473e923a072aeca1cc146c82e460757747
 2019-10-18 16:41:37 +00:00
Brian Gough e502b80116 Merge pull request #2259 from overleaf/bg-revert-session-merge 
Revert "Merge pull request #2249 from overleaf/bg-create-session-vali…

GitOrigin-RevId: d2114ecea0708dc109d5c9256e9dccb011a1b62c
 2019-10-18 16:41:12 +00:00
Brian Gough bc8ccf26c7 Merge pull request #2249 from overleaf/bg-create-session-validation-token-for-all-sessions 
move session validation into SessionStoreManager

GitOrigin-RevId: 438ec738f0ccaf9f072629d6203a334cb8439b83
 2019-10-18 08:42:35 +00:00
Brian Gough 75facb159d Merge pull request #2225 from overleaf/bg-validate-sessions 
validate the session with a token derived from the sesionid

GitOrigin-RevId: d34a5bb1717a97138e11e7661f7288523199e0e2
 2019-10-11 10:16:47 +00:00
Simon Detheridge 8ec2f1a896 Merge pull request #2157 from overleaf/jel-saml-logout-redirect 
Redirect handling after logging out

GitOrigin-RevId: 01562dbe71ff4f3571fb0d433b96ccca34aad24e
 2019-09-25 14:48:19 +00:00