Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-02-19 13:07:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,042 Commits 73 Branches 490 Tags
8faa6e4515bd73fae5ccc85715d726c2383664cf
Commit Graph

2228 Commits

Author SHA1 Message Date
gasoved
8faa6e4515 feat: filter flags by username #8489 (#9451) 
* feat: filter flags by username #8489

* feat: toggle flag filter text
 2021-04-14 16:50:30 -04:00
Julian Lam
1fee6a702a fix: #9487, session data gathered during a session is lost upon login 
e.g. returnTo, tids_viewed, etc.
 2021-04-14 16:42:27 -04:00
Julian Lam
697ed3bf37 feat: roll session identifier on login, as security best practice 
see: https://owasp.org/www-community/attacks/Session_fixation
 2021-04-13 21:32:48 -04:00
Julian Lam
e845c34b52 fix: registration interstitials not handling promise rejections properly 2021-04-13 21:32:48 -04:00
Barış Soner Uşaklı
4494728cf8 feat: allow different slugs 2021-04-12 17:12:26 -04:00
Barış Soner Uşaklı
036f935fa9 fix: #9473 (#9476) 2021-04-08 13:02:40 -04:00
Julian Lam
f65d2162f8 feat: update hook 
Hook payload updated to pass login strategy (if overridden, this value will be something other than 'local'), and explicitly pass error if the login failed.
 2021-04-07 14:21:51 -04:00
Barış Soner Uşaklı
f32ea1737a fix: #9466, don't call leaveRoom in maintenance mode 2021-04-07 14:10:15 -04:00
gasoved
077330b764 feat: scheduled topics (#9399) 
* feat: scheduled topics

* refactor: linting fixes

* fix: tests

* fix(test): race condition

* fix: make a single request
 2021-03-24 14:28:02 -04:00
Barış Soner Uşaklı
67b09cba5f fix: #9420, paginate after loading notifications 2021-03-24 12:41:37 -04:00
Julian Lam
98b72ca572 fix: allow local (and overridden) login strategies to pass Error objects back 2021-03-17 12:10:57 -04:00
Barış Soner Uşaklı
668508cc37 feat: closes #9380, add category filtering and topic tools to tag page 2021-03-13 13:34:49 -05:00
Julian Lam
f71cb0e427 feat: pass interstital errors to individual partials as well as to registerComplete 2021-03-11 11:22:32 -05:00
Julian Lam
678e8f0fde fix: regression where login redirect for admin routes didn't go to local=1 2021-03-09 20:50:01 -05:00
Julian Lam
7da061f0d7 refactor: automatically authenticate all requests setup through route helpers (#9357) 
* refactor: automatically authenticate all requests setup through route helpers

* fix: removed connect-ensure-login dependency

* fix: bug with some middlewares not defined outside route helper methods
 2021-03-08 14:03:22 -05:00
Barış Soner Uşaklı
3aa26c4df2 fix: #9339, only log email errors once per digest, notification push 
show notice in acp
 2021-03-05 19:03:16 -05:00
Julian Lam
c1b3079d93 feat: category privilege API routes 
closes #9342
 2021-03-04 12:46:31 -05:00
Julian Lam
c8b78654d9 fix: bad assignment 2021-03-04 10:58:27 -05:00
Julian Lam
fbe9215b17 fix: #9348 incorrect redirect via connect-ensure-login 2021-03-04 10:16:21 -05:00
Barış Soner Uşaklı
a598abcd8e feat: use updateProfile for picture change 
so it triggers action:user:updateProfile
 2021-03-03 17:11:13 -05:00
Julian Lam
f806befd2f fix: bug where loginSeconds setting was ignored for local login 2021-03-03 16:06:58 -05:00
Julian Lam
9bf94ad50f fix: allow interstitial callbacks to be functional (no cb required) 2021-02-26 09:58:54 -05:00
Barış Soner Uşaklı
293b7c2650 refactor: privileges, export modules directly (#9325) 
fix unused/commented out methods in admin privileges
 2021-02-24 18:10:34 -05:00
Julian Lam
0804d54759 spec: schema docs for new ACP dashboard subpage routes 2021-02-24 12:51:20 -05:00
Julian Lam
2f89b0d791 feat: recent logins sessions table in dashbaord subpage 2021-02-24 12:51:20 -05:00
Julian Lam
e1ed514b10 feat: topics dashboard details subpage 2021-02-24 12:51:20 -05:00
Julian Lam
cc93822436 feat: show list of recent users in dashboard/users 2021-02-24 12:51:20 -05:00
Julian Lam
6fdcae7320 feat: req.query parsing and dynamically loading data instead 2021-02-24 12:51:20 -05:00
Julian Lam
f561799f74 refactor: abstract out some client side dashboard code into modules, analytics subpages for users, topics, and logins 2021-02-24 12:51:20 -05:00
Julian Lam
16d3c45782 feat: report login statistics from analytics data, instead of its own zset 2021-02-22 13:23:25 -05:00
Julian Lam
9a9f366d3b feat: track login sessions for admin dashboard reporting 2021-02-22 11:38:26 -05:00
Julian Lam
020f0b8322 fix: session not persisting to database in some scenarios 
In some edge cases (e.g. SSO plugin redirecting the user immediately), with modern browsers, the request is never "completed" for speed. This causes a condition where the session object never persists to the database, even though it has changed. This added line forces a db persist on a successful login.

Context: https://github.com/expressjs/session/pull/484
 2021-02-22 11:18:30 -05:00
Julian Lam
504fd107c7 feat: track successful logins in analytics 2021-02-22 11:16:43 -05:00
Julian Lam
955021247e feat(user): icon background selector in change picture modal 2021-02-19 11:38:48 -05:00
Julian Lam
2fef462782 fix: awaiting res.render in send404 controller 
>
> A plugin wanted to use `response:rotuer.page` to 404 a specific page on some condition. res.render returns early in send404 and so must be awaited otherwise multiple responses will be sent
 2021-02-17 11:57:12 -05:00
Barış Soner Uşaklı
9ce6f8ad93 feat: add tag filter to getSortedTopics 2021-02-16 23:12:10 -05:00
Julian Lam
7223074f1d feat: ability to re-order topic thumbnails 2021-02-16 11:54:09 -05:00
Julian Lam
3e6640efb2 refactor: thumbs.associate accepts both relative path and url in path arg 2021-02-12 17:11:32 -05:00
Julian Lam
36f2021186 refactor: move post queue retrival code to posts.getQueuedPosts 2021-02-12 12:25:27 -05:00
Julian Lam
cc275e1016 Revert "feat: newsletter opt-in/out in UCP, closes #21" 
This reverts commit 3c7cd9a6c4.
 2021-02-12 10:12:38 -05:00
Julian Lam
3c7cd9a6c4 feat: newsletter opt-in/out in UCP, closes #21 2021-02-12 10:11:08 -05:00
Barış Soner Uşaklı
b6493f896f fix: tests, only generate csrf_token on 404 gets 2021-02-09 12:40:29 -05:00
Barış Soner Uşaklı
94f72d6093 fix: #9287, generate csrf_token on 404 2021-02-09 12:23:55 -05:00
Peter Jaszkowiak
cc9d6fd08b chore: eslint max-len 2021-02-08 18:06:44 -05:00
Peter Jaszkowiak
23f212a4c0 chore: eslint prefer-destructuring 2021-02-08 18:06:44 -05:00
Peter Jaszkowiak
8d1462ffd8 chore: eslint object-curly-newline 2021-02-08 18:06:44 -05:00
Peter Jaszkowiak
62869bae3d chore: eslint function-paren-newline 2021-02-08 18:06:44 -05:00
Peter Jaszkowiak
dab3b23575 chore: eslint no-var, vars-on-top 2021-02-08 18:06:44 -05:00
Peter Jaszkowiak
b56d9e12b5 chore: eslint prefer-arrow-callback 2021-02-08 18:06:44 -05:00
Peter Jaszkowiak
707b55b6a5 chore: eslint prefer-template 2021-02-08 18:06:44 -05:00