* test: failing test for issue
* fix: #9593, don't lock if email is identical to username
* fix: lock calls after first call
* fix: add back email check
* test: remove invalid test
Co-authored-by: Julian Lam <julian@nodebb.org>
* feat: allow passwords longer than 73 characters
Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.
https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords
* feat: add additional test for passwords > 73 chars
* fix: remove 'password-too-long' error message and all invocations
* test: added test to show that a super long password won't bring down NodeBB
* fix: remove debug log
* Revert "fix: remove 'password-too-long' error message and all invocations"
This reverts commit 1e312bf7ef.
* fix: added back password length checks, but at 512 chars
As processing a large string still uses a lot of memory
* feat: wip admin/users
* feat: more work
* feat: more fixes
* feat: #8662, verified/unverified user groups
* feat: add filter
* feat: change user search to use filters array
* refactor: remove unused search call
* fix: tests
* fix: cant join system groups
* fix: upgrade script
* feat: fullname search
* fix: take last element
* fix: attempt to fix psql like query
* feat: upgrade sript, another fix attempt
* fix: psql test
* fix: psql scan
* feat: add debug for test
* feat: test collate
* feat: cleanup
* fix: upgrade script
* Store config fields as JSON in the db
Fewer parseInts
* Remove unnecessary parseInts
* remove some dupe code add tests
* remove console.log
* remove more parseInts
* WIP: read meta.configs defaults from defaults.json
remove more parseInts
* more work
* add log for failing test
* update admin pwd
* fix tests, dont require posts/cache before configs are initialized
* handle saves
* Test boolean conditions
* remove more parseInts
* Fix boolean values
* remove lots more parseInts
* removed json parsing
* renamed var to number
* categories dont have timestamp
