Henry Oswald
|
9028bcf830
|
set body parser limit to 2mb
|
2015-07-08 14:35:03 +01:00 |
|
Henry Oswald
|
39df8964cf
|
added route that got lost in merge
|
2015-07-08 13:29:10 +01:00 |
|
Henry Oswald
|
9a49ce4a0e
|
removed extra req.session.destroy
|
2015-07-08 12:58:02 +01:00 |
|
Henry Oswald
|
8020cd8f47
|
removed tpds from settings.defaults.coffee, if not set updates are now not queued
|
2015-07-02 12:09:08 +01:00 |
|
Henry Oswald
|
56346ad88c
|
remove analytics router and fixed bad package.json
|
2015-07-01 15:48:23 +01:00 |
|
Brian Gough
|
e6a670533d
|
added default mongoose connection
|
2015-07-01 15:36:50 +01:00 |
|
Henry Oswald
|
7fd29b18a8
|
destroy users session before creating a new one for them after login
session changed to prevent against fixation attacks
|
2015-07-01 15:29:02 +01:00 |
|
Henry Oswald
|
4f0b922a5d
|
changed name used when project or file uploaded, this changed when
we started using https://github.com/expressjs/multer
* originalname - Name of the file on the user's computer
* name - Renamed file name
|
2015-07-01 15:28:49 +01:00 |
|
Henry Oswald
|
3ab57f6830
|
put express locals on webRouter, this prevents problem with accessing sessions in locals, they should also only be used on web routes not api routes
|
2015-07-01 15:28:30 +01:00 |
|
Henry Oswald
|
941d407231
|
added saveUninitialized option to session which is now required
|
2015-07-01 15:26:17 +01:00 |
|
Henry Oswald
|
15a57f5dc4
|
removed req.session.destorys from endpoints now on the api router which are not needed
|
2015-07-01 15:26:05 +01:00 |
|
Henry Oswald
|
1cc0cbe8fc
|
split site into 2 routers, webRouter and apiRouter
web router has things like sessions etc added onto it. Api router is minimal, doesn't include things like csrf
|
2015-07-01 15:23:18 +01:00 |
|
Henry Oswald
|
665bdcf538
|
v1 of express4 conversion
|
2015-07-01 15:17:43 +01:00 |
|
Brian Gough
|
3de841dd71
|
added event loop monitor
|
2015-06-23 13:50:42 +01:00 |
|
Henry Oswald
|
84bf0dd9a3
|
added timeout and logging for tpdsworker queing via http
|
2015-06-23 11:19:23 +01:00 |
|
Henry Oswald
|
b83fe4dcf9
|
put tpdsworker url in from settings
|
2015-06-23 11:13:05 +01:00 |
|
Henry Oswald
|
2ec925b45e
|
fairy removed from web, makes http request to tpds worker now
|
2015-06-22 22:33:04 +01:00 |
|
Henry Oswald
|
33aa5c732f
|
if a domain licence link has expired render a nice message explaining they need to retry
|
2015-06-01 12:43:42 +01:00 |
|
Henry Oswald
|
cb48242b74
|
changed email expire to 1 day for verifying account
|
2015-06-01 12:22:46 +01:00 |
|
Henry Oswald
|
6727c3ee00
|
changed ShareLaTeX thoughts to go into type form
|
2015-05-29 16:27:35 +01:00 |
|
Henry Oswald
|
d3f6c0c614
|
Merge branch 'user-csv' of git://github.com/heukirne/web-sharelatex into heukirne-user-csv
|
2015-05-29 12:17:54 +01:00 |
|
Henry Oswald
|
e4011b9ba1
|
Merge branch 'emailverification'
|
2015-05-29 12:10:02 +01:00 |
|
Henrique Dias
|
f50eb0398f
|
add export csv group feature
|
2015-05-28 16:54:41 -03:00 |
|
Henry Oswald
|
43c4531e51
|
kill off CollaboratorsHandler. changeUsersPrivilegeLevel as it is not used anywhere
|
2015-05-28 13:02:08 +01:00 |
|
Henry Oswald
|
22b94e9246
|
renamed SubscriptionDomainAllocator -> SubscriptionDomainHandler
|
2015-05-27 20:57:54 +01:00 |
|
Henry Oswald
|
4773d6d22f
|
added tests around new endpoints for joining groups
|
2015-05-27 20:50:16 +01:00 |
|
Henry Oswald
|
f27c072ae1
|
pull logic checking if user is already part of a group out of controller into handler
|
2015-05-27 16:33:47 +01:00 |
|
Henry Oswald
|
72e528e9d1
|
if you are alread in the group show the custom group page
|
2015-05-27 15:50:28 +01:00 |
|
Henry Oswald
|
79fa49a43d
|
if a user is elelable to be part of a group subscription and they go to
/user/subscription it should redirect them to the group subscription invite
|
2015-05-27 15:35:31 +01:00 |
|
Henry Oswald
|
1d21bddcf5
|
fix Onetime token handler path
|
2015-05-27 15:06:36 +01:00 |
|
Brian Gough
|
a5d14f4ffb
|
handle unexplained case where smokeTestModule is undefined
|
2015-05-26 16:33:02 +01:00 |
|
Henry Oswald
|
481bd67fbd
|
changed paths to use hyphens and add succesfull join page
|
2015-05-26 15:26:45 +01:00 |
|
Henry Oswald
|
841231dbf8
|
make PasswordResetTokenHandler generic so it can be used for invites
|
2015-05-26 15:24:09 +01:00 |
|
Brian Gough
|
e51cdb81bd
|
port leak fixes from smoke-test-sharelatex module
|
2015-05-26 10:54:55 +01:00 |
|
Henry Oswald
|
cad8d8a23b
|
v1 basic invite works, not pretty or tested
|
2015-05-22 13:57:15 +01:00 |
|
Henry Oswald
|
f5c39efcac
|
patched xss hole with messages not setting the content type correctly
|
2015-05-19 11:04:52 +01:00 |
|
Henry Oswald
|
9764ab258b
|
added complex password validation to password resets
|
2015-04-30 12:05:46 +01:00 |
|
Henry Oswald
|
312c56a24e
|
allow password resets to be performed when site is not public by adding routes into white list
|
2015-04-30 11:58:26 +01:00 |
|
Henry Oswald
|
a7640b5bbd
|
changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist
|
2015-04-30 11:57:40 +01:00 |
|
Henry Oswald
|
6669884f44
|
Merge branch 'tpds-cleanup'
|
2015-04-23 10:06:26 +01:00 |
|
Brian Gough
|
396644d314
|
proposed fix to delete tpds dump files after use
|
2015-04-15 14:41:38 +01:00 |
|
James Allen
|
5c30a7de67
|
Add in option for global login requirement (defaults to on)
|
2015-04-15 11:14:53 +01:00 |
|
James Allen
|
893ff85521
|
Don't allow password resets for holding accounts
|
2015-04-14 13:11:49 +01:00 |
|
James Allen
|
33f56b71a2
|
Remove redundant body parser line
|
2015-04-14 13:04:49 +01:00 |
|
James Allen
|
8b4ccae60a
|
Read cookie session length from settings file
|
2015-04-14 13:04:29 +01:00 |
|
Brian Gough
|
0684fa36fd
|
upgrade pdfjs to version 1.0.1040
|
2015-03-31 14:53:27 +01:00 |
|
James Allen
|
8483f249ee
|
Actually proxy websocket connections
|
2015-03-20 19:08:48 +00:00 |
|
Brian Gough
|
b0a32b1ef8
|
make new pdf viewer the default for all users
remove old pdf viewer
|
2015-03-20 11:28:28 +00:00 |
|
James Allen
|
393169bc2a
|
Create a grunt task to create the admin user
|
2015-03-19 17:36:50 +00:00 |
|
James Allen
|
e2d515f957
|
Allow public registration module to hook into email system
|
2015-03-19 17:19:56 +00:00 |
|