mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
3288f87dbe
* [web] set-password: reject same as current password * [web] Add 'peek' operation on tokens This allows us to improve the UX of the reset-password form, by not invalidating the token in the case where the new password will be rejected by validation logic. We give up to three attempts before invalidating the token. * [web] Add hide-on-error feature to async forms This allows us to hide the form elements when certain named error conditions occur. * [web] reset-password: handle same-password rejection We also change the implementation to use the new peekValueFromToken API, and to expire the token explicitely after it has been used to set the new password. * [web] Validate OneTimeToken when loading password reset form * [web] Rate limit GET: /user/password/set Now that we are peeking at OneTimeToken when accessing this page, we add rate to the GET request, matching that of the POST request. * [web] Tidy up pug layout and mongo query for token peeking Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com> GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a |
||
|---|---|---|
| .. | ||
| algolia-search | ||
| bookmarkable-tab | ||
| chat | ||
| clone-project-modal | ||
| contact-form | ||
| cookie-banner | ||
| dictionary | ||
| editor-navigation-toolbar | ||
| event-tracking | ||
| fallback-image | ||
| faq-search | ||
| file-tree | ||
| file-view | ||
| form-helpers | ||
| hotkeys-modal | ||
| link-helpers | ||
| mathjax | ||
| multi-submit | ||
| outline | ||
| pdf-preview | ||
| plans | ||
| preview | ||
| project-list | ||
| settings | ||
| share-project-modal | ||
| source-editor | ||
| utils | ||
| word-count-modal | ||