Henry Oswald
|
841231dbf8
|
make PasswordResetTokenHandler generic so it can be used for invites
|
2015-05-26 15:24:09 +01:00 |
|
Henry Oswald
|
9764ab258b
|
added complex password validation to password resets
|
2015-04-30 12:05:46 +01:00 |
|
Henry Oswald
|
312c56a24e
|
allow password resets to be performed when site is not public by adding routes into white list
|
2015-04-30 11:58:26 +01:00 |
|
James Allen
|
893ff85521
|
Don't allow password resets for holding accounts
|
2015-04-14 13:11:49 +01:00 |
|
James Allen
|
9b8cf7bcfa
|
Remove public registration and require that a user be registered by an admin
|
2015-03-19 14:22:48 +00:00 |
|
Henry Oswald
|
56efefd6d4
|
renamed variable
|
2014-10-30 08:33:18 +00:00 |
|
James Allen
|
accd8207b2
|
Show password reset expired message rather than server error if that's what has happened
|
2014-10-08 17:18:24 +01:00 |
|
Henry Oswald
|
f73629f8d9
|
v1 of sentinal support
|
2014-09-26 14:52:00 +01:00 |
|
James Allen
|
10021986c5
|
Don't error on password reset if no email found, and translate error messages
|
2014-08-08 11:41:54 +01:00 |
|
Henry Oswald
|
d047d44079
|
Changed the error messages which are sent down to the client to be translated first
fixed up tests from titles we check when rendering, deleted them as they never
catch anything important, more hastle than they are worth imo.
|
2014-08-01 14:03:38 +01:00 |
|
Henry Oswald
|
1b8c8b8c48
|
sorted out titles
|
2014-08-01 13:47:14 +01:00 |
|
James Allen
|
5aa7daa951
|
Fix password reset rate limit to work on ip, not email which changes every request
|
2014-06-25 10:46:58 +01:00 |
|
Henry Oswald
|
dabed896be
|
lowercase password reset email
|
2014-06-10 17:54:29 +01:00 |
|
Henry Oswald
|
50df82697a
|
Merge branch 'master' of github.com:sharelatex/web-sharelatex
|
2014-05-16 11:27:09 +01:00 |
|
Henry Oswald
|
9419d3a0e5
|
hooked up the frount end ui to show the email can not be found,
added client side valdidation on password, removed server side min
length check. Just check that it is not 0 len
|
2014-05-16 11:26:29 +01:00 |
|
James Allen
|
240dc2e319
|
Use crypto.randomBytes
|
2014-05-16 10:52:31 +01:00 |
|
Henry Oswald
|
9c3c57f2a8
|
renamed TokenGenerator to PasswordResetTokenHandler and added Expire to function name
|
2014-05-16 10:43:55 +01:00 |
|
Henry Oswald
|
bf1bb22afd
|
added rate limiting to password reset endpoint
|
2014-05-16 10:31:33 +01:00 |
|
Henry Oswald
|
133c4759f8
|
fix tests, whoops
|
2014-05-15 18:26:00 +01:00 |
|
Henry Oswald
|
e1b3f3542c
|
added some logging
|
2014-05-15 18:14:05 +01:00 |
|
Henry Oswald
|
96d98329f1
|
token based reset works
|
2014-05-15 17:58:25 +01:00 |
|
Henry Oswald
|
1ffd19099b
|
writen getUserIdFromToken
|
2014-05-15 17:20:42 +01:00 |
|
Henry Oswald
|
9f901fb1ba
|
added the token generator and its getNewToken function
|
2014-05-15 17:16:20 +01:00 |
|
Henry Oswald
|
64688e661d
|
written password reset controller
|
2014-05-15 16:50:38 +01:00 |
|
Henry Oswald
|
551e1d465a
|
written password reset handler
|
2014-05-15 16:20:23 +01:00 |
|