Philip Molares
74fd7abfb2
openapi: adds auth to all public api routes
...
See:
https://docs.nestjs.com/openapi/security
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:30:02 +01:00
Philip Molares
8d89614a4d
auth: adds token-auth to public api
...
adds auth service
adds auth module
adds token-auth strategy
adds token-auth to all public api calls
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:59 +01:00
Philip Molares
9a65a9bd29
private: Add until to token creation
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:53 +01:00
Philip Molares
e8cdbdd677
private: removes collision check for tokens
...
this seems very unnecessary as the chance of this is 1 / 2^512
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:53 +01:00
Philip Molares
0a1c3426c0
private: fixed token generation bugs
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:53 +01:00
Philip Molares
0bd7a8f4bc
db-schema: updates plantuml
...
adds identifier and createdAt to AuthToken
renames authToken in User to authTokens
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
5e6e5d0e5f
private: save token hashed
...
Auth tokens are now saved in hashed form.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
37a9f6526b
auth: hash auth token
...
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
15ca030b67
auth: add hash function
...
the hash function uses bcrypt with 2^16 iterations.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
025f24122c
private: adds tokens controller
...
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
a4522d7230
auth: hash auth token
...
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Philip Molares
cbf6ac912a
private: adds tokens controller
...
adds private api
adds AuthTokenDto and AuthTokenWithSecretDto
adds necessary methods in the users service
adds RandomnessError
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-25 21:29:52 +01:00
Yannick Bungers
b586b9ffb2
Merge pull request #761 from hedgedoc/renovate/lock-file-maintenance
...
chore(deps): lock file maintenance
2021-01-25 21:26:31 +01:00
Renovate Bot
cfef216241
chore(deps): lock file maintenance
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-25 20:21:20 +00:00
David Mehren
da0e79c741
Merge pull request #764 from hedgedoc/renovate/linters
...
chore(deps): update linters to v4.14.1
2021-01-25 21:20:41 +01:00
Renovate Bot
2f126452ee
chore(deps): update linters to v4.14.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-25 19:38:27 +00:00
David Mehren
86a1ad9261
Merge pull request #762 from hedgedoc/renovate/test-packages
2021-01-25 12:01:45 +01:00
Renovate Bot
f37c131894
chore(deps): update dependency supertest to v6.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-25 06:43:08 +00:00
Yannick Bungers
9c6845f22b
Merge pull request #757 from hedgedoc/fix/databasename
...
Make database names consistent
2021-01-23 23:00:18 +01:00
Yannick Bungers
17ceb9c31f
Removed special table name in Note object
...
and changed table names in plantuml file
Signed-off-by: Yannick Bungers <git@innay.de>
2021-01-23 22:26:49 +01:00
David Mehren
db02621d49
Merge pull request #756 from nidico/fix-contributing-dco-link
2021-01-22 18:05:32 +01:00
David Mehren
33a8d2ee26
Merge pull request #753 from hedgedoc/renovate/nestjs-packages
...
fix(deps): update nestjs packages
2021-01-22 18:02:58 +01:00
Nicolas Dietrich
d1ae76a5f9
Fix link to DCO in contributing docs
...
Signed-off-by: Nicolas Dietrich <nidi@mailbox.org>
2021-01-22 17:07:42 +01:00
Renovate Bot
2f575600af
fix(deps): update nestjs packages
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-22 13:53:55 +00:00
David Mehren
bc62999fc6
Merge pull request #745 from hedgedoc/config/imporveErrorMessages
...
config: Improve error messages
2021-01-21 22:17:57 +01:00
David Mehren
61920806b9
Merge pull request #749 from hedgedoc/renovate/nestjs-packages
...
fix(deps): update dependency @nestjs/swagger to v4.7.12
2021-01-21 21:42:17 +01:00
Philip Molares
454a883f17
config: Improve error messages
...
Add labels to most Joi objects
Convert all auth variable insert names to upper case to prevent inconsistent naming of the variables
Rewrite auth errors to correctly point out the problematic variable
Add tests for the config utils functions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-21 21:35:59 +01:00
Renovate Bot
519c191b42
fix(deps): update dependency @nestjs/swagger to v4.7.12
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-21 14:57:08 +00:00
David Mehren
5cb1f29a2c
Merge pull request #737 from hedgedoc/renovate/linters
...
Update linters
2021-01-19 12:59:59 +01:00
David Mehren
9b552a6ead
Merge pull request #733 from hedgedoc/config/split
2021-01-19 12:58:23 +01:00
Philip Molares
9c3d329bc9
tests: Removed unnecessary import of appConfigMock
...
As suggested by an review of David Mehren
Co-authored by: David Mehren <git@herrmehren.de>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-19 12:45:36 +01:00
Renovate Bot
a949d307d9
Update linters
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-19 10:06:59 +00:00
David Mehren
ec567aba22
Merge pull request #739 from hedgedoc/renovate/mkdocs-material-6.x
...
Update dependency mkdocs-material to v6.2.5
2021-01-19 11:06:27 +01:00
Philip Molares
2c4098dc55
config: splits config in multiple files
...
splits the big appConfig in multiple configs
adds media.config.mock.ts
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 21:19:45 +01:00
Philip Molares
4f6d15439c
config: removes unnecessary options
...
removes options that we don't need from the config
removes linkify-header-style.enum.ts
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-17 21:19:45 +01:00
Renovate Bot
c4fbe53a51
Update dependency mkdocs-material to v6.2.5
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-17 10:38:44 +00:00
David Mehren
7e8e003e14
Merge pull request #734 from hedgedoc/renovate/test-packages
...
Update dependency supertest to v6.1.1
2021-01-15 22:48:06 +01:00
Yannick Bungers
0d95c29df2
Merge pull request #709 from hedgedoc/fix/api-notes-metadata
2021-01-15 22:47:52 +01:00
Renovate Bot
bc6f591cac
Update dependency supertest to v6.1.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-15 21:45:12 +00:00
David Mehren
35fb7f3433
Merge pull request #732 from hedgedoc/renovate/nestjs-packages
...
Update dependency @nestjs/swagger to v4.7.11
2021-01-15 22:44:38 +01:00
Renovate Bot
6eef37bed7
Update dependency @nestjs/swagger to v4.7.11
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-15 21:34:51 +00:00
David Mehren
a70ebb2677
Merge pull request #731 from hedgedoc/renovate/definitelytyped
...
Update dependency @types/node to v13.13.40
2021-01-15 22:34:13 +01:00
Renovate Bot
bf3a35a44b
Update dependency @types/node to v13.13.40
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-15 21:28:54 +00:00
David Mehren
4dcb380549
Merge pull request #726 from hedgedoc/renovate/class-transformer-0.x
...
Update dependency class-transformer to v0.3.2
2021-01-15 22:28:00 +01:00
Renovate Bot
0a40edf8a7
Update dependency class-transformer to v0.3.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-15 21:24:49 +00:00
David Mehren
695e343b8e
Merge pull request #725 from hedgedoc/renovate/class-validator-0.x
...
Update dependency class-validator to v0.13.1
2021-01-15 22:23:38 +01:00
Renovate Bot
6018760779
Update dependency class-validator to v0.13.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-14 05:45:22 +00:00
David Mehren
9bc68671c0
Merge pull request #711 from hedgedoc/renovate/lock-file-maintenance
...
Lock file maintenance
2021-01-13 22:58:24 +01:00
Renovate Bot
251ffcb5dc
Lock file maintenance
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-01-13 21:32:17 +00:00
David Mehren
2925d85ea3
Merge pull request #723 from hedgedoc/renovate/pin-dependencies
...
Pin dependencies
2021-01-13 22:31:38 +01:00