FoundKey

Author	SHA1	Message	Date
Chloe Kudryavtsev	ed9d4023d4	backend: add argon2 support All checks were successful ci/woodpecker/push/lint-backend Pipeline was successful Details ci/woodpecker/push/build Pipeline was successful Details ci/woodpecker/push/lint-foundkey-js Pipeline was successful Details ci/woodpecker/push/lint-client Pipeline was successful Details ci/woodpecker/push/lint-sw Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details Passwords will be automatically re-hashed on sign-in. All new password hashes will be argon2 by default. This uses argon2id and is not configurable. In the very unlikely case someone has more specific needs, a fork is recommended. ChangeLog: Added Co-authored-by: Chloe Kudryavtsev <code@toast.bunkerlabs.net> Reviewed-on: #308	2022-12-29 20:13:47 +00:00
Johann150	114d416de0	server: refactor password hashing & comparison to module For easier replacement should the hash algorithm ever be changed.	2022-12-25 19:03:51 +01:00
Johann150	bd68096ea9	server: refactor API error	2022-12-19 21:24:39 +01:00
Johann150	0f3f42eb39	remove rndstr dependency All checks were successful ci/woodpecker/push/lint-foundkey-js Pipeline was successful Details ci/woodpecker/push/build Pipeline was successful Details ci/woodpecker/push/lint-backend Pipeline was successful Details ci/woodpecker/push/lint-client Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details This dependency was unused in the client. The use of it in the server can be replaced entirely by the secureRndstr function, with some slight modifications. That function could probably be refactored a bit more as well.	2022-12-07 18:08:09 +01:00
Johann150	d0c504ec85	server: fix unknown variable in signin endpoint	2022-11-25 19:09:08 +01:00
Johann150	9e2553909e	server: use time constants All checks were successful ci/woodpecker/push/lint-foundkey-js Pipeline was successful Details ci/woodpecker/push/build Pipeline was successful Details ci/woodpecker/push/lint-client Pipeline was successful Details ci/woodpecker/push/lint-backend Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details	2022-11-20 23:15:40 +01:00
Johann150	609312bb82	server: refactor errors in signin endpoint	2022-11-08 20:57:08 +01:00
Johann150	6ce4b3fe2f	fix some lints Some checks failed ci/woodpecker/push/lint-backend Pipeline was successful Details ci/woodpecker/push/build Pipeline was successful Details ci/woodpecker/push/lint-client Pipeline failed Details ci/woodpecker/push/test Pipeline failed Details Many of these were fixed automatically with eslint --fix. Some of them (e.g. adding return types to functions) were done manually.	2022-08-11 00:09:29 +02:00
Johann150	c8f49bae76	fix lint "object-shorthand" Some checks failed ci/woodpecker/push/lint-backend Pipeline was successful Details ci/woodpecker/push/build Pipeline was successful Details ci/woodpecker/push/lint-client Pipeline failed Details ci/woodpecker/push/test Pipeline failed Details	2022-08-03 14:58:24 +02:00
Johann150	37e47a257e	fix lints "import/order" and "import/no-duplicate" Some checks failed ci/woodpecker/push/lint-backend Pipeline was successful Details ci/woodpecker/push/build Pipeline was successful Details ci/woodpecker/push/lint-client Pipeline failed Details ci/woodpecker/push/test Pipeline failed Details Also simplified some import paths by replacing relative with absolute paths.	2022-08-03 14:05:50 +02:00
Johann150	ba0236700d	chore: remove unused imports	2022-07-12 14:41:10 +02:00
MeiMei	c05723ca6a	Fix IP address rate limit (#8758 ) * Fix IP address rate limit * CHANGELOG * Tune getIpHash	2022-05-31 17:44:22 +09:00
Johann150	161659de5c	enhance: replace signin CAPTCHA with rate limit (#8740 ) * enhance: rate limit works without signed in user * fix: make limit key required for limiter As before the fallback limiter key will be set from the endpoint name. * enhance: use limiter for signin * Revert "CAPTCHA求めるのは2fa認証が無効になっているときだけにした" This reverts commit `02a43a310f`. * Revert "feat: make captcha required when signin to improve security" This reverts commit `b21b058005`. * fix undefined reference * fix: better error message * enhance: only handle prefix of IPv6	2022-05-28 12:06:47 +09:00
syuilo	02a43a310f	CAPTCHA求めるのは2fa認証が無効になっているときだけにした 2faのトークンは期限付きだから、CAPTCHA解いてる間に期限切れになる	2022-05-15 16:47:14 +09:00
syuilo	b21b058005	feat: make captcha required when signin to improve security	2022-05-15 12:18:46 +09:00
syuilo	41c2aed7dc	chore: fix lint	2022-04-03 15:33:22 +09:00
syuilo	1c67c26bd8	refactor: migrate to typeorm 3.0 (#8443 ) * wip * wip * wip * Update following.ts * wip * wip * wip * Update resolve-user.ts * maxQueryExecutionTime * wip * wip	2022-03-26 15:34:00 +09:00
syuilo	d071d18dd7	refactor: Use ESM (#8358 ) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip	2022-02-27 11:07:39 +09:00
syuilo	510de87607	refactor: use ajv instead of cafy (#8324 ) * wip * wip * Update abuse-user-reports.ts * Update files.ts * Update list-remote.ts * Update list.ts * Update show-users.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update update.ts * Update search.ts * Update reactions.ts * Update search.ts * wip * wip * wip * wip * Update update.ts * Update relation.ts * Update available.ts * wip * wip * wip * Update packages/backend/src/server/api/define.ts Co-authored-by: Johann150 <johann.galle@protonmail.com> * Update define.ts * Update define.ts * typo * wip * wip * wip * wip * wip * wip * wip * wip * Update update.ts * wip * Update signup.ts * Update call.ts * minimum for limit * type * remove needless annotation * wip * Update signup.ts * wip * wip * fix * Update create.ts Co-authored-by: Johann150 <johann.galle@protonmail.com>	2022-02-19 14:05:32 +09:00
syuilo	c69b72e199	fix lint	2021-12-09 23:58:30 +09:00
syuilo	0e4a111f81	refactoring Resolve #7779	2021-11-12 02:02:25 +09:00

21 commits