June Kelly
53b78ad68b
Merge pull request #11590 from overleaf/jk-password-reset-ux-improvements
...
[web] Password Reset UX Improvements
GitOrigin-RevId: d62575ff965e045823bfb7268db892188cf709ed
2023-02-10 16:33:14 +00:00
Eric Mc Sween
fe963ba692
Merge pull request #9956 from overleaf/em-node-fetch-web
...
Replace request-promise with fetch in web acceptance tests
GitOrigin-RevId: f50357cdea2d1353d7a82c5346b149018f91823f
2022-10-18 08:03:25 +00:00
June Kelly
3288f87dbe
[web] Password set/reset: reject current password (redux) ( #8956 )
...
* [web] set-password: reject same as current password
* [web] Add 'peek' operation on tokens
This allows us to improve the UX of the reset-password form,
by not invalidating the token in the case where the new
password will be rejected by validation logic.
We give up to three attempts before invalidating the token.
* [web] Add hide-on-error feature to async forms
This allows us to hide the form elements when certain
named error conditions occur.
* [web] reset-password: handle same-password rejection
We also change the implementation to use the new
peekValueFromToken API, and to expire the token explicitely
after it has been used to set the new password.
* [web] Validate OneTimeToken when loading password reset form
* [web] Rate limit GET: /user/password/set
Now that we are peeking at OneTimeToken when accessing this page,
we add rate to the GET request, matching that of the POST request.
* [web] Tidy up pug layout and mongo query for token peeking
Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a
2022-09-28 08:06:54 +00:00
Simon Detheridge
9953822175
Merge pull request #6661 from overleaf/spd-local-tests
...
Move acceptance test mocks to nonstandard ports and add options for running locally
GitOrigin-RevId: bd8f70ac8d80599daccc51cfe7b90a2ad8d8c3d8
2022-08-10 08:03:45 +00:00
Henry Oswald
5f1abee345
Merge pull request #8939 from overleaf/revert-8882-jk-web-reject-same-password
...
Revert "[web] Password set/reset: reject current password"
GitOrigin-RevId: f14f970fe93064658a8659537c5cb417e34e2751
2022-07-20 08:04:00 +00:00
June Kelly
d04ea76081
Merge pull request #8882 from overleaf/jk-web-reject-same-password
...
[web] Password set/reset: reject current password
GitOrigin-RevId: 2c40dda4926d9c68564ae5126b3393b9286bb661
2022-07-20 08:03:36 +00:00
Hugh O'Brien
3b95ac6d88
Merge pull request #5688 from overleaf/jpa-invalid-password-message
...
[web] password reset: validate user password ahead of invalidating token
GitOrigin-RevId: ba3e6549f53675a2216e2fc24293276c1968d416
2021-11-10 09:02:38 +00:00
June Kelly
7292cfbd02
Merge pull request #5366 from overleaf/jk-move-password-reset-audit-log
...
[web] audit password reset before taking action
GitOrigin-RevId: 672f712658b4669a5a750dbc6f97d24ce35c332d
2021-10-21 08:03:00 +00:00
Alf Eaton
1be43911b4
Merge pull request #3942 from overleaf/prettier-trailing-comma
...
Set Prettier's "trailingComma" setting to "es5"
GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
2021-04-28 02:10:01 +00:00
Alf Eaton
1ebc8a79cb
Merge pull request #3495 from overleaf/ae-prettier-2
...
Upgrade Prettier to v2
GitOrigin-RevId: 85aa3fa1acb6332c4f58c46165a43d1a51471f33
2021-04-15 02:05:22 +00:00
Miguel Serrano
d65db1acf0
Merge pull request #3824 from overleaf/jpa-password-reset-email-forwarding
...
[misc] fix passing around of users email as part of password reset
GitOrigin-RevId: 54e8cde9867a2ce735bc7ebe281ead19ef49e6cd
2021-04-01 02:05:04 +00:00
Jakob Ackermann
4280a96b2c
Merge pull request #3749 from overleaf/jpa-refactor-audit-log-access-in-tests
...
[misc] test/acceptance: refactor access on user audit log
GitOrigin-RevId: fab5b81a7469ef4fa0daa553169a47e3427c49fd
2021-03-27 03:05:06 +00:00
Eric Mc Sween
309163d444
Merge pull request #3595 from overleaf/ae-password-reset-request-validation
...
Add request validation to the password reset endpoints
GitOrigin-RevId: 104444d0ebfea2b3d66285a8433e49c1134076b8
2021-02-04 03:04:59 +00:00
Alf Eaton
2ff1cf43d6
Merge pull request #3470 from overleaf/eslint
...
Upgrade and configure ESLint
GitOrigin-RevId: ad5aeaf85e72c847a125ff3a9db99a12855e38aa
2020-12-16 03:08:28 +00:00
Jakob Ackermann
a096d98956
Merge pull request #3193 from overleaf/jpa-mongodb-native-acceptance-tests
...
[misc] migrate the acceptance tests to the native mongo driver
GitOrigin-RevId: 5ec8605cafb28cc9cfeb85d7ee0d1b567cfe49ba
2020-10-09 02:05:03 +00:00
Jessica Lawshe
552fb56b74
Merge pull request #3078 from overleaf/jel-log-password-reset-by-token
...
Update audit log when password reset by token
GitOrigin-RevId: 2ae7f59c5cdf2723e541a99c58c36564cc82adbf
2020-08-13 15:46:10 +00:00