* Rename `checkSecondaryEmailConfirmationCode` to `checkAddSecondaryEmailConfirmationCode`
* Create function `sendCodeAndStoreInSession`
* Create function `sendExistingSecondaryEmailConfirmationCode`
* Create function `_checkConfirmationCode`
* Create function `checkExistingEmailConfirmationCode`
* Rename `resendSecondaryEmailConfirmationCode` to `resendAddSecondaryEmailConfirmationCode`
* Create function `_resendConfirmationCode`
* Create function `resendExistingSecondaryEmailConfirmationCode`
* Add `ResendConfirmationCodeModal`
* Remove `ResendConfirmationEmailButton`
* `bin/run web npm run extract-translations`
* Update frontend test
* Fix: don't throw on render when send-confirmation-code fails!
* Update phrasing in the UI
Per https://docs.google.com/document/d/1PE1vlZWQN--PjmXpyHR9rV2YPd7OIPIsUbnZaHj0cDI/edit?usp=sharing
* Add unit test
* Don't share the "send-confirmation" and "resend-confirmation" rate-limits
* Update frontend test after copy change
* Rename `checkAddSecondaryEmailConfirmationCode` to `checkNewSecondaryEmailConfirmationCode` and `resendAddSecondaryEmailConfirmationCode` to `resendNewSecondaryEmailConfirmationCode`
* Rename `cb` to `beforeConfirmEmail`
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
* Return `422` on missing session data
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
* Add `userId` to log
* Replace `isSecondary` param by `welcomeUser`
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
* Rename `resend-confirm-email-code`'s `existingEmail` to `email`
* Remove "secondary" from rate-limiters
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
* Remove unnecessary `userId` check behind `AuthenticationController.requireLogin()`
* Only open the modal if the code was sent successfully
---------
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
GitOrigin-RevId: df892064641d9f722785699777383b2d863124e1
* Fix `revokeAllUserSessions` call in `_cleanupUser`
The user object should be passed, not the _id
* Change `revokeAllUserSessions` signature, take `req` and `stayLoggedIn` arguments
* Update uses of `revokeAllUserSessions`
* Fix promisified `revokeAllUserSessions` args
* Update tests
* Destroy or Regenerate the session in the end of `revokeAllUserSessions`
Per https://github.com/overleaf/internal/issues/17036#issuecomment-1938398570
* Revert "Destroy or Regenerate the session in the end of `revokeAllUserSessions`"
This reverts commit fe30734dbe45b27d2931d2e43a711d591bb85787.
* Rename `revokeAllUserSessions` to `removeSessionsFromRedis`
* Fixup tests
* Fix: add optional chaining in `req.sessionID` (!!)
GitOrigin-RevId: d41676bf00f463230af495e09c65fb9ee521f49f
* added primary-email-check page, route and controllers
* add `#add-email` internal link in settings to display new email form
* added primary-email-check redirection with split test
* update `lastPrimaryEmailCheck` when the default email address is set
* added `lastPrimaryCheck` to admin panel
* translations for primary-email-check
* acceptance tests for primary-email-check
* [web] multi-submit for primary email check
* Using `confirmedAt` to prevent from displaying primary-email-check page
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
Co-Authored-By: Miguel Serrano <mserranom@gmail.com>
GitOrigin-RevId: d8e3a280439da08038a4487d8bfd7b3b0596e3b5
* Added legacyInternal() 500 to HttpErrorHandler
* replaced HttpErrors.InternalServerError being thrown with calls to HttpHandler.legacyInternal()
GitOrigin-RevId: 0b7086a9693b57cdf93976d4221b90315960e8bb
Antoine Clausse