Philip Molares
1a96900224
feat: add LoginEnabledGuard and RegistrationEnabledGuard
...
These guards check if the login or registration are enabled in the config. If so the guarded method is executed, if not the client will get the HTTP Error 400 Forbidden as an answer
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
53f5713905
fix: update seed.ts
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
28be215aad
feat: add session handling
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-17 00:00:00 +02:00
Philip Molares
ce68184578
feat: add identity module
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
9fa0994497
feat: add local auth strategy
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
6ad11e47cc
feat: add identity service
...
This service handles all the authentication of the private api.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
021a0c9440
feat: add getFirstIdentityFromUser helper function
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
cda8c7ac63
feat: change email auth config to local
...
This was done to use the same term. Also email was the old term from HedgeDoc 1 and wildly inaccurate. As we never checked any mail addresses, in fact it was more of a username than anything else.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
df08d56f28
feat: add session to AuthConfig
...
this handles the settings for the cookie session. The secret and the lifeTime of the cookie can be configured.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
a2e89c7c97
feat: add local auth dtos
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
5985c4e67d
chore: add user relation enum
...
this enum is used to specify which relation of the user object should be populated.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
e37caf1e6a
feat: lazy load identities of user object
...
This makes it possible that we can get identities from any user object even if we didn't specify that while getting them from the orm
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
b2da8a2b95
chore: move identity entity in its own folder
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
87a5f77abe
chore: move password related functions from AuthService to utils file
...
As these methods will be used in both the AuthService and the IdentityService, it makes sense to extract them and use them in this manner. Especially if one considers that they are quite standalone functions.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
4938d308b0
feat: add ProviderType enum
...
This is used to give identities a type and to easily get the identity any auth method would need.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:59 +02:00
Philip Molares
fc6f5aa8a8
chore: add passport-local dependency
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-16 23:59:54 +02:00
Erik Michelson
ebe7683cb9
Use GitHub issue forms
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-09-16 23:44:23 +02:00
renovate[bot]
f0262c362f
chore(deps): update dependency prettier to v2.4.1 ( #1638 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-16 12:05:49 +00:00
renovate[bot]
344369a994
chore(deps): update dependency @types/node to v14.17.16 ( #1634 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-15 00:18:47 +00:00
David Mehren
63e7e1c524
Merge pull request #1627 from hedgedoc/renovate/develop-typescript-4.4.x
...
chore(deps): update dependency typescript to v4.4.3 (develop)
2021-09-13 20:08:43 +02:00
David Mehren
18ddbbecbc
Merge pull request #1626 from hedgedoc/renovate/develop-azure-storage-blob-12.x
...
fix(deps): update dependency @azure/storage-blob to v12.8.0 (develop)
2021-09-13 20:07:36 +02:00
Renovate Bot
93bde5a4b8
fix(deps): update dependency @azure/storage-blob to v12.8.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 18:02:31 +00:00
Renovate Bot
88539f1b96
chore(deps): update dependency typescript to v4.4.3
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 18:02:18 +00:00
David Mehren
7a76f2e1c9
Merge pull request #1625 from hedgedoc/renovate/develop-prettier-2.x
...
chore(deps): update dependency prettier to v2.4.0 (develop)
2021-09-13 19:59:39 +02:00
renovate[bot]
877326717f
chore(deps): update dependency @typescript-eslint/parser to v4.31.1 ( #1630 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 17:59:24 +00:00
Renovate Bot
86a4bac786
chore(deps): update dependency prettier to v2.4.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 17:49:41 +00:00
David Mehren
8093fe4f74
Merge pull request #1514 from hedgedoc/privateApi/auth/docs
...
docs: add documentation on private api authentication
2021-09-13 19:48:00 +02:00
David Mehren
cbc6be31d5
Merge pull request #1629 from hedgedoc/renovate/develop-test-packages
...
chore(deps): update dependency jest to v27.2.0 (develop)
2021-09-13 19:44:27 +02:00
David Mehren
8dc504f9ea
Merge pull request #1622 from hedgedoc/renovate/develop-linters
...
chore(deps): update linters (develop) (minor)
2021-09-13 19:43:49 +02:00
Renovate Bot
74ee75d92b
chore(deps): update linters
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 17:19:57 +00:00
Renovate Bot
73e1e96e79
chore(deps): update dependency jest to v27.2.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 08:47:08 +00:00
Philip Molares
bf3ec53c78
docs: add documentation on private api authentication
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-09 21:08:23 +02:00
David Mehren
67297f71a4
Merge pull request #1595 from Abhilasha06/deleteRevisions
...
Add new API to purge note history
2021-09-07 18:09:42 +02:00
Abhilasha Sinha
9d6aa10923
Add new API to purge note history #1064
...
Signed-off-by: Abhilasha Sinha <abhisinha662000@gmail.com>
Combine the describe block
Signed-off-by: Abhilasha Sinha <abhisinha662000@gmail.com>
Fix naming
Signed-off-by: Abhilasha Sinha <abhisinha662000@gmail.com>
Rename purgeRevision to purgeRevisions
Signed-off-by: Abhilasha Sinha <abhisinha662000@gmail.com>
Fix notes e2e test description
Signed-off-by: Abhilasha Sinha <abhisinha662000@gmail.com>
Add yarn.lock
Fix lint and format
Signed-off-by: Abhilasha Sinha <abhisinha662000@gmail.com>
2021-09-07 21:23:26 +05:30
renovate[bot]
8c8a32b6c4
chore(deps): update dependency @types/node to v14.17.15 ( #1623 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-07 10:22:27 +00:00
renovate[bot]
32c42bfbc9
fix(deps): update dependency node-fetch to v2.6.2 ( #1621 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-06 14:32:50 +00:00
David Mehren
7c618e7f9f
Merge pull request #1613 from hedgedoc/merge/tokenGuardAndStrategy
2021-09-06 12:12:44 +02:00
David Mehren
fe35f507b6
Merge pull request #1589 from hedgedoc/enhancement/getnotepipe
2021-09-06 12:12:15 +02:00
renovate[bot]
1d69dbf6fe
chore(deps): lock file maintenance ( #1620 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-06 04:53:58 +00:00
renovate[bot]
d00b3a75e6
chore(deps): lock file maintenance ( #1618 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-06 02:24:16 +00:00
David Mehren
9d21b5b786
Merge pull request #1615 from hedgedoc/readme-demo-develop
...
Update readme link to explanation page
2021-09-05 19:24:50 +02:00
Erik Michelson
419adb85bf
Update readme link to explanation page
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-09-05 11:57:45 +02:00
David Mehren
0dc472bba8
RevisionsService: Refactor getFirst/LastRevision
...
The functions now expect a `Note` object instead of a noteId to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 22:40:15 +02:00
David Mehren
5c7a787d7e
MediaService: Refactor saveFile
...
The function now expects a `Note` object instead of a noteId
and a `User` instead of a username to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 22:40:15 +02:00
David Mehren
279d90dad1
HistoryService: Remove getEntryByNoteIdOrAlias
...
As we now have a GetNotePipe, we can easily get rid of this function.
All clients can directly provide a `Note` instance
and use `getEntryByNote`.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 22:40:15 +02:00
David Mehren
b552fc10b6
HistoryService: Refactor deleteHistoryEntry
...
The function now expects a `Note` object instead of a noteId to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 22:40:15 +02:00
David Mehren
c515569299
HistoryService: Refactor updateHistoryEntry
...
The function now expects a `Note` object instead of a noteId to
make it more consistent with `updateHistoryEntryTimestamp`.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 22:40:15 +02:00
David Mehren
99db4bc336
UserService: Improve method naming
...
This renames `createOrUpdateHistoryEntry` to `updateHistoryEntryTimestamp`,
which reduces confusion with the similarly named
`updateHistoryEntry` function.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 22:40:15 +02:00
David Mehren
f667410b51
Public API: Test that forbidden notes can't be accessed
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 22:40:15 +02:00
David Mehren
ea2dfafbd0
Private API: Use GetNotePipe
...
This replaces repeated calls to `noteService.getNoteByIdOrAlias`
and associated error handling with the `GetNotePipe`
in the `Param` decorator.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-09-04 21:42:54 +02:00