Instead of using sequelize-cli and ensure migrations by shellscript,
this patch automates database migrations properly to the umzug library.
The sequelize CLI becomes a dev dependencies as it's still useful for
generating migrations.
This should eliminate the need for crude generating of database config
files and alike. Instead we utilize the pre-configured sequelize
connection that CodiMD will use anyway.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Our frontend requests the `/me` pathname in order to determine whether
it's logged in or not. Due to the fact that the sameSite attribute of
the session cookie was set to `strict` in a previous commit, the session
token was no longer sent along with HTTP calls initiated by JS. This is
due to the RFCs definition of "safe" HTTP calls in RFC7231.
The bug triggers the UI to show up like an unauthenticated user, even
after a successful login. In order to debug it a look into the send
cookies to the `/me` turned out to be very enlightening.
The fix this patch implements is rather simple, it replaces the sameSite
attribute to `lax` which enables the cookies for those requests again.
Some older and mobile clients were unaffected by this due to the lack of
implementations of sameSite policies.
References:
https://tools.ietf.org/html/rfc7231#section-4.2.1https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-05#section-5.3.7.1https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSitee77e7b165a
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
We enabled the `secure` flag for various cookies in previous commits.
This caused setups behind reverse proxies to drop cookies as the nodejs
instance wasn't aware of the fact that it was able to hand out secure
commits using an insecure connection (between the codimd instance and
the reverse proxy).
This patch makes express, the webserver framework we use, aware of
proxies and this way re-enabled the handing out of cookies. Not only the
cookie monster will enjoy, but also functionality like authentication
and real-time editing will return as intended.
References:
https://www.npmjs.com/package/express-session#cookiesecure383d791a50
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
While HSTS should take care of most of this, setting cookies to be
secure, and only applied on same site helps to improve situations where
for whatever reason, downgrade attacks are still a thing.
This patch adds the `sameSite` and `secure` to the session cookie and
this way prevent all accidents where a browser may doesn't support HSTS
or HSTS is intentionally dropped.
Reference:
https://www.npmjs.com/package/express-session#cookiesecure
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
According to https://github.com/socketio/socket.io/issues/2276 this cookie is not used for anything. To avoid browser warnings about the sameSite attribute, we disable it here.
Signed-off-by: David Mehren <dmehren1@gmail.com>
Modern browsers do not support (or will stop supporting) sameSite: none (or no sameSite attribute) without the Secure flag. As we don't want everyone to be able to make requests with our cookies anyway, this commit sets sameSite to strict. See https://developer.mozilla.org/de/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Signed-off-by: David Mehren <dmehren1@gmail.com>
Previously, upon receiving a termination signal, the process tries to
flush all changes to the database, retrying every 0.1s until it
succeeds. However, if the database is not set up properly, this always
fails, and spams the terminal/logging with the error message 10 times a
second.
If the user sends another termination signal, the handleTermSignal
function is called once again, and we get twice the number of error
messages.
This commit changes the behaviour in various ways.
(1) It lowers the retry rate to 0.5s, and aborts after 30 seconds.
(2) If the write to the database errored, the error message explains
that this is due to us flushing the final changes.
(3) We replace realtime.maintenance with realtime.state, which is an
Enum with three possible states --- Starting, Running, and Stopping.
If a termination signal is received in the starting state, the
process simply aborts because there is nothing to clean up. This is
the case when the database is misconfigured, since the application
starts up only after connecting to the databse. If it is in the
Stopping state, the handleTermSignal function returns because
another instance of handleTermSignal is already running.
Fixes#408
Signed-off-by: Dexter Chua <dec41@srcf.net>
This allows configuring the group and mode of the unix socket after it
has been created to allow reverse proxies to access it. Fixes#317.
I decided to call `chown` and `chgrp` directly to change the owner and
group (the former will almost definitely not be called; only root can
chown a file to another user, and you are not running codimd as root. It
is included for consistency).
The nodejs chown/chgrp functions only accepts uid and gid, not the names
of the user or group. The standard way to convert a group name into a gid
is the `uid-number` package. The way this package works is that
1. It spawns a new nodejs process
2. The new nodejs process calls nodejs' setgid function, which *does*
accept both the group name and gid
3. It then calls getuid to retrieve the uid of the process, and returns
it to the parent process via stdout.
While this *works*, it is hacky, and if we are spawning a process
anyway, might as well call `chgrp` directly.
This does not update the documentation because we are merging into
release/2.0.x but master reworks the configuration section of the
documentation, so there will be a conflict when we merge anyway.
Signed-off-by: Dexter Chua <dalcde@yahoo.com.hk>
