renovate[bot]
71fd021d80
chore(deps): update dependency @types/node to v16.11.19 ( #1958 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-08 02:03:41 +00:00
Yannick Bungers
9ecf7ba2be
Merge pull request #1935 from hedgedoc/feature/verify-password-change
2022-01-04 10:36:09 +01:00
David Mehren
85e7643b95
Merge pull request #1934 from hedgedoc/refactor/frontend-config/auth-providers
2022-01-04 10:08:58 +01:00
Erik Michelson
f581eeae79
Rename local password check method
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2022-01-03 23:45:43 +01:00
Erik Michelson
53f86919e3
refactor(frontend-config): return auth providers as array
...
This change removes the customAuthNames property and redefines the
authProviders property of the frontend-config DTO. Instead of an
map from auth providers to their enabled-state (boolean), there is
now an array that just includes the configured auth providers while
also having the identifier and providerName of custom auth providers.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2022-01-03 22:22:45 +01:00
David Mehren
745a1078f1
Merge pull request #1827 from hedgedoc/enhancement/lazy_load_relations
2022-01-03 19:51:39 +01:00
renovate[bot]
cbd2d3236a
chore(deps): update dependency mkdocs-material to v8.1.4 ( #1948 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-02 14:07:03 +00:00
David Mehren
eceddb062a
Merge pull request #1943 from hedgedoc/renovate/develop-linters
2022-01-02 11:33:09 +01:00
David Mehren
cde3d43e4c
Merge pull request #1944 from hedgedoc/renovate/develop-rxjs-7.x
2022-01-02 11:32:38 +01:00
David Mehren
331bb572c5
Merge pull request #1942 from hedgedoc/renovate/develop-test-packages
2022-01-02 11:32:07 +01:00
Renovate Bot
34f56d0aa4
fix(deps): update dependency rxjs to v7.5.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-01-02 00:15:16 +00:00
Renovate Bot
6bf2493e17
chore(deps): update dependency eslint to v8.6.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-01-02 00:14:55 +00:00
Renovate Bot
74be984f9e
chore(deps): update dependency @types/jest to v27.4.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-01-02 00:14:36 +00:00
renovate[bot]
810afafe15
chore(deps): update dependency eslint-plugin-jest to v25.3.4 ( #1946 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-02 00:13:03 +00:00
renovate[bot]
8d3c76560b
chore(deps): update dependency eslint-plugin-jest to v25.3.3 ( #1941 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-01 08:32:54 +00:00
Erik Michelson
eda6835403
feat(auth): password change requires old password
...
By checking the "old" password of the user prior to a password change, the
password change function is more secured against abuse.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-12-28 02:09:05 +01:00
David Mehren
149369d19a
Merge pull request #1932 from hedgedoc/renovate/develop-lock-file-maintenance
2021-12-27 20:34:36 +01:00
Renovate Bot
76a6518eb0
chore(deps): lock file maintenance
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-12-27 19:28:45 +00:00
David Mehren
6dafb102d6
Merge pull request #1930 from hedgedoc/renovate/develop-linters
2021-12-27 20:22:41 +01:00
Renovate Bot
3aee96051b
chore(deps): update linters to v5.8.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-12-27 19:15:06 +00:00
renovate[bot]
a343151b6d
chore(deps): update definitelytyped ( #1929 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-25 02:49:05 +00:00
David Mehren
b469050f57
Merge pull request #1795 from Chasethechicken/docs/dev-getting-started
2021-12-21 17:24:47 +01:00
Chasethechicken
146523b5b4
Correct documentation on how to access Hedgedoc
...
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
2021-12-21 10:37:48 +01:00
Chasethechicken
a0cfc2bc06
Apply suggestions from code review
...
Use real backend by default.
Start server with NODE_ENV set to development mode.
Co-authored-by: David Mehren <git@herrmehren.de>
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
2021-12-20 13:16:01 +01:00
Falk Rehse
eaa4d45d23
Improve wording
...
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
2021-12-20 13:16:01 +01:00
Chasethechicken
fca8aa1777
Remove paragraph about development setup
...
As this is documented in dev/getting-started.md
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
2021-12-20 13:15:58 +01:00
Chasethechicken
b813a19614
Add note about proxy
...
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
2021-12-20 13:14:29 +01:00
Chasethechicken
954c751cca
Remove section about production deployments
...
As this is meant to document a development setup.
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
2021-12-20 13:14:29 +01:00
Chasethechicken
a3a2ffea6d
Add Docs for getting started with 2.0
...
This page describes how to set up HedgeDoc 2 for local development.
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
2021-12-20 13:14:29 +01:00
renovate[bot]
d5fdd5c5b4
chore(deps): lock file maintenance ( #1925 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-20 02:40:27 +00:00
renovate[bot]
2c62572379
chore(deps): update dependency mkdocs-material to v8.1.3 ( #1922 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-19 15:10:41 +00:00
David Mehren
87a92726a3
Merge pull request #1917 from hedgedoc/renovate/develop-swagger-ui-express-4.x
2021-12-18 13:00:27 +01:00
David Mehren
41f160bace
Merge pull request #1916 from hedgedoc/renovate/develop-linters
2021-12-18 12:59:59 +01:00
Renovate Bot
2a429ed991
fix(deps): update dependency swagger-ui-express to v4.3.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 11:11:02 +00:00
Renovate Bot
643ee76b48
chore(deps): update linters
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 11:10:45 +00:00
renovate[bot]
5b94ff612e
fix(deps): update dependency passport to v0.5.2 ( #1915 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 11:09:08 +00:00
renovate[bot]
1eef128ca2
chore(deps): update test packages ( #1914 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 10:46:31 +00:00
renovate[bot]
fbe330a30a
chore(deps): update nestjs packages ( #1913 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 10:33:51 +00:00
renovate[bot]
51c823cd41
chore(deps): update dependency typescript to v4.5.4 ( #1912 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 08:50:08 +00:00
renovate[bot]
d41057efa1
chore(deps): update dependency mkdocs-material to v8.1.2 ( #1911 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 05:33:39 +00:00
renovate[bot]
124acd5073
chore(deps): update dependency @types/node to v16.11.14 ( #1910 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-18 03:48:12 +00:00
David Mehren
9de7f5ea21
Merge pull request #1882 from hedgedoc/fix/auth_token_hash
2021-12-14 19:41:36 +01:00
David Mehren
1957a39356
docs: explain the choice of sha-512 for auth tokens
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-14 19:37:15 +01:00
David Mehren
3e074d1879
fix(auth): use sha-512 for auth tokens
...
Bcrypt hashes are too slow to be validated on every request.
As our tokens are random and have a fixed length, it is reasonable
to use SHA-512 instead.
SHA-512 is recommended as cryptographically strong by the BSI:
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf?__blob=publicationFile
Fixes https://github.com/hedgedoc/hedgedoc/issues/1881
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 22:44:38 +01:00
David Mehren
e21b5e695d
refactor(identity): lazy-load relations
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 21:45:03 +01:00
David Mehren
977ed4b9fa
refactor(user): lazy-load relations
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 21:45:03 +01:00
David Mehren
4483d2b898
refactor(session): lazy-load relations
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 21:45:03 +01:00
David Mehren
2da6faa4b4
refactor(revision): lazy-load relations
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 21:45:03 +01:00
David Mehren
e73bd7c030
refactor(edit): lazy-load relations
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 21:45:03 +01:00
David Mehren
c5c7307552
docs(permissions): document why we can't lazy-load
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 21:45:03 +01:00