github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-10-24 21:12:38 -04:00
Code Issues Projects Releases Packages Wiki Activity
20153 commits 3 branches 7 tags 197 MiB
Commit graph

51 commits

Author SHA1 Message Date
June Kelly
a140e3dc8c Merge pull request #12269 from overleaf/jk-enable-password-similarity-check 
[web] Enforce password similarity check

GitOrigin-RevId: 1bc4efebba401663c1db9d209dc560560f160ce0
 2023-03-23 09:04:12 +00:00
June Kelly
53b78ad68b Merge pull request #11590 from overleaf/jk-password-reset-ux-improvements 
[web] Password Reset UX Improvements

GitOrigin-RevId: d62575ff965e045823bfb7268db892188cf709ed
 2023-02-10 16:33:14 +00:00
ilkin-overleaf
2675cab92e Merge pull request #10394 from overleaf/ii-password-reset-and-strength-checking 
[web] Password reset strength checking and UI updates

GitOrigin-RevId: 442a5c9e7e9d0a61d3ae649f3526bc3c02fd5704
 2022-12-07 09:03:36 +00:00
June Kelly
3288f87dbe [web] Password set/reset: reject current password (redux) (#8956) 
* [web] set-password: reject same as current password

* [web] Add 'peek' operation on tokens

This allows us to improve the UX of the reset-password form,
by not invalidating the token in the case where the new
password will be rejected by validation logic.

We give up to three attempts before invalidating the token.

* [web] Add hide-on-error feature to async forms

This allows us to hide the form elements when certain
named error conditions occur.

* [web] reset-password: handle same-password rejection

We also change the implementation to use the new
peekValueFromToken API, and to expire the token explicitely
after it has been used to set the new password.

* [web] Validate OneTimeToken when loading password reset form

* [web] Rate limit GET: /user/password/set

Now that we are peeking at OneTimeToken when accessing this page,
we add rate to the GET request, matching that of the POST request.

* [web] Tidy up pug layout and mongo query for token peeking

Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a
 2022-09-28 08:06:54 +00:00
June Kelly
8f44f69a80 Merge pull request #9679 from overleaf/jk-fix-the-module-system 
[web] Fix how imports work in the Module system

GitOrigin-RevId: 00cb3bfa19c6af979216b9d5e6104d489c18244b
 2022-09-23 08:04:15 +00:00
June Kelly
73e8fd115b Merge pull request #9466 from overleaf/jk-add-labs-program-for-galileo 
[web] Add a new "Overleaf Labs" program, for Galileo

GitOrigin-RevId: 8f6c79c37c1719a59bd8405998cc3de2fd29960d
 2022-09-22 08:03:59 +00:00
Henry Oswald
5f1abee345 Merge pull request #8939 from overleaf/revert-8882-jk-web-reject-same-password 
Revert "[web] Password set/reset: reject current password"

GitOrigin-RevId: f14f970fe93064658a8659537c5cb417e34e2751
 2022-07-20 08:04:00 +00:00
June Kelly
d04ea76081 Merge pull request #8882 from overleaf/jk-web-reject-same-password 
[web] Password set/reset: reject current password

GitOrigin-RevId: 2c40dda4926d9c68564ae5126b3393b9286bb661
 2022-07-20 08:03:36 +00:00
Eric Mc Sween
e0d91eaa26 Merge pull request #7906 from overleaf/em-downgrade-logs 
Downgrade all INFO logs to DEBUG

GitOrigin-RevId: 05ed582ef0721fcada059f0ad158565f50feca27
 2022-05-17 08:05:26 +00:00
Timothée Alby
f0ac0f3e7a Merge pull request #7742 from overleaf/ta-email-preferences-page 
Create Email Preferences Page

GitOrigin-RevId: 371a62e8423e5cbebff83e61bf35a8b3b638c398
 2022-04-28 08:03:12 +00:00
Timothée Alby
b289afe23c Merge pull request #7725 from overleaf/ta-settings-fixes 
[SettingsPage] Misc Fixes

GitOrigin-RevId: 56f58d2bb5830f7e0584a83c98efc9989ae2bd42
 2022-04-26 08:04:18 +00:00
Davinder Singh
b3d55fa65e Move admin register to user activate module 
Move admin register to user activate module

Co-authored-by: John Lees-Miller <jdleesmiller@gmail.com> & Davinder Singh
GitOrigin-RevId: 79428f2932783086435bdad9b1efb5300c467511
 2022-04-08 08:04:45 +00:00
Eric Mc Sween
5fc6d7dcb3 Merge pull request #5740 from overleaf/em-gcp-logging-web 
Improve GCP logging for web

GitOrigin-RevId: b304c87a3fe46c29189f665eb3daf22c23d6eb8f
 2021-11-11 09:03:09 +00:00
Eric Mc Sween
e5676a9643 Merge pull request #5648 from overleaf/em-revert-gcp-logging-web 
Revert "Improve GCP logging for web"

GitOrigin-RevId: 92d446baf62108da1df92146eec12a2fe69d30ee
 2021-11-02 09:03:29 +00:00
Eric Mc Sween
641b10cceb Merge pull request #5632 from overleaf/em-gcp-logging-web 
Improve GCP logging for web

GitOrigin-RevId: 1198fab2e821a55563058171cfa435605216e337
 2021-11-02 09:03:22 +00:00
Jakob Ackermann
7f9fd00bda Merge pull request #5367 from overleaf/jpa-node-handle-callback-err 
[misc] fix eslint violations for node/handle-callback-err

GitOrigin-RevId: 83a4900e8861010df1917bff49382bd9c93375bd
 2021-10-28 08:03:26 +00:00
Thomas
42fa5e28ed Merge pull request #5529 from overleaf/revert-5484-tm-show-current-session 
Revert "Show current session on user sessions page"

GitOrigin-RevId: 80e4c667d96b2016066657dc74d9f27d6b52b6f8
 2021-10-21 08:03:41 +00:00
June Kelly
e0b0d10143 Merge pull request #5484 from overleaf/tm-show-current-session 
Show current session on user sessions page

GitOrigin-RevId: 6ae130bfa8c3d82a305fd865e162c19f5c8b208c
 2021-10-21 08:03:04 +00:00
June Kelly
8f1cae8252 Merge pull request #4989 from overleaf/jk-de-ng-logout 
[web] de-ng logout page

GitOrigin-RevId: 0d46e554ab41759bbf1044fcd49d750322a345ae
 2021-09-17 08:02:54 +00:00
Alexandre Bourdin
9468e5cb4f Merge pull request #4338 from overleaf/ab-session-manager 
Extract functions from AuthenticationController to SessionManager

GitOrigin-RevId: 86870ce03a762e1a837dcf493759e8851e759883
 2021-07-28 12:36:22 +00:00
Miguel Serrano
f9871103bf Merge pull request #3949 from overleaf/msm-reenable-eslint-const-rule 
Reenable eslint `prefer-const` rule

GitOrigin-RevId: 4f3825be8b8dff381095209085a36eaab76260d5
 2021-05-06 02:09:14 +00:00
Alf Eaton
1be43911b4 Merge pull request #3942 from overleaf/prettier-trailing-comma 
Set Prettier's "trailingComma" setting to "es5"

GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
 2021-04-28 02:10:01 +00:00
Alf Eaton
2ff1cf43d6 Merge pull request #3470 from overleaf/eslint 
Upgrade and configure ESLint

GitOrigin-RevId: ad5aeaf85e72c847a125ff3a9db99a12855e38aa
 2020-12-16 03:08:28 +00:00
Christopher Hoskin
1e8598a8d9 Merge pull request #3331 from overleaf/csh-issue-3661-bump-agents 
Update metrics module

GitOrigin-RevId: bdef141035f277ce4863f14f8a6e166d710b1111
 2020-10-31 03:05:30 +00:00
Shane Kilkelly
e9f7a17093 Merge pull request #3234 from overleaf/sk-fix-password-validation-email 
Overhaul password validation

GitOrigin-RevId: a591c4e192e30a0ac053eab6f80627543a8a92fe
 2020-10-23 02:04:39 +00:00
Jessica Lawshe
1ca50eeb98 Merge pull request #3179 from overleaf/jel-remove-sudo-mode 
Remove SudoMode

GitOrigin-RevId: 9419f9b28e5051a1c5abd29f498f72448d1afd33
 2020-10-07 02:04:29 +00:00
Jessica Lawshe
9d3f2eb7dc Merge pull request #3227 from overleaf/jel-security-email-alerts 
Move security alert handling to private function

GitOrigin-RevId: a59b6b0802986b2caa9e9715d80225eb11b163a9
 2020-09-30 02:04:23 +00:00
Jakob Ackermann
a22e252666 Merge pull request #3114 from overleaf/msm-remove-logger-warn-controllers 
Replaced logger statements with error tagging in Controllers

GitOrigin-RevId: c5231913c82f95a325f4c3ab406d89cb534835a4
 2020-08-20 02:06:25 +00:00
Timothée Alby
3babf23444 Merge pull request #3091 from overleaf/jel-log-default-email-change 
Update audit log for default email changes

GitOrigin-RevId: c7b4e4e888aa5ffd976062d72f660ded303f0885
 2020-08-13 02:06:40 +00:00
Miguel Serrano
d2845d9a38 Merge pull request #3074 from overleaf/msm-update-oerror-logger-v3 
Update o-error to v3 and logger-sharelatex to v3

GitOrigin-RevId: 5e6386f65b7893949336aa4ff021212aebd98f4a
 2020-08-12 02:06:58 +00:00
Jessica Lawshe
7eee20f914 Merge pull request #3079 from overleaf/jel-log-password-update 
Update audit log when password updated

GitOrigin-RevId: 3228e39e8a3682d6e77264cd6ee580f3fc40642a
 2020-08-10 15:56:11 +00:00
Jessica Lawshe
33365e56bc Merge pull request #3061 from overleaf/jel-security-alert-clear-sessions 
Send security alert email when sessions are cleared

GitOrigin-RevId: d1620214e84211edb69d7419ed64cf7618d1b460
 2020-08-10 15:54:51 +00:00
Jessica Lawshe
cbe21d1f77 Merge pull request #3024 from overleaf/jel-log-cleared-sessions 
Log cleared user sessions in user.auditLog

GitOrigin-RevId: 829c4ea037d897689c02c1dfe12d38542a7216c0
 2020-07-28 02:06:43 +00:00
Miguel Serrano
b0dc73a61c Remove HttpErrors.InternalServerError (#3027) 
* Added legacyInternal() 500 to HttpErrorHandler
* replaced HttpErrors.InternalServerError being thrown with calls to HttpHandler.legacyInternal()

GitOrigin-RevId: 0b7086a9693b57cdf93976d4221b90315960e8bb
 2020-07-23 02:06:50 +00:00
Eric Mc Sween
f251d661ed Merge pull request #3021 from overleaf/msm-oerror-remove-conflict-error 
Replace ConflictError thrown with calls to HttpErrorHandler.conflict()

GitOrigin-RevId: 3b4d98af1b31e49ceab4b1b55b94b8f0323c8a9b
 2020-07-21 02:06:18 +00:00
Miguel Serrano
6562f3003d Merge pull request #2985 from overleaf/msm-oerror-remove-unprocessable-entity-error 
Replace UnprocessableEntityError with calls to unprocessableEntity() handler

GitOrigin-RevId: 4bba389c8cdf87a40137d49db571fa81aaac4239
 2020-07-17 02:06:19 +00:00
Miguel Serrano
0583f7a667 Merge pull request #2746 from overleaf/ew-jpa-fix-deprecated-express-methods 
[misc] fix express deprecations

GitOrigin-RevId: 78c730578c6a671f142837c98f98d5fd260332a5
 2020-05-07 03:27:56 +00:00
Eric Mc Sween
d8615ddba3 Merge pull request #2761 from overleaf/jpa-user-controller-bail-out-next 
[UserController] updateUserSettings: bail out after calling next(err)

GitOrigin-RevId: f1905c0c54f3feb98836443cbf8e080888d4901c
 2020-04-24 03:31:04 +00:00
Jessica Lawshe
a433235310 Merge pull request #2643 from overleaf/jel-affiliations-cron-job 
Ensure affiliations cron job

GitOrigin-RevId: 4ac6f8b29b1e1460d627a86172fcdf1fa27a59a8
 2020-03-12 04:18:47 +00:00
Eric Mc Sween
b2ee3bf2bb Merge pull request #2634 from overleaf/jel-ensure-affiliations 
Ensure affiliations after loading the settings page

GitOrigin-RevId: bf9982fb436d0e75d6fbd8418ca2d19e00fe3b66
 2020-03-03 04:21:44 +00:00
Timothée Alby
506543d6a0 Merge pull request #2605 from overleaf/jel-sso-registration 
Do not block SSO registration on nonessential errors

GitOrigin-RevId: c9d6a7803aa8a48dbc1a8aae84d6f2588bad654e
 2020-02-21 04:21:07 +00:00
Ersun Warncke
2c335802ca remove excessive logging 
GitOrigin-RevId: 62024bbe0415a4fdae66eb1b9c6707e5faec7cd1
 2019-11-27 12:17:32 +00:00
Simon Detheridge
8ec2f1a896 Merge pull request #2157 from overleaf/jel-saml-logout-redirect 
Redirect handling after logging out

GitOrigin-RevId: 01562dbe71ff4f3571fb0d433b96ccca34aad24e
 2019-09-25 14:48:19 +00:00
Eric Mc Sween
869fcf7952 Merge pull request #2089 from overleaf/em-mailchimp-unsubscribe 
Handle error on Mailchimp unsubscribe when deleting users

GitOrigin-RevId: 8923480e6d50de45003fd7741610f995753a412b
 2019-09-03 15:25:01 +00:00
Timothée Alby
018b2cc474 Merge pull request #2010 from overleaf/ta-http-errors 
Add More Http Errors

GitOrigin-RevId: d7aab42e1c7cec8757d6f2c6fc839a6c3f204351
 2019-07-31 08:33:25 +00:00
Timothée Alby
e38a86d9f4 Merge pull request #1934 from overleaf/ta-error-type-handler 
Implement ErrorType Handler

GitOrigin-RevId: 7cd735bb248c74815182e10fd54d687dd35914b8
 2019-07-19 09:51:05 +00:00
Simon Detheridge
bf740f1e25 Merge pull request #1959 from overleaf/spd-integration-soft-deletion 
Integration: Merge soft-deletion features into master
GitOrigin-RevId: 83baf730be2f256ad0d02271600392fda144b761
 2019-07-18 14:34:22 +00:00
Ersun Warncke
d624c29b6f remove v1 deps for password change/reset 
GitOrigin-RevId: be25f19ae589c50bfde0b170860127fa8d6f63b7
 2019-07-17 15:09:24 +00:00
Hugh O'Brien
f84c43a7b7 Merge pull request #1913 from overleaf/jel-v1-logout 
Remove the v1-logout endpoint

GitOrigin-RevId: 4a31f277c2cf1fa0f8c76c546728dae3eb7665c7
 2019-07-01 15:31:08 +00:00
Timothée Alby
e73a5d9103 Merge pull request #1923 from overleaf/ta-error-log-level 
Reduce Log Level

GitOrigin-RevId: 63a8859e6b78cb0774a28069089f4bce73eb91ec
 2019-07-01 14:06:36 +00:00