* Promisify `AuthenticationController.doPassportLogin`
* Update tests `AuthenticationController.doPassportLogin`
* Add test on error handling for `AuthenticationController.doPassportLogin`
* Add test on error handling for `V1LoginController.doLogin`
* Extract error handling to `getErrorObject` function
* Simplify code
* Add `Metrics` calls
* Add `password is too long` in AuthenticationController
* Make `info` object consistent with the rest of the codebase
* Move error handling to `AuthenticationManager.handleAuthenticateErrors`
* Move `handleAuthenticateErrors` to other file
I moved this solely because I didn't manage to test it otherwise
* Update tests
* Remove `preDoPassportLogin` hook call
* Remove test on `preDoPassportLogin`
* Use try/catch block instead of `.catch()`
* Revert "Use try/catch block instead of `.catch()`"
This reverts commit 3475afa93ce4af7ad55c91bfc1d7ad3317600ea5.
* Replace `.catch` by `try/catch`
GitOrigin-RevId: 3fba65c30a2c5fc6e5abcd5b83c52801852ed462
* Replace `LoginRateLimiter.processLoginRequest` call by use of `RateLimiterMiddleware`
* Lowercase the email to avoid rate-limit bypass
* Remove unit test "when the users rate limit"
* Use `EmailHelper.parseEmail` to normalize email in `processLoginRequest`
This should address the `trim()` bypass
* Use `.trim().toLowerCase()` instead of `EmailHelper.parseEmail`
We can't use `EmailHelper.parseEmail`, else it breaks the test (and feature): "with username that does not look like an email"
* Add acceptance test for rate limit
* Add comment on rate limits
* Rename `rateLimiter` to `rateLimiterLoginEmail` for clarity
* Make the login rate limits configurable from the settings
GitOrigin-RevId: cf1c3a416745f2b007c85014a5084570d4a049a7
Link sharing changes events fixes for collaborator sharing-updates prompt and project open event
GitOrigin-RevId: 45449f0dd27e07de189a9c2620b0aa9a8849dc41
Allow checking permissions for all users on a project and rename checkPermissions -> AssertPermissions
GitOrigin-RevId: 511356cf2fe68367e284347e68e59f6116bd0f80
Implement link sharing warning events by reusing the StartFreeTrial paywall button component from the original modal
GitOrigin-RevId: 9c16407ad8a7b5afc9b5b13be1491ef903ae74a3
* Add getEditInviteCount to count only edit collaborators
* Add getInvitedEditCollaboratorCount to count joined editors
* Add canAddXEditCollaborators to determine if owner can add more editors
* Update setCollaboratorInfo to check if editor slots are available
GitOrigin-RevId: a88707f102dfbde39322f5a7bbc79d47b6e810d5
* Add helpers for checking and removing user readwrite token membership
* Add sharing-updates page and handlers
* Redirect read write token members to sharing-updates on project load
GitOrigin-RevId: d552a2cd74a9843c6103923b03f137131a48877a
* add RestoreFileOrigin in overleaf-editor-core
* support source to be an object
* use sourceOrOrigin as param
* rename to originOrSource so the priority is more clear
* get timestamp from version
* fix test
* include version and min_count in getUpdatesFromHistory
* extractOriginOrSource util function
* fix RestoreManagerTests
GitOrigin-RevId: 0ace05a6ade2794c753a9d0bffb4f858ecc6899a
* Promisify LdapController
* Update tests LdapControllerTests.js
* Promisify `AuthenticationController.finishLogin`
* Simplify null checks in LdapController
* Fix: don't use spread operator in module.exports
* Make `AuthenticationController.promises.finishLogin` a promise that resolves
* Fixup: `finishLogin` does not call `next` then the promise finishes, it calls it only on errors
* Use `Modules.promises.hooks.fire`
* Revert `processPassportLogin` callback style
* Update error handling: Use `OError.tag` instead of `logger.err`
* Fix unit tests: Rely on callbacks rather than promises
* Fix: Actually call `passport.authenticate` (!!)
* Update test: fixup `passport.authenticate` mocks
This would have caught the bugs that the previous commit is solving
* Remove `.then(() => next())` in `processPassportLogin`
Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>
---------
Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>
GitOrigin-RevId: a7eab5f5289956aeb8f2418408958daef3511ab7
