Ersun Warncke
365158f283
Merge pull request #1047 from sharelatex/ew-oauth-authorization
...
add oauth middlewear
GitOrigin-RevId: b68360763e1060fdbcbb4348d3d691a803fbfa41
2018-10-30 18:31:47 +00:00
James Allen
40f08d1592
Add additional functionality to RedirectManager
2018-09-17 15:38:45 +01:00
Brian Gough
7da8a926bb
increase bodyparser limit to 64kb
...
16kb is not enough for bibtex files with more escaping.
2018-08-06 10:52:10 +01:00
Tim Alby
b78212290a
handle dynamic Proxy URLs
2018-07-06 12:03:47 +02:00
Tim Alby
b65ba388ba
replace OldAssetProxy
2018-06-25 12:36:51 +02:00
Timothée Alby
caee25d85d
Revert "Replace OldAssetsProxy"
2018-06-21 15:52:20 +02:00
Tim Alby
3d272ca297
replace OldAssetProxy
2018-06-18 18:37:58 +02:00
Tim Alby
a04adbf132
remove extra security headers
2017-09-13 11:53:11 +02:00
Tim Alby
d6834ff417
add security headers using Helmet
...
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
- a user is logged in, OR
- a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
0ae93db08b
use ApiErrorHandler on public api
2017-07-05 15:06:23 +01:00
Brian Gough
29b40ad824
add public api router
2017-07-05 14:32:55 +01:00
Brian Gough
b2f676af5a
avoid duplicate routes for /status
2017-07-04 12:41:51 +01:00
Brian Gough
62d6933886
use settings instead of ENV for web/api split
2017-06-15 16:11:20 +01:00
Brian Gough
4b188ce120
support separate processes for web and api
...
via an environment variable WEB_TYPE
2017-05-22 13:31:02 +01:00
Brian Gough
5ac2ed8fc6
use a separate error handler for api router errors
2017-05-19 16:36:29 +01:00
Shane Kilkelly
043520fc28
Remove the Metrics module, use metrics-sharelatex
2017-04-03 16:18:30 +01:00
Shane Kilkelly
f2b5901776
wip: use new metrics.timeAsyncMethod
2017-03-16 10:59:18 +00:00
Shane Kilkelly
4e9426e6bf
Merge branch 'master' into sk-pug
2017-01-30 14:36:10 +00:00
Shane Kilkelly
57cd54bf55
WIP: migrate from jade to pug
2017-01-20 12:03:02 +00:00
Shane Kilkelly
9f787943b6
Remove stray redis imports.
2016-12-19 12:17:23 +00:00
Shane Kilkelly
d38890e9f4
Add the rolling
option to session
2016-11-30 09:41:58 +00:00
Shane Kilkelly
2cf2199964
WIP: enable non-csrf routes from modules
2016-11-11 13:48:29 +00:00
Shane Kilkelly
bfa0e7cf89
WIP: start moving web sessions to cluster
2016-11-08 15:32:36 +00:00
Shane Kilkelly
9cb3d8c4b8
Enable hook from module into passport init.
2016-11-01 14:06:54 +00:00
Shane Kilkelly
6df569253a
Fix session touch
2016-09-22 13:48:09 +01:00
Shane Kilkelly
eca1dfa482
Remove dead code
2016-09-21 09:27:35 +01:00
Shane Kilkelly
eca4c46f7f
WIP: refactor
2016-09-05 16:23:37 +01:00
Shane Kilkelly
e6c7aa25ec
barely functional login and logout
2016-09-05 10:28:47 +01:00
Shane Kilkelly
e4f4325150
Basic passport integration
2016-09-02 16:17:37 +01:00
Henry Oswald
b589ab388f
fix close editor button
...
- only evaulate close on web router, not api/static assets
- allow /admin pages to still be available
2016-07-19 17:15:20 +01:00
Shane Kilkelly
9e35bdcaea
Refactor: add ?
suffix to truth tests.
2016-07-07 09:35:44 +01:00
Shane Kilkelly
d8ffa5b4b1
set expiry on the user sessions set.
2016-07-01 11:24:46 +01:00
Henry Oswald
b37595acf9
persist cookie in redis for compiles.
2016-04-19 16:48:51 +01:00
James Allen
e7d67668e9
Improve error reporting and show 404 when project ids are malformed
2016-03-18 15:59:12 +00:00
Henry Oswald
69734c20c0
added heapdump endpoint
2015-11-30 16:16:16 +00:00
James Allen
a153c6682a
Put in client side check for document getting too long
2015-11-06 12:51:43 +00:00
Henry Oswald
9028bcf830
set body parser limit to 2mb
2015-07-08 14:35:03 +01:00
Henry Oswald
941d407231
added saveUninitialized option to session which is now required
2015-07-01 15:26:17 +01:00
Henry Oswald
1cc0cbe8fc
split site into 2 routers, webRouter and apiRouter
...
web router has things like sessions etc added onto it. Api router is minimal, doesn't include things like csrf
2015-07-01 15:23:18 +01:00
Henry Oswald
665bdcf538
v1 of express4 conversion
2015-07-01 15:17:43 +01:00
Brian Gough
3de841dd71
added event loop monitor
2015-06-23 13:50:42 +01:00
James Allen
33f56b71a2
Remove redundant body parser line
2015-04-14 13:04:49 +01:00
James Allen
8b4ccae60a
Read cookie session length from settings file
2015-04-14 13:04:29 +01:00
James Allen
d7afb4e513
Clean up unused real-time code in web
2015-02-05 16:37:37 +00:00
James Allen
2aa229d145
Add in profiling end point
2015-02-03 11:05:23 +00:00
James Allen
941f550d6c
Remove all traces of soa-req-id
2014-10-15 14:11:02 +01:00
James Allen
128c672edd
Merge branch 'github-sync'
...
Conflicts:
package.json
2014-10-08 12:13:37 +01:00
Henry Oswald
81307324fc
v2, seems to work...
2014-09-26 17:04:33 +01:00
Henry Oswald
c08a568664
removed session logging
2014-09-10 10:09:25 +01:00
Henry Oswald
d961b48857
imporved logging for session debug
2014-09-10 08:20:36 +01:00