Commit Graph

335 Commits

Author SHA1 Message Date
562431449b Allow users to remove their password in case they forget it
Closes #23
2021-02-20 20:18:03 +01:00
dbf6128747 Fix AddNameToUsersMigration not calling callbacks 2021-01-26 17:56:57 +01:00
d96de4874a Add IF EXISTS to DropNameFromUsers migration to not fail in new installs 2021-01-25 17:45:11 +01:00
aed825c4d6 FormHelperComponent: don't flash empty previous form data 2021-01-25 17:26:42 +01:00
5caa0be862 FormHelperComponent: add field ID prefix to prevent conflicts
Fixes #20
2021-01-25 17:26:42 +01:00
4745ae4e17 Fix session id not available in websocket listeners
Fixes #21
2021-01-25 16:36:15 +01:00
8b98c8cc59 AddNameToUsersMigration: fix can't work when db already has users 2021-01-25 16:22:51 +01:00
4817563dc1 Make models and components available immediately after their migration 2021-01-25 16:21:24 +01:00
8a25f214ab AuthGuard: always provide a string to pending account mail username 2021-01-25 14:37:50 +01:00
b211845f57 Mail: also debug log data 2021-01-25 14:36:27 +01:00
b9ac4d0f05 AddUsedToMagicLinksMigration: delete all magic links after install 2021-01-25 14:07:20 +01:00
449922490f MagicLinkAuthMethod: do not interrupt auth with used magic links 2021-01-25 14:02:58 +01:00
359485170d UserNameComponent: ensure usage of user.name is optional
Fixes #19
2021-01-25 12:47:18 +01:00
2a184e4ff5 Fix published npm package folder structure 2021-01-25 12:37:41 +01:00
f1a8a4ba07 Express.d.ts: normalize session fields case 2021-01-25 10:53:43 +01:00
e4768141bc Simplify RedirectBackComponent into PreviousUrlComponent
Closes #12
2021-01-24 22:42:20 +01:00
19c8b86ff8 Fix express body parsing middlewares corrupting AsyncLocalStorage
Closes #17
2021-01-24 16:35:33 +01:00
1b8ff1428f Add persist session checkbox on login
Makes session not persistent by default
Closes #11
2021-01-24 16:33:33 +01:00
5897b6bf36 Code cleanup: remove debug log from AccountController 2021-01-24 16:33:14 +01:00
1c71f66150 Clean logs from unwanted info and use \t as a delimiter to align
Closes #6
2021-01-22 16:07:27 +01:00
94cb157520 Remove connect-redis that breaks context with RedisStore 2021-01-22 15:55:06 +01:00
8fab93e709 Use AsyncLocalStorage to provide requestId context 2021-01-22 15:54:26 +01:00
49168b5391 Add account management (email addresses management, password management)
Closes #8
Closes #9
2021-01-22 12:22:11 +01:00
784f2c976c Rename base_url setting to public_url 2021-01-21 17:13:05 +01:00
3e0a25874e Auth: fix middleware applied globally and explicitly log them 2021-01-21 15:45:20 +01:00
2c66c66a39 logging: add status code description for redirections 2021-01-21 15:45:20 +01:00
4db7217876 Controller: add useMiddleware method 2020-12-30 14:10:58 +01:00
87b4facea0 Upgrade dependencies and update to express session new typings 2020-12-04 15:24:22 +01:00
70d80d1f0a AuthMethod: add weight to choose when no method was specified 2020-11-16 11:43:14 +01:00
35129cd4f1 PasswordAuthMethod: simplify bad password throw 2020-11-15 15:50:19 +01:00
f99c62a5d9 Increase login fail per ip throttle limit and jail time 2020-11-15 15:49:40 +01:00
124bc8785f MagicLinkUserNameComponent: allow null username 2020-11-15 15:21:26 +01:00
6a65ec723d AuthController: use Validator system for unknown user on login 2020-11-15 15:18:57 +01:00
6eacfdcffa Throttler: log jail triggers 2020-11-15 15:18:49 +01:00
683fe7262b MagicLinkAuthMethod: do not allow register for already existing email 2020-11-15 14:14:56 +01:00
c08d03c8fb MagicLinkUserNameComponent: fix validator property name for "username" 2020-11-15 14:13:57 +01:00
cecf28502e ModelComponent: fix validators not transferred to attached model 2020-11-15 14:13:35 +01:00
42da8a68bb Validation: respond with http 400 instead of 401 2020-11-15 14:12:45 +01:00
b28e2b75b7 Authentication: Improve registration tests and fix register/login overlap 2020-11-15 12:20:57 +01:00
f8c4906a51 PasswordAuthMethod: fix findUserByIdentifier() 2020-11-14 18:16:05 +01:00
b75b227ca1 Add required username to magic link authentication and fix many errors 2020-11-14 17:24:57 +01:00
acc5233185 Error handling: transform single validation errors into a validation bag 2020-11-14 16:25:18 +01:00
9d50c5cc5f Rename project to swaf 2020-11-12 16:11:16 +01:00
efdd81b650 Auth: refactor to support multiple auth factors and add password factor 2020-11-11 19:30:30 +01:00
1fce157104 logging: prevent full logging of errors for silent logs 2020-11-11 19:29:23 +01:00
24d83c73ad Add basic development environment for testing purposes 2020-11-11 19:29:23 +01:00
b8905ea02b Move Controller.validate to static Validator.validate 2020-11-11 19:29:23 +01:00
bb8b44b5a3 ModelFactory: add hasComponent method 2020-11-11 19:29:23 +01:00
ead3c8ce1e Controller: wrap use() middlewares to handle async 2020-11-11 19:29:23 +01:00
79c2f33000 Deprecate legacy migrations
Fix CreateUsersAndUserEmailsTableMigration


sq
2020-11-11 19:29:23 +01:00
03d9826f93 Migration: remove connection parameter from query() method
Closes #5
2020-11-11 19:29:23 +01:00
f20da06d43 logging: also log ip address 2020-11-11 19:29:23 +01:00
a09e92dd96 logging: make silent errors actually silent 2020-11-04 12:52:07 +01:00
570a831172 Mail: remove usage of non-existent config property 2020-11-04 12:11:30 +01:00
d741517cb9 AuthGuard: add separate before and after registration callbacks 2020-11-04 11:55:34 +01:00
c966536950 NunjucksComponent: fix view loaders using cache when in dev env 2020-11-03 17:46:04 +01:00
7c2572cddc Fix validation errors not being flashed correctly 2020-11-03 11:14:13 +01:00
4d0c714dbd Render emails using NunjucksComponent's environment 2020-11-03 10:29:36 +01:00
cfb7bddca6 DropLegacyLogsTable: fix sql syntax 2020-11-02 19:32:56 +01:00
88e5e19730 Replace custom logging system with tslog 2020-11-02 17:50:12 +01:00
93bff1fdca Nunjucks/globals: fix route() context 2020-10-02 12:13:48 +02:00
595a6d4066 ModelQuery: add create() and fix boolean serialization 2020-10-02 12:08:01 +02:00
00c806aa0a Fix log level output 2020-10-02 11:11:01 +02:00
e37184e5ee Add user model to RequireAuth middlewares 2020-10-01 13:59:19 +02:00
f41a456524 Improve typing precision of CacheProvider.get() 2020-10-01 13:58:50 +02:00
79d704083a Add many eslint rules and fix all linting issues 2020-09-28 14:15:22 +02:00
8210642684 Improve logging configuration structure 2020-09-25 22:19:13 +02:00
b736f5f6cb Improve middleware definition and cleanup code 2020-09-25 22:15:57 +02:00
5dc0bd710a Make nunjucks and static file server compatible with pkg 2020-09-24 22:42:55 +02:00
87aae6bb33 Fix some nunjucks globals not properly set and make getCSRFToken dynamic 2020-09-23 16:11:51 +02:00
47e0756930 Add websocketUrl view local 2020-09-23 12:31:19 +02:00
79d3b51f90 Pass a whole Session to WebSocketListeners 2020-09-23 08:55:35 +02:00
2effaf13eb Add AuthComponent.getAuthGuard() 2020-09-23 08:46:37 +02:00
75c2b72f57 Add Application.getComponent() 2020-09-23 08:46:21 +02:00
dfee2645e1 Express: add custom bind address setting 2020-09-17 21:15:37 +02:00
3a473dd24e Fix error when saving models in transaction when it needs a full update 2020-09-15 15:40:58 +02:00
fec607da20 ModelQuery: add offset parameter to union() 2020-09-11 15:15:15 +02:00
fd6e384a12 Logging: improve legibility of sql queries when verbose mode enabled 2020-09-11 15:14:40 +02:00
15678e0381 Fix relation reducing mistakenly using "in" instead of indexOf >= 0 2020-09-10 19:11:32 +02:00
b12d104c78 ModelRelations: deduplicate recursive relations on populate() 2020-09-08 19:24:05 +02:00
969ab18b96 ModelRelation: sort recursive relations by tree 2020-09-08 19:11:19 +02:00
892b830dc4 Code formatting and cleanup, dependencies upgrade and version 0.22.0-rc.8 2020-09-07 14:38:30 +02:00
2f822aa61c ModelRelation: simplify foreign model constructor parameter 2020-09-07 14:30:11 +02:00
b88f4e1b64 ModelRelation: deduplicate eagerloaded models 2020-09-07 14:02:43 +02:00
0e37014667 ModelQuery: add nested eagerloading 2020-09-07 13:43:02 +02:00
e86356ae74 ModelQuery.union(): fix missing subquery variables 2020-09-06 16:02:53 +02:00
17685a44be Improve field disambiguation to allow raw values when starting with ",',` 2020-09-06 15:44:37 +02:00
c2abb1c87a Model.select(): allow custom select fields 2020-09-06 15:09:58 +02:00
4c482fb148 ModelQuery: add union() 2020-09-06 15:07:11 +02:00
3a4606b328 ModelQuery: allow specifying raw value for sortBy() 2020-09-06 12:25:53 +02:00
b84c2cdff1 Code formatting and cleanup 2020-09-06 10:53:28 +02:00
25f890e082 Remove unnecessary db query to determine whether a model exists in db 2020-09-06 10:45:26 +02:00
f07704c6dc Allow Model classes to override primary key fields 2020-09-06 10:23:32 +02:00
f6b326f802 Move EMAIL_REGEXP to Validator 2020-09-06 10:21:47 +02:00
27bd7400e2 ModelQuery: fix backticks on ORDER BY and remove extra useless spaces 2020-09-05 16:09:52 +02:00
e403dfa863 ModelQuery: fix field disambiguation 2020-09-05 15:51:44 +02:00
9e38b003f9 Model relations: add recursive query and recursive relation 2020-09-05 14:56:19 +02:00
7b739ff056 ModelQueryResult: also return model original data 2020-09-04 22:44:30 +02:00
e29b6369af ModelQuery: add groupWhere and test it 2020-09-04 22:16:20 +02:00
823f5d0d26 ModelQuery: fix count() queries 2020-09-04 18:51:41 +02:00
6a4898cbda ModelRelation: add pagination 2020-09-04 18:01:29 +02:00
1dd22f618c ModelQuery: fix passing missing connection parameter 2020-09-04 15:10:11 +02:00
19aafc76bf mysql queries: wrap field names in "`" to avoid conflict with reserved words
also do not add table name to field in select if it is already present
2020-09-04 15:09:30 +02:00
bffab3a4dc ModelQuery: actually fix fields conflicts for jointures
ref: 68ff977bcc
2020-09-02 16:29:11 +02:00
5a3acf30f4 OneModelRelation: add set(), clear() methods 2020-09-02 14:08:49 +02:00
4b9b62517b ModelRelation: add count(), has() methods 2020-09-02 14:08:35 +02:00
74ffdf8325 Model: add equals method 2020-09-02 14:07:40 +02:00
68ff977bcc ModelQuery: fix model instantiation field conflict for jointures 2020-09-02 11:56:09 +02:00
9db09f83cb Fix ManyThroughModelRelation eagerloading 2020-08-30 18:56:27 +02:00
fae5c68cd0 Auth: always populate req.models.user, thus reducing db requests 2020-08-30 17:31:51 +02:00
28349b791e Fix ModelQuery.count() 2020-08-30 13:31:19 +02:00
649fe41be3 Mysql: set default charset to utf8mb4 on pools 2020-08-30 11:25:26 +02:00
3b94d9beb5 Mysql: set default charset to utf8mb4 2020-08-30 10:36:25 +02:00
3af1f4a4e5 Parse json bodies for application/*+json too 2020-08-28 17:40:04 +02:00
25b1e71784 CSRFProtectionComponent: give more room for excluding requests 2020-08-28 16:52:49 +02:00
813e10c4c7 ModelQuery: fix array of values to string conversion 2020-08-28 15:40:58 +02:00
fed54b9483 Fix access level of Model.autoFill() 2020-08-28 15:40:18 +02:00
5bcc63a62c Models: add automatic created_at property value 2020-08-28 14:16:25 +02:00
f47f01f147 Models: add autoFill method for asynchronous default value load 2020-08-28 14:16:06 +02:00
4ab615c457 Validator: break on first failed step to avoid further errors 2020-08-26 15:02:24 +02:00
66ec3c0b47 Validator: add more information when exception is thrown in verifyStep 2020-08-26 14:56:34 +02:00
b245bec0d0 Lazy load ModelRelation query modifiers 2020-08-26 14:41:40 +02:00
72c4f972a0 Cache model existence to support insert + update in the same transaction 2020-08-26 14:18:02 +02:00
5930a85617 mysql count(): optimize requested fields 2020-08-26 14:05:06 +02:00
38a9c6ad15 user registration: fix late user save for when a user id is needed 2020-08-26 14:03:41 +02:00
84f2f7118a Csrf protection test: migrate to supertest 2020-08-05 12:06:21 +02:00
76811dd0b8 Add more tests for Model 2020-08-05 10:45:13 +02:00
cc884f7096 ModelRelation eagerloading: don't make an SQL query when there is nothing to fetch 2020-07-29 16:17:48 +02:00
8ca4c1a791 Security field validation: disclose missing field name 2020-07-29 16:16:42 +02:00
bdb7e55b00 Fix user approval backend 2020-07-28 15:03:18 +02:00
fb1a09baf8 ModelRelation/getOrFail: don't fail when 0 model where found 2020-07-28 15:02:50 +02:00
37ed42b37d Fix model queries values not matching placeholder count 2020-07-28 15:02:08 +02:00
31f974c0a6 Serve static files extra early to avoid useless middlewares execution 2020-07-28 12:11:41 +02:00
272688da26 Reduce the amount of SQL requests made for authentication 2020-07-28 12:10:29 +02:00
95632f5880 Fix throttler not triggering when maxCount > 1 2020-07-28 11:17:28 +02:00
97b2d3b94c ModelQuery: throw an error when fed with nonexistent relation 2020-07-28 10:33:45 +02:00
df651f2661 Make BackendController helper accept external backend links for its view 2020-07-28 10:04:15 +02:00
3a4755ce98 Give the redirectBack function its own Component back 2020-07-28 10:03:25 +02:00
6b85a538c1 ManyModelRelation: fix eagerloading not working 2020-07-27 10:57:19 +02:00
8746ad2ea3 ModelQuery: fix is null / is not null checks 2020-07-27 10:56:43 +02:00
2bbe4db5fe ModelRelation: add post-query filters 2020-07-27 10:56:10 +02:00
e046a77aa8 ModelFactory: remove loadRelation method (unused) 2020-07-27 10:54:59 +02:00
51addd947b Model: fix getById 2020-07-27 10:54:08 +02:00
5ca1ddef43 Move responsability of table field from ModelFactory to Model (static) 2020-07-27 10:53:46 +02:00
be6e659ca2 ModelFactory: refactor make into create 2020-07-27 10:52:39 +02:00
b179afdaf5 nunjucks: override default dump filter to allow circular dependencies 2020-07-26 11:37:36 +02:00
21b7def9e4 Fix some model refactor usages 2020-07-26 11:37:01 +02:00
a79e2292d7 Greatly simplify authentication system 2020-07-25 10:33:20 +02:00
40181a973b Fix user schema 2020-07-24 16:13:15 +02:00
c0dd48d064 Fix missing fields by default and fix model construction flow 2020-07-24 15:40:40 +02:00