agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-06-01 21:31:36 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,263 Commits 3 Branches 19 Tags
a45e6a3e09f8e92c4914e7b09321ad9fdcbebef3
Commit Graph

90 Commits

Author SHA1 Message Date
Jakob Ackermann
8aefa058b8 Merge pull request #14825 from overleaf/jpa-debug-bcrypt-get-rounds 
[web] add debug logging for bcrypt.getRounds calls

GitOrigin-RevId: 3fe8dca1d188f4e65d666da19f4bd4697623b7a6
 2023-09-14 08:04:45 +00:00
Jakob Ackermann
17d5a73d99 Merge pull request #14803 from overleaf/jpa-split-test-cache-alpha-beta 
[web] invalidate split test cache when alpha/beta program status changes

GitOrigin-RevId: 3023d2adf8466b48490c51497f5c80e7b0a1fe3d
 2023-09-14 08:04:12 +00:00
Jakob Ackermann
45c9d805dd Merge pull request #14606 from overleaf/jpa-bcrypt-metrics 
[web] add metrics for bcrypt operations

GitOrigin-RevId: 42bf9bedb84295ceea7f660f1daac3adb7b853d9
 2023-09-05 08:04:56 +00:00
Eric Mc Sween
39a396f3a2 Merge pull request #13760 from overleaf/em-fetch-utils-web 
Use fetch-utils in web

GitOrigin-RevId: cbd0298200bbe42567c6e94934bfb5114fa9b66f
 2023-07-17 11:02:40 +00:00
June Kelly
c169797795 Merge pull request #12342 from overleaf/jk-password-ux-please-use-another-password 
[web] Password UX: 'Please use another password'

GitOrigin-RevId: ca9b26cbcf2dabb27c716da314764ee40ffc83dd
 2023-04-12 08:04:13 +00:00
June Kelly
87f6145d36 Merge pull request #12269 from overleaf/jk-enable-password-similarity-check 
[web] Enforce password similarity check

GitOrigin-RevId: 1bc4efebba401663c1db9d209dc560560f160ce0
 2023-03-23 09:04:12 +00:00
Eric Mc Sween
54957e5fcc Merge pull request #12219 from overleaf/em-camel-case-web 
Camel case variables in web

GitOrigin-RevId: 28e61b759b27f71265f33ab64f588374dba610e0
 2023-03-22 09:05:04 +00:00
June Kelly
98cd68d085 Merge pull request #12261 from overleaf/jk-alter-password-similarity 
[web] Alter password-similarity check/metric

GitOrigin-RevId: e9a55b4a86d2b69d6f34c1e2339d32321e08341d
 2023-03-20 09:03:10 +00:00
Eric Mc Sween
73c327ae01 Merge pull request #11869 from overleaf/em-upgrade-mongoose-web 
Upgrade Mongoose and the Mongo driver in web

GitOrigin-RevId: 2cad1aabe57eae424a9e4c68b2e0062f0e78ffaf
 2023-03-01 09:03:27 +00:00
ilkin-overleaf
f046c7d2da Merge pull request #11943 from overleaf/jk-another-password-similarity-metric 
[web] Add another metric for password similarity

GitOrigin-RevId: 6d44796a63f3be85bfee86056e03cfd3bb47066c
 2023-03-01 09:03:02 +00:00
Eric Mc Sween
5fb275392f Merge pull request #11995 from overleaf/em-unnecessary-returns 
Decaf cleanup: unnecessary returns

GitOrigin-RevId: e3c006b0e15095c8cbed2911269f704a7fdd1d57
 2023-02-28 09:03:46 +00:00
Jakob Ackermann
ded855a47a Merge pull request #11817 from overleaf/jk-password-too-similar-metric-refinement 
[web] Refine metrics on password-too-similar validation

GitOrigin-RevId: f644e50e4815b34ad9af5215ebc3c9a082572681
 2023-02-17 09:03:52 +00:00
June Kelly
f4834b630f Merge pull request #11508 from overleaf/jk-password-disallow-substring 
[web] Metric for passwords too similar to email

GitOrigin-RevId: cf8320fc3c9561b4dc6d54a3e97db96400ece2a9
 2023-02-02 18:22:17 +00:00
June Kelly
2b816a6541 Merge pull request #11436 from overleaf/jk-increase-password-min-length-to-8 
[web] Increase the minimum password length to 8 characters

GitOrigin-RevId: 94eb3c5605183b5e189babd3342dc308f403ebbd
 2023-02-02 09:02:56 +00:00
ilkin-overleaf
1649385e9f Merge pull request #10394 from overleaf/ii-password-reset-and-strength-checking 
[web] Password reset strength checking and UI updates

GitOrigin-RevId: 442a5c9e7e9d0a61d3ae649f3526bc3c02fd5704
 2022-12-07 09:03:36 +00:00
ilkin-overleaf
c5cd8b4066 Merge pull request #10193 from overleaf/ii-check-password-for-reuse-remove-samplerate 
Remove sampleRate from metrics.inc when checking password

GitOrigin-RevId: 830383208039e239bb15a1172fea2ff9fb97373f
 2022-10-28 08:04:51 +00:00
June Kelly
1c2fcb45b0 Merge pull request #9951 from overleaf/jk-audit-failed-login-attempts 
[web] Audit failed login attempts

GitOrigin-RevId: 19325f808f77584891e1e12b5ed7aaa16aa6aec9
 2022-10-20 08:03:44 +00:00
Timothée Alby
5a3ca2667e Merge pull request #9983 from overleaf/jpa-web-fix-password-upgrade 
[web] fix process for upgrading of password hashes

GitOrigin-RevId: 3bc99dbd8601c190d758080d70ea1a465bd9e542
 2022-10-18 08:03:11 +00:00
Eric Mc Sween
a79aa95d88 Merge pull request #9894 from overleaf/em-node-fetch-web 
Replace request-promise with node-fetch in web

GitOrigin-RevId: 07dbb6db7fd42326807aaeb18e5ee39f7c3d4668
 2022-10-13 08:04:24 +00:00
Eric Mc Sween
869a68a8e3 Merge pull request #9062 from overleaf/pairining-patch 
[web] fix async form redirect handling for institutional SSO flow

GitOrigin-RevId: 35664e101e43b05771961ac4b6dc49d7ebd8fa44
 2022-10-12 08:04:29 +00:00
June Kelly
0dfaf145ac [web] Password set/reset: reject current password (redux) (#8956) 
* [web] set-password: reject same as current password

* [web] Add 'peek' operation on tokens

This allows us to improve the UX of the reset-password form,
by not invalidating the token in the case where the new
password will be rejected by validation logic.

We give up to three attempts before invalidating the token.

* [web] Add hide-on-error feature to async forms

This allows us to hide the form elements when certain
named error conditions occur.

* [web] reset-password: handle same-password rejection

We also change the implementation to use the new
peekValueFromToken API, and to expire the token explicitely
after it has been used to set the new password.

* [web] Validate OneTimeToken when loading password reset form

* [web] Rate limit GET: /user/password/set

Now that we are peeking at OneTimeToken when accessing this page,
we add rate to the GET request, matching that of the POST request.

* [web] Tidy up pug layout and mongo query for token peeking

Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a
 2022-09-28 08:06:54 +00:00
June Kelly
a831286b2c Merge pull request #9679 from overleaf/jk-fix-the-module-system 
[web] Fix how imports work in the Module system

GitOrigin-RevId: 00cb3bfa19c6af979216b9d5e6104d489c18244b
 2022-09-23 08:04:15 +00:00
Timothée Alby
3bbfbaf215 Merge pull request #9297 from overleaf/ta-galileo-module 
Create Galileo Module

GitOrigin-RevId: 0d9dfeebc150bd6a0d828f55be47f9d9f1a70d66
 2022-08-19 08:04:56 +00:00
Henry Oswald
68b61bbcaf Merge pull request #8939 from overleaf/revert-8882-jk-web-reject-same-password 
Revert "[web] Password set/reset: reject current password"

GitOrigin-RevId: f14f970fe93064658a8659537c5cb417e34e2751
 2022-07-20 08:04:00 +00:00
June Kelly
f83ea0eae9 Merge pull request #8882 from overleaf/jk-web-reject-same-password 
[web] Password set/reset: reject current password

GitOrigin-RevId: 2c40dda4926d9c68564ae5126b3393b9286bb661
 2022-07-20 08:03:36 +00:00
Jakob Ackermann
b027ef95e5 Merge pull request #7986 from overleaf/jpa-eslint-8 
[misc] upgrade eslint packages to the latest version everywhere

GitOrigin-RevId: f1480d4a171acef82fb26c4aa54be3a6088b0ab3
 2022-05-17 08:05:59 +00:00
Eric Mc Sween
7527da7c29 Merge pull request #7906 from overleaf/em-downgrade-logs 
Downgrade all INFO logs to DEBUG

GitOrigin-RevId: 05ed582ef0721fcada059f0ad158565f50feca27
 2022-05-17 08:05:26 +00:00
Eric Mc Sween
1e26ed79af Merge pull request #7752 from overleaf/em-promisify-user-updater 
Finish promisification of UserUpdater

GitOrigin-RevId: 8f32b2248cfd0db4232bd808f337c17bd7f7dbf4
 2022-04-28 08:03:54 +00:00
Alexandre Bourdin
6bbd2e2a77 Merge pull request #7348 from overleaf/ab-login-events 
[web] Add events for login buttons clicks and segmentation to user-logged-in event

GitOrigin-RevId: 6283feb075e2d16c871d3f4ff54fe903937d3263
 2022-04-07 08:04:07 +00:00
Jakob Ackermann
c6f638023f Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app 
[misc] move admin capability from www. to admin. subdomain

GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459
 2022-04-05 12:18:24 +00:00
Jakob Ackermann
23e9f8bf1a Merge pull request #6457 from overleaf/jpa-harden-login 
[web] harden login process

GitOrigin-RevId: 5c0b7cc725efd5e3e879067ad8a42fe46a47b60d
 2022-01-27 09:03:38 +00:00
Jakob Ackermann
b4156cb3be Merge pull request #6417 from overleaf/jpa-device-history 
[web] add cookie/JWE based device history for skipping captcha challenge

GitOrigin-RevId: b091564bfd93f7e587d396c860fd864f220f4b63
 2022-01-27 09:03:34 +00:00
Jakob Ackermann
86741fc86f Merge pull request #6349 from overleaf/jpa-password-strength-checking 
[web] data collection for password strength using HaveIBeenPwned api

GitOrigin-RevId: 7e4d57a979c29027fb7ca5294f3935500a0b4cf3
 2022-01-20 09:03:07 +00:00
June Kelly
b49c6cd8c5 Merge pull request #5976 from overleaf/jk-login-audit-log-type 
[web] Add 'method' info to login audit log

GitOrigin-RevId: 093fe885bc1b688aebd640d6762f031c752191d4
 2022-01-14 09:02:28 +00:00
Brian Gough
ccfa37b49c Merge pull request #6141 from overleaf/bg-update-basic-auth 
[web] remove deprecated basic-auth-connect module

GitOrigin-RevId: b18435c98696858da70f3a715258c3c7a86c3b54
 2021-12-20 09:03:06 +00:00
Eric Mc Sween
e2be63e9ed Merge pull request #5740 from overleaf/em-gcp-logging-web 
Improve GCP logging for web

GitOrigin-RevId: b304c87a3fe46c29189f665eb3daf22c23d6eb8f
 2021-11-11 09:03:09 +00:00
Eric Mc Sween
4d15360439 Merge pull request #5648 from overleaf/em-revert-gcp-logging-web 
Revert "Improve GCP logging for web"

GitOrigin-RevId: 92d446baf62108da1df92146eec12a2fe69d30ee
 2021-11-02 09:03:29 +00:00
Eric Mc Sween
5c4e116ad2 Merge pull request #5632 from overleaf/em-gcp-logging-web 
Improve GCP logging for web

GitOrigin-RevId: 1198fab2e821a55563058171cfa435605216e337
 2021-11-02 09:03:22 +00:00
Jakob Ackermann
18e89dd367 Merge pull request #5367 from overleaf/jpa-node-handle-callback-err 
[misc] fix eslint violations for node/handle-callback-err

GitOrigin-RevId: 83a4900e8861010df1917bff49382bd9c93375bd
 2021-10-28 08:03:26 +00:00
Jakob Ackermann
233aafe0b3 Merge pull request #5375 from overleaf/jpa-401-failed-login 
[web] send a non success status code for failed logins in Server CE/Pro

GitOrigin-RevId: 1aace4456c8602af26a362346bfc462e1476b0f7
 2021-10-07 08:04:49 +00:00
Alexandre Bourdin
79ceacd09f Merge pull request #5051 from overleaf/ab-web-mono-analytics-id 
Analytics ID Support (v2)

GitOrigin-RevId: 707f62697f6566d8aad22e424684d97f7bc147df
 2021-09-13 08:03:14 +00:00
Alexandre Bourdin
a3a04dddd9 Merge pull request #5050 from overleaf/revert-4639-ab-web-mono-analytics-id 
Revert "Analytics ID support"

GitOrigin-RevId: cc5da762ba1bafcbcea65ed0dd86342896b6d1eb
 2021-09-10 08:04:47 +00:00
Alexandre Bourdin
44a8883b6d Merge pull request #4639 from overleaf/ab-web-mono-analytics-id 
Analytics ID support

GitOrigin-RevId: 820a6c0f4d19f046f6c791ce4dc64dbc80748924
 2021-09-10 08:04:31 +00:00
Alexandre Bourdin
9468e5cb4f Merge pull request #4338 from overleaf/ab-session-manager 
Extract functions from AuthenticationController to SessionManager

GitOrigin-RevId: 86870ce03a762e1a837dcf493759e8851e759883
 2021-07-28 12:36:22 +00:00
Jakob Ackermann
5e773ce950 Merge pull request #4101 from overleaf/ae-settings-module 
Migrate from `settings-sharelatex` to `@overleaf/settings`

GitOrigin-RevId: 9a298ba26382180c1351683c5fddc9004418c1e6
 2021-07-08 02:08:28 +00:00
Timothée Alby
0ed07ec0b6 Merge pull request #4214 from overleaf/ta-inbound-register 
Track Inbound Properties on Registration

GitOrigin-RevId: b7ff041ef6a2401683bdbf55756f332d78768f11
 2021-06-22 02:07:34 +00:00
Alf Eaton
29b92615ce Merge pull request #4156 from overleaf/ae-login-log 
Improve login error logging

GitOrigin-RevId: 0af1214890b014294077e585ec20f83fbb425c76
 2021-06-11 02:06:42 +00:00
Alexandre Bourdin
e2d116e8be Merge pull request #4149 from overleaf/ab-user-registration-properties 
Track registration sources as user properties

GitOrigin-RevId: 1c1346d092808aff49c89c1659f42674506a919d
 2021-06-11 02:05:50 +00:00
Jakob Ackermann
95c83866c5 Merge pull request #4112 from overleaf/tm-private-api-basic-auth 
Add requireBasicAuth middleware and refactor httpAuth to use it

GitOrigin-RevId: 7f68c0dc4a40102bfe4a97711def517e465ec7fd
 2021-06-01 02:05:46 +00:00
Miguel Serrano
f9871103bf Merge pull request #3949 from overleaf/msm-reenable-eslint-const-rule 
Reenable eslint `prefer-const` rule

GitOrigin-RevId: 4f3825be8b8dff381095209085a36eaab76260d5
 2021-05-06 02:09:14 +00:00