Commit graph

641 commits

Author SHA1 Message Date
Henry Oswald
3ab57f6830 put express locals on webRouter, this prevents problem with accessing sessions in locals, they should also only be used on web routes not api routes 2015-07-01 15:28:30 +01:00
Henry Oswald
941d407231 added saveUninitialized option to session which is now required 2015-07-01 15:26:17 +01:00
Henry Oswald
15a57f5dc4 removed req.session.destorys from endpoints now on the api router which are not needed 2015-07-01 15:26:05 +01:00
Henry Oswald
1cc0cbe8fc split site into 2 routers, webRouter and apiRouter
web router has things like sessions etc added onto it. Api router is minimal, doesn't include things like csrf
2015-07-01 15:23:18 +01:00
Henry Oswald
665bdcf538 v1 of express4 conversion 2015-07-01 15:17:43 +01:00
Brian Gough
3de841dd71 added event loop monitor 2015-06-23 13:50:42 +01:00
Henry Oswald
84bf0dd9a3 added timeout and logging for tpdsworker queing via http 2015-06-23 11:19:23 +01:00
Henry Oswald
b83fe4dcf9 put tpdsworker url in from settings 2015-06-23 11:13:05 +01:00
Henry Oswald
2ec925b45e fairy removed from web, makes http request to tpds worker now 2015-06-22 22:33:04 +01:00
Henry Oswald
33aa5c732f if a domain licence link has expired render a nice message explaining they need to retry 2015-06-01 12:43:42 +01:00
Henry Oswald
cb48242b74 changed email expire to 1 day for verifying account 2015-06-01 12:22:46 +01:00
Henry Oswald
6727c3ee00 changed ShareLaTeX thoughts to go into type form 2015-05-29 16:27:35 +01:00
Henry Oswald
d3f6c0c614 Merge branch 'user-csv' of git://github.com/heukirne/web-sharelatex into heukirne-user-csv 2015-05-29 12:17:54 +01:00
Henry Oswald
e4011b9ba1 Merge branch 'emailverification' 2015-05-29 12:10:02 +01:00
Henrique Dias
f50eb0398f add export csv group feature 2015-05-28 16:54:41 -03:00
Henry Oswald
43c4531e51 kill off CollaboratorsHandler. changeUsersPrivilegeLevel as it is not used anywhere 2015-05-28 13:02:08 +01:00
Henry Oswald
22b94e9246 renamed SubscriptionDomainAllocator -> SubscriptionDomainHandler 2015-05-27 20:57:54 +01:00
Henry Oswald
4773d6d22f added tests around new endpoints for joining groups 2015-05-27 20:50:16 +01:00
Henry Oswald
f27c072ae1 pull logic checking if user is already part of a group out of controller into handler 2015-05-27 16:33:47 +01:00
Henry Oswald
72e528e9d1 if you are alread in the group show the custom group page 2015-05-27 15:50:28 +01:00
Henry Oswald
79fa49a43d if a user is elelable to be part of a group subscription and they go to
/user/subscription it should redirect them to the group subscription invite
2015-05-27 15:35:31 +01:00
Henry Oswald
1d21bddcf5 fix Onetime token handler path 2015-05-27 15:06:36 +01:00
Brian Gough
a5d14f4ffb handle unexplained case where smokeTestModule is undefined 2015-05-26 16:33:02 +01:00
Henry Oswald
481bd67fbd changed paths to use hyphens and add succesfull join page 2015-05-26 15:26:45 +01:00
Henry Oswald
841231dbf8 make PasswordResetTokenHandler generic so it can be used for invites 2015-05-26 15:24:09 +01:00
Brian Gough
e51cdb81bd port leak fixes from smoke-test-sharelatex module 2015-05-26 10:54:55 +01:00
Henry Oswald
cad8d8a23b v1 basic invite works, not pretty or tested 2015-05-22 13:57:15 +01:00
Henry Oswald
f5c39efcac patched xss hole with messages not setting the content type correctly 2015-05-19 11:04:52 +01:00
Henry Oswald
9764ab258b added complex password validation to password resets 2015-04-30 12:05:46 +01:00
Henry Oswald
312c56a24e allow password resets to be performed when site is not public by adding routes into white list 2015-04-30 11:58:26 +01:00
Henry Oswald
a7640b5bbd changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist 2015-04-30 11:57:40 +01:00
Henry Oswald
6669884f44 Merge branch 'tpds-cleanup' 2015-04-23 10:06:26 +01:00
Brian Gough
396644d314 proposed fix to delete tpds dump files after use 2015-04-15 14:41:38 +01:00
James Allen
5c30a7de67 Add in option for global login requirement (defaults to on) 2015-04-15 11:14:53 +01:00
James Allen
893ff85521 Don't allow password resets for holding accounts 2015-04-14 13:11:49 +01:00
James Allen
33f56b71a2 Remove redundant body parser line 2015-04-14 13:04:49 +01:00
James Allen
8b4ccae60a Read cookie session length from settings file 2015-04-14 13:04:29 +01:00
Brian Gough
0684fa36fd upgrade pdfjs to version 1.0.1040 2015-03-31 14:53:27 +01:00
James Allen
8483f249ee Actually proxy websocket connections 2015-03-20 19:08:48 +00:00
Brian Gough
b0a32b1ef8 make new pdf viewer the default for all users
remove old pdf viewer
2015-03-20 11:28:28 +00:00
James Allen
393169bc2a Create a grunt task to create the admin user 2015-03-19 17:36:50 +00:00
James Allen
e2d515f957 Allow public registration module to hook into email system 2015-03-19 17:19:56 +00:00
James Allen
9b8cf7bcfa Remove public registration and require that a user be registered by an admin 2015-03-19 14:22:48 +00:00
James Allen
93a088618a Return proper error from registration handler 2015-03-18 16:19:48 +00:00
James Allen
cb948fede2 Move email sending into registration controller 2015-03-18 15:57:01 +00:00
James Allen
0f69ee0f22 Add in proxy for /socket.io so that we don't need to faff with real-time service location 2015-03-09 14:09:09 +00:00
James Allen
d376acdaa9 Allow an __appName__ parameter in translations 2015-03-09 12:14:30 +00:00
Henry Oswald
97f0fad525 add vat number option to payment form 2015-03-04 18:08:06 +00:00
Henry Oswald
80dc2f9224 send coupon code server side to be applied to users subscription 2015-03-04 17:50:24 +00:00
Henry Oswald
9805c6a9ff doc model no longer has lines or rev in it 2015-03-04 11:10:59 +00:00