Commit graph

4074 commits

Author SHA1 Message Date
renovate[bot]
54d1439dc5
fix(deps): update dependency node-fetch to v2.6.4 (#1662)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-21 15:25:35 +00:00
Erik Michelson
c383206afd
Update security.md to match state in master branch
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-09-21 15:20:40 +02:00
Philip Molares
aaef0f72ba feat: add list of aliases to note entity
One of the aliases can be primary for each note, but all can be used to get information from the apis.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-21 15:14:00 +02:00
Philip Molares
7dd4f97d64 chore: add PrimaryAliasDeletionForbiddenError
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-21 15:14:00 +02:00
Philip Molares
dd2667b523 chore: add alias dtos
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-21 15:14:00 +02:00
David Mehren
990665745a
Merge pull request #1663 from hedgedoc/fix/issue_template_titles
Add missing title property to issue templates
2021-09-21 15:10:07 +02:00
David Mehren
acc17abb7c Add missing title property to issue templates
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-21 15:04:21 +02:00
David Mehren
90b74a3cf2
Merge pull request #1645 from hedgedoc/new-issue-templates
Use GitHub issue forms
2021-09-21 14:57:39 +02:00
renovate[bot]
df3ad63645
chore(deps): update dependency @types/jest to v27.0.2 (#1661)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-21 04:04:44 +00:00
renovate[bot]
6a8e34a3ff
fix(deps): update dependency node-fetch to v2.6.3 (#1660)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-20 23:33:07 +00:00
renovate[bot]
50c7f4a6e5
chore(deps): update dependency ts-loader to v9.2.6 (#1659)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-20 21:58:44 +00:00
renovate[bot]
4081def3db
chore(deps): update linters to v4.31.2 (#1658)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-20 19:16:34 +00:00
renovate[bot]
7159d616f4
chore(deps): update dependency jest to v27.2.1 (#1624)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-20 15:21:31 +00:00
renovate[bot]
1d78babc04
chore(deps): update dependency mkdocs-material to v7.2.8 (#1657)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-20 13:02:26 +00:00
renovate[bot]
0b9936b45e
chore(deps): lock file maintenance (#1655)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-20 02:00:07 +00:00
renovate[bot]
5069aa0a78
chore(deps): update dependency mkdocs-material to v7.2.7 (#1653)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-19 16:24:07 +00:00
renovate[bot]
76be847866
fix(deps): update dependency eslint-plugin-jest to v24.4.2 (#1648)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-17 10:18:05 +00:00
renovate[bot]
b67dc943d0
chore(deps): update dependency @types/node to v14.17.17 (#1647)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-17 02:37:16 +00:00
renovate[bot]
16724df739
chore(deps): pin dependencies (#1646)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-17 00:45:34 +00:00
Yannick Bungers
83f0bbb986
Merge pull request #1517 from hedgedoc/privateApi/auth/email
Add local login with username and password
2021-09-17 00:06:17 +02:00
Philip Molares
67baa51b93 feat: add auth e2e tests
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
b153615637 feat: add auth controller with internal login, registration, password change and logout
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
1a96900224 feat: add LoginEnabledGuard and RegistrationEnabledGuard
These guards check if the login or registration are enabled in the config. If so the guarded method is executed, if not the client will get the HTTP Error 400 Forbidden as an answer

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
53f5713905 fix: update seed.ts
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
28be215aad feat: add session handling
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
ce68184578 feat: add identity module
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
9fa0994497 feat: add local auth strategy
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
6ad11e47cc feat: add identity service
This service handles all the authentication of the private api.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
021a0c9440 feat: add getFirstIdentityFromUser helper function
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
cda8c7ac63 feat: change email auth config to local
This was done to use the same term. Also email was the old term from HedgeDoc 1 and wildly inaccurate. As we never checked any mail addresses, in fact it was more of a username than anything else.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
df08d56f28 feat: add session to AuthConfig
this handles the settings for the cookie session. The secret and the lifeTime of the cookie can be configured.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
a2e89c7c97 feat: add local auth dtos
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
5985c4e67d chore: add user relation enum
this enum is used to specify which relation of the user object should be populated.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
e37caf1e6a feat: lazy load identities of user object
This makes it possible that we can get identities from any user object even if we didn't specify that while getting them from the orm

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
b2da8a2b95 chore: move identity entity in its own folder
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
87a5f77abe chore: move password related functions from AuthService to utils file
As these methods will be used in both the AuthService and the IdentityService, it makes sense to extract them and use them in this manner. Especially if one considers that they are quite standalone functions.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
4938d308b0 feat: add ProviderType enum
This is used to give identities a type and to easily get the identity any auth method would need.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
fc6f5aa8a8 chore: add passport-local dependency
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:54 +02:00
Erik Michelson
ebe7683cb9
Use GitHub issue forms
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-09-16 23:44:23 +02:00
renovate[bot]
f0262c362f
chore(deps): update dependency prettier to v2.4.1 (#1638)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-16 12:05:49 +00:00
renovate[bot]
344369a994
chore(deps): update dependency @types/node to v14.17.16 (#1634)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-15 00:18:47 +00:00
David Mehren
63e7e1c524
Merge pull request #1627 from hedgedoc/renovate/develop-typescript-4.4.x
chore(deps): update dependency typescript to v4.4.3 (develop)
2021-09-13 20:08:43 +02:00
David Mehren
18ddbbecbc
Merge pull request #1626 from hedgedoc/renovate/develop-azure-storage-blob-12.x
fix(deps): update dependency @azure/storage-blob to v12.8.0 (develop)
2021-09-13 20:07:36 +02:00
Renovate Bot
93bde5a4b8
fix(deps): update dependency @azure/storage-blob to v12.8.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 18:02:31 +00:00
Renovate Bot
88539f1b96
chore(deps): update dependency typescript to v4.4.3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 18:02:18 +00:00
David Mehren
7a76f2e1c9
Merge pull request #1625 from hedgedoc/renovate/develop-prettier-2.x
chore(deps): update dependency prettier to v2.4.0 (develop)
2021-09-13 19:59:39 +02:00
renovate[bot]
877326717f
chore(deps): update dependency @typescript-eslint/parser to v4.31.1 (#1630)
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 17:59:24 +00:00
Renovate Bot
86a4bac786
chore(deps): update dependency prettier to v2.4.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 17:49:41 +00:00
David Mehren
8093fe4f74
Merge pull request #1514 from hedgedoc/privateApi/auth/docs
docs: add documentation on private api authentication
2021-09-13 19:48:00 +02:00
David Mehren
cbc6be31d5
Merge pull request #1629 from hedgedoc/renovate/develop-test-packages
chore(deps): update dependency jest to v27.2.0 (develop)
2021-09-13 19:44:27 +02:00