andrew rumble
5f699ac5ef
Fix findOneAnd* usages
...
findOneAnd* now returns either a document or null rather than a result
set (unless the result set is requested explicitly). See
https://www.mongodb.com/blog/post/behavioral-changes-find-one-family-apis-node-js-driver-6-0-0 .
GitOrigin-RevId: 93dc64cbcc663217f914cf9e9821e2b9642154db
2024-09-24 08:06:28 +00:00
Jakob Ackermann
4c49841637
Merge pull request #18153 from overleaf/jpa-validate-session-in-store
...
[web] check for redis connection being out of sync in session store
GitOrigin-RevId: c271e88d4e1fbcb0f7a57f4775e8ef88b70b16a8
2024-05-03 08:04:25 +00:00
Jakob Ackermann
0576e02127
Merge pull request #18152 from overleaf/jpa-stricter-session-validation
...
[web] stricter session validation
GitOrigin-RevId: 3ef916318fde7f31e3e3fd0f7082dde7a2975a27
2024-05-03 08:04:20 +00:00
Jakob Ackermann
ac2ea9f34d
Merge pull request #17865 from overleaf/jpa-open-in-overleaf-session-storage
...
[web] open-in-overleaf: cleanup redis and browser session storage
GitOrigin-RevId: af79bb49ff474545fc0d206d2a6f5a0ffa1416bc
2024-04-17 08:04:04 +00:00
Jessica Lawshe
7a9c2fd644
Merge pull request #17329 from overleaf/jel-async-peekValueFromToken
...
[web] Promisify peekValueFromToken
GitOrigin-RevId: 4a7f6ae793ff0a1bd22c89c963881ef0957e29e8
2024-03-12 09:03:32 +00:00
Eric Mc Sween
75abea72b0
Merge pull request #11492 from overleaf/em-rate-limiter
...
Move all remaining rate limiters to rate-limiter-flexible
GitOrigin-RevId: 163ab2aebecb281057e552dc75591dd02028990c
2023-01-31 09:03:44 +00:00
Eric Mc Sween
f97a543d41
Merge pull request #11255 from overleaf/em-rate-limiter
...
Introduce rate-limiter-flexible
GitOrigin-RevId: c787397e276fb81015c7d045d191f2ad81ef542d
2023-01-18 09:04:51 +00:00
June Kelly
3288f87dbe
[web] Password set/reset: reject current password (redux) ( #8956 )
...
* [web] set-password: reject same as current password
* [web] Add 'peek' operation on tokens
This allows us to improve the UX of the reset-password form,
by not invalidating the token in the case where the new
password will be rejected by validation logic.
We give up to three attempts before invalidating the token.
* [web] Add hide-on-error feature to async forms
This allows us to hide the form elements when certain
named error conditions occur.
* [web] reset-password: handle same-password rejection
We also change the implementation to use the new
peekValueFromToken API, and to expire the token explicitely
after it has been used to set the new password.
* [web] Validate OneTimeToken when loading password reset form
* [web] Rate limit GET: /user/password/set
Now that we are peeking at OneTimeToken when accessing this page,
we add rate to the GET request, matching that of the POST request.
* [web] Tidy up pug layout and mongo query for token peeking
Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a
2022-09-28 08:06:54 +00:00
Jakob Ackermann
f0bd6dda23
Merge pull request #7986 from overleaf/jpa-eslint-8
...
[misc] upgrade eslint packages to the latest version everywhere
GitOrigin-RevId: f1480d4a171acef82fb26c4aa54be3a6088b0ab3
2022-05-17 08:05:59 +00:00
Alexandre Bourdin
9468e5cb4f
Merge pull request #4338 from overleaf/ab-session-manager
...
Extract functions from AuthenticationController to SessionManager
GitOrigin-RevId: 86870ce03a762e1a837dcf493759e8851e759883
2021-07-28 12:36:22 +00:00
Jakob Ackermann
5e773ce950
Merge pull request #4101 from overleaf/ae-settings-module
...
Migrate from `settings-sharelatex` to `@overleaf/settings`
GitOrigin-RevId: 9a298ba26382180c1351683c5fddc9004418c1e6
2021-07-08 02:08:28 +00:00
Alf Eaton
1be43911b4
Merge pull request #3942 from overleaf/prettier-trailing-comma
...
Set Prettier's "trailingComma" setting to "es5"
GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
2021-04-28 02:10:01 +00:00
Alf Eaton
1ebc8a79cb
Merge pull request #3495 from overleaf/ae-prettier-2
...
Upgrade Prettier to v2
GitOrigin-RevId: 85aa3fa1acb6332c4f58c46165a43d1a51471f33
2021-04-15 02:05:22 +00:00
Eric Mc Sween
9ddaa8c9f6
Merge pull request #3830 from overleaf/em-upgrade-node-12
...
Upgrade to Node 12
GitOrigin-RevId: 19870922884b7c98e7e5f2c94df21829672d2db5
2021-04-01 02:05:52 +00:00
Eric Mc Sween
a9f75060a5
Merge pull request #3585 from overleaf/ho-session-auto-start-bot-clear
...
Added isReqIsBot function to SessionAutostartMiddleware middlewear
GitOrigin-RevId: 652392f77a9a0cd55a8c1c3454ccec70d67a5c6e
2021-02-04 03:05:04 +00:00
Alf Eaton
2ff1cf43d6
Merge pull request #3470 from overleaf/eslint
...
Upgrade and configure ESLint
GitOrigin-RevId: ad5aeaf85e72c847a125ff3a9db99a12855e38aa
2020-12-16 03:08:28 +00:00
Jakob Ackermann
6eeb7857e3
Merge pull request #3390 from overleaf/jpa-faster-unit-tests
...
[perf] faster unit tests
GitOrigin-RevId: 188b8f3752638fde7a27a8d83b416bb9a6e3c95e
2020-11-28 03:04:01 +00:00
Christopher Hoskin
1e8598a8d9
Merge pull request #3331 from overleaf/csh-issue-3661-bump-agents
...
Update metrics module
GitOrigin-RevId: bdef141035f277ce4863f14f8a6e166d710b1111
2020-10-31 03:05:30 +00:00
Jakob Ackermann
e3c6637339
Merge pull request #3187 from overleaf/jpa-mongodb-native
...
[misc] migrate the app to the native mongo driver
GitOrigin-RevId: 9030b18c4cf62e3a01d3d8f450bf0e02f9f89c22
2020-10-02 02:04:18 +00:00
Simon Detheridge
96cd1c869e
Merge pull request #2583 from overleaf/spd-no-mongoredis-in-unittests
...
Clean up attempts to connect to Mongo and Redis in unit tests
GitOrigin-RevId: 396813a04fc2aaf39a07e28613f8f1e0a7a2db8f
2020-02-13 04:20:35 +00:00
Simon Detheridge
a8483fbc89
Merge pull request #2516 from overleaf/spd-oio-samesite-cookies
...
Handle 'samesite=lax' session cookies on POST to open-in-overleaf
GitOrigin-RevId: d856f372e91134be47cc301a515ec08511618631
2020-01-22 04:23:00 +00:00
Eric Mc Sween
4f9eb281b7
Merge pull request #2356 from overleaf/em-upgrade-test-deps
...
Upgrade test dependencies
GitOrigin-RevId: 0bda49dea086f525211836b6008f67bafa2bbe48
2019-11-18 14:53:42 +00:00
Brian Gough
45ebc42bf6
Merge pull request #2276 from overleaf/bg-reject-invalid-sessions
...
reject invalid sessions
GitOrigin-RevId: 5dc59609d01d7ad9bc29f9bf18faee1165d10689
2019-10-22 09:25:33 +00:00
Brian Gough
8ffaa5b0ca
Merge pull request #2271 from overleaf/bg-reject-invalid-sessions
...
reject invalid sessions with middleware
GitOrigin-RevId: 07ab8829cbed92bbcb90b2c5f2c9d049e05b77cd
2019-10-22 07:46:41 +00:00
Simon Detheridge
68c16dcb73
Merge pull request #2263 from overleaf/spd-revert-revert
...
Revert "Revert "Merge pull request #2249 "
GitOrigin-RevId: 70b0da473e923a072aeca1cc146c82e460757747
2019-10-18 16:41:37 +00:00
Brian Gough
e502b80116
Merge pull request #2259 from overleaf/bg-revert-session-merge
...
Revert "Merge pull request #2249 from overleaf/bg-create-session-vali…
GitOrigin-RevId: d2114ecea0708dc109d5c9256e9dccb011a1b62c
2019-10-18 16:41:12 +00:00
Brian Gough
bc8ccf26c7
Merge pull request #2249 from overleaf/bg-create-session-validation-token-for-all-sessions
...
move session validation into SessionStoreManager
GitOrigin-RevId: 438ec738f0ccaf9f072629d6203a334cb8439b83
2019-10-18 08:42:35 +00:00
Eric Mc Sween
16ac5126cb
Merge pull request #2181 from overleaf/sk-exclude-smoketest-user-from-rate-limits
...
Exclude smokeTest user from rate limits
GitOrigin-RevId: 01197ce9971477550e73989067adc631189382b1
2019-09-26 14:38:13 +00:00
Simon Detheridge
7588393580
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows
...
Enforce consistent callback style in mocha tests
GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 15:29:25 +00:00
Shane Kilkelly
238e2b2565
Merge pull request #1937 from overleaf/spd-sandboxedmodule-global-console
...
Add 'console' to SandboxedModule globals
GitOrigin-RevId: fad442ca128561a4fa193b929f217cf31ad0f043
2019-07-15 10:44:47 +00:00
Simon Detheridge
757ae39487
Merge pull request #1899 from overleaf/spd-implicit-return-tests
...
Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests
GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 13:58:57 +00:00
Alasdair Smith
0ca81de78c
Merge pull request #1717 from overleaf/as-decaffeinate-backend
...
Decaffeinate backend
GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 09:32:21 +00:00