Barış Soner Uşaklı
794bf01b21
feat: allow changing default search in
4 years ago
Barış Soner Uşaklı
9de64bf516
fix : #9698 , pass along query params in redirect
4 years ago
Barış Soner Uşaklı
358ad74054
feat: closes #9684 , allow event deletion
...
fix: topic events appearing before necro messages
feat: add move topic event
feat: add ability to delete specific topic events via events.purge
4 years ago
Barış Soner Uşaklı
42dbd40253
refactor: remove unused async
4 years ago
Barış Soner Uşaklı
6b6a7d4b8a
refactor: remove waterfall
4 years ago
Julian Lam
4a521ea218
fix: email update interstitial to not error on empty email field (on new registration)
4 years ago
Julian Lam
70a04bc105
feat: removed registerAndLoginUserCallback local helper, added handling if a bad interstitial doesn't go away nor throw errors
4 years ago
Julian Lam
0e05cbe1f7
feat: show instructional modal after email change request
4 years ago
Julian Lam
324a12b6c3
feat: return back to profile after editing email
4 years ago
Julian Lam
b3c916414b
feat: allow registration interstitial abort to also follow returnTo
4 years ago
Julian Lam
f53fc1ad0b
feat: return generic 404 on invalid confirm code
4 years ago
gasoved
a917210c5b
feat: invites no longer require email
4 years ago
Julian Lam
81611ae1c4
fix(emails): broken test for api/user/email/:email
...
+ fixed broken tests due to unexpected behaviour for email confirmation
4 years ago
Julian Lam
c4e3362bd3
feat(emails): restore ability for admins to edit a user's email address [breaking]
...
The edited user's email will be automatically confirmed
4 years ago
Julian Lam
afd2d8dab1
feat(emails): pass req in to filter:registration.interstitial
4 years ago
Barış Soner Uşaklı
7d115c8ef2
fix(emails): dont allow retrieving user data if showemail is false @julianlam
4 years ago
Julian Lam
69c96dd23c
refactor(emails): more work in update email interstitial, interstitial skipping, email change on confirmation, deprecation of requireEmailConfirmation
4 years ago
Julian Lam
f365bc4600
refactor(emails): interstitial for adding/updating email
4 years ago
Julian Lam
74aaa0a926
feat: show different registration intersitial lead text on new account vs. existing
4 years ago
Julian Lam
7c1d1c777b
refactor(emails): remove email validation on client and server side
4 years ago
Julian Lam
340ccb2498
style: lint fix
4 years ago
Julian Lam
d1959a258b
fix : #9670 return 4xx errors instead of 5xx on flag routes, when unauthenticated or not privileged [breaking]
4 years ago
Julian Lam
cc6cbfcdc4
Flags API ( #9666 )
...
* feat: new routes for flags API
+ flag get
+ flag creation, migration from socket method
+ flag update, migration from socket method
* fixed bug where you could not unassign someone from a flag
* feat: tests for new flags API
added missing files for schema update
* fix: flag tests to use Write API instead of sockets
* feat: flag notes API + tests
* chore: remove debug line
* test: fix breaking test on mongo
4 years ago
Barış Soner Uşaklı
4a56388ec3
feat: store topic tags in topic hash ( #9656 )
...
* feat: store topic tags in topic hash
breaking: remove color info from tags (use css)
* fix: remove unused tag modal
* fix: tag search
4 years ago
Julian Lam
415416d2a7
fix: translate language keys if passed in to formatApiResponse
4 years ago
Julian Lam
7036c3751e
feat: internationalize API error messages
4 years ago
Julian Lam
a54a3ee1ca
fix: return proper API-style response if exception caught by error handler on v3 routes [breaking]
4 years ago
Barış Soner Uşaklı
ff78969c2c
fix: lint
4 years ago
Barış Soner Uşaklı
55d7e55867
fix: tests
4 years ago
Barış Soner Uşaklı
6ed7e937ce
refactor: fix wording
4 years ago
Barış Soner Uşaklı
47c8c69264
fix: keep query string on redirects
4 years ago
gasoved
97c8569a79
fix: hide private user data in api/v3/users/[uid]
4 years ago
Anton Grigoryev
db65360c0d
fix(post-queue): moderatedCids is an array of numbers ( #9631 )
4 years ago
Barış Soner Uşaklı
0d975bc4fb
fix: dont show system tags in whitelist dropdown to regular users
4 years ago
Barış Soner Uşaklı
c92fc19b5c
fix : #9619 , add group chat filter to /notifications
4 years ago
Barış Soner Uşaklı
46a454f194
feat: add bodyClass to 500 page
4 years ago
Julian Lam
f9728aff2c
feat: clear reset tokens on successful login
4 years ago
Barış Soner Uşaklı
8ea58432c9
feat: show ip on acp manage users
...
update url on search
show matching ip when searching by ip
add ip to export csv
4 years ago
Barış Soner Uşaklı
6695927ea9
fix: pagination on acp users search
4 years ago
psychobunny
05cc7ccb60
feat: make undoTimeout configurable, closes #9599
4 years ago
Julian Lam
816856b0c6
feat: introduce boolean res.locals flag to bypass session reroll (used by session-sharing)
...
The session reroll logic is still standard practice, but in some cases, it is not necessary or causes UX issues. An issue opened in session sharing (julianlam/nodebb-plugin-session-sharing#95 ) brought this to attention in that parsing the cookie to log in the user caused a reroll (as expected), but caused the session open on other tabs to be mismatched. If "re-validate" was turned on, it basically meant that it was not possible to use NodeBB with multiple tabs.
Session sharing now sets `reroll` to `false` if re-validate is enabled.
4 years ago
Julian Lam
d2960aeb09
feat: added GET user route for api v3
4 years ago
Julian Lam
48b8e3bb3f
fix: error when trying to trim an object
4 years ago
Barış Soner Uşaklı
9ebfdeb7ee
fix : #9580 , proper 404 when ajaxifying
4 years ago
Barış Soner Uşaklı
09f5179216
fix: lint
4 years ago
Barış Soner Uşaklı
77dde41f7b
feat: keep query string when redirecting category
4 years ago
Barış Soner Uşaklı
3d6bdeb3df
feat: add req.query to flags.list/getCount
4 years ago
Julian Lam
1d9cfe1e96
fix: bug where interstitial errors were not properly passed to the front-end via req.flash
4 years ago
Barış Soner Uşaklı
518157d9fa
feat: pass req.query to getUserDataByUserSlug
4 years ago
Barış Soner Uşaklı
0551642a35
fix : #9553 , use same fields for user search results in acp
4 years ago
Barış Soner Uşaklı
ffa8016355
fix: lint
4 years ago
Barış Soner Uşaklı
fad5988ed6
fix: tests
4 years ago
Barış Soner Uşaklı
074ee859c4
fix: tests
4 years ago
Barış Soner Uşaklı
1f3e660108
feat: add template to hook
4 years ago
Barış Soner Uşaklı
a2442ee914
feat: add filter:account.getPostsFromUserSet
4 years ago
Barış Soner Uşaklı
2ea468daa3
test: clear cache between runs, require middleware later in helpers
4 years ago
gasoved
8faa6e4515
feat: filter flags by username #8489 ( #9451 )
...
* feat: filter flags by username #8489
* feat: toggle flag filter text
4 years ago
Julian Lam
1fee6a702a
fix : #9487 , session data gathered during a session is lost upon login
...
e.g. returnTo, tids_viewed, etc.
4 years ago
Julian Lam
697ed3bf37
feat: roll session identifier on login, as security best practice
...
see: https://owasp.org/www-community/attacks/Session_fixation
4 years ago
Julian Lam
e845c34b52
fix: registration interstitials not handling promise rejections properly
4 years ago
Barış Soner Uşaklı
4494728cf8
feat: allow different slugs
4 years ago
Barış Soner Uşaklı
036f935fa9
fix : #9473 ( #9476 )
4 years ago
Julian Lam
f65d2162f8
feat: update hook
...
Hook payload updated to pass login strategy (if overridden, this value will be something other than 'local'), and explicitly pass error if the login failed.
4 years ago
Barış Soner Uşaklı
f32ea1737a
fix : #9466 , don't call leaveRoom in maintenance mode
4 years ago
gasoved
077330b764
feat: scheduled topics ( #9399 )
...
* feat: scheduled topics
* refactor: linting fixes
* fix: tests
* fix(test): race condition
* fix: make a single request
4 years ago
Barış Soner Uşaklı
67b09cba5f
fix : #9420 , paginate after loading notifications
4 years ago
Julian Lam
98b72ca572
fix: allow local (and overridden) login strategies to pass Error objects back
4 years ago
Barış Soner Uşaklı
668508cc37
feat: closes #9380 , add category filtering and topic tools to tag page
4 years ago
Julian Lam
f71cb0e427
feat: pass interstital errors to individual partials as well as to registerComplete
4 years ago
Julian Lam
678e8f0fde
fix: regression where login redirect for admin routes didn't go to local=1
4 years ago
Julian Lam
7da061f0d7
refactor: automatically authenticate all requests setup through route helpers ( #9357 )
...
* refactor: automatically authenticate all requests setup through route helpers
* fix: removed connect-ensure-login dependency
* fix: bug with some middlewares not defined outside route helper methods
4 years ago
Barış Soner Uşaklı
3aa26c4df2
fix : #9339 , only log email errors once per digest, notification push
...
show notice in acp
4 years ago
Julian Lam
c1b3079d93
feat: category privilege API routes
...
closes #9342
4 years ago
Julian Lam
c8b78654d9
fix: bad assignment
4 years ago
Julian Lam
fbe9215b17
fix : #9348 incorrect redirect via connect-ensure-login
4 years ago
Barış Soner Uşaklı
a598abcd8e
feat: use updateProfile for picture change
...
so it triggers action:user:updateProfile
4 years ago
Julian Lam
f806befd2f
fix: bug where loginSeconds setting was ignored for local login
4 years ago
Julian Lam
9bf94ad50f
fix: allow interstitial callbacks to be functional (no cb required)
4 years ago
Barış Soner Uşaklı
293b7c2650
refactor: privileges, export modules directly ( #9325 )
...
fix unused/commented out methods in admin privileges
4 years ago
Julian Lam
0804d54759
spec: schema docs for new ACP dashboard subpage routes
4 years ago
Julian Lam
2f89b0d791
feat: recent logins sessions table in dashbaord subpage
4 years ago
Julian Lam
e1ed514b10
feat: topics dashboard details subpage
4 years ago
Julian Lam
cc93822436
feat: show list of recent users in dashboard/users
4 years ago
Julian Lam
6fdcae7320
feat: req.query parsing and dynamically loading data instead
4 years ago
Julian Lam
f561799f74
refactor: abstract out some client side dashboard code into modules, analytics subpages for users, topics, and logins
4 years ago
Julian Lam
16d3c45782
feat: report login statistics from analytics data, instead of its own zset
4 years ago
Julian Lam
9a9f366d3b
feat: track login sessions for admin dashboard reporting
4 years ago
Julian Lam
020f0b8322
fix: session not persisting to database in some scenarios
...
In some edge cases (e.g. SSO plugin redirecting the user immediately), with modern browsers, the request is never "completed" for speed. This causes a condition where the session object never persists to the database, even though it has changed. This added line forces a db persist on a successful login.
Context: https://github.com/expressjs/session/pull/484
4 years ago
Julian Lam
504fd107c7
feat: track successful logins in analytics
4 years ago
Julian Lam
955021247e
feat(user): icon background selector in change picture modal
4 years ago
Julian Lam
2fef462782
fix: awaiting res.render in send404 controller
...
>
> A plugin wanted to use `response:rotuer.page` to 404 a specific page on some condition. res.render returns early in send404 and so must be awaited otherwise multiple responses will be sent
4 years ago
Barış Soner Uşaklı
9ce6f8ad93
feat: add tag filter to getSortedTopics
4 years ago
Julian Lam
7223074f1d
feat: ability to re-order topic thumbnails
4 years ago
Julian Lam
3e6640efb2
refactor: thumbs.associate accepts both relative path and url in path arg
4 years ago
Julian Lam
36f2021186
refactor: move post queue retrival code to posts.getQueuedPosts
4 years ago
Julian Lam
cc275e1016
Revert "feat: newsletter opt-in/out in UCP, closes #21"
...
This reverts commit 3c7cd9a6c4
.
4 years ago
Julian Lam
3c7cd9a6c4
feat: newsletter opt-in/out in UCP, closes #21
4 years ago
Barış Soner Uşaklı
b6493f896f
fix: tests, only generate csrf_token on 404 gets
4 years ago
Barış Soner Uşaklı
94f72d6093
fix : #9287 , generate csrf_token on 404
4 years ago
Peter Jaszkowiak
cc9d6fd08b
chore: eslint max-len
4 years ago