hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
20,788 Commits
2 Branches
0 Tags
84 MiB
isekai-main
v1.18.x
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd227fe9fb6'
${ noResults }
Commit Graph

911 Commits (d227fe9fb6d5a101202cf2e2f09b74a706db58f9)

Author SHA1 Message Date
Julian Lam 512f6de6de
feat: allow passwords with length > 73 characters (#8818) 
* feat: allow passwords longer than 73 characters

Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.

https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords

* feat: add additional test for passwords > 73 chars

* fix: remove 'password-too-long' error message and all invocations

* test: added test to show that a super long password won't bring down NodeBB

* fix: remove debug log

* Revert "fix: remove 'password-too-long' error message and all invocations"

This reverts commit 1e312bf7ef7e119fa0f1bd3517d756ca013d5e79.

* fix: added back password length checks, but at 512 chars

As processing a large string still uses a lot of memory
 5 years ago
Barış Soner Uşaklı 4818ec377e fix: missing await 5 years ago
Barış Soner Uşaklı a02ae6f5df refactor: simpler check in user.blocks.filter 5 years ago
Julian Lam a6a52430ce fix: remove setCategorySort and setTopicSort 5 years ago
Julian Lam aa8faf58a0 refactor: remove /users/{uid}/settings/{setting} route 
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
 5 years ago
Barış Soner Uşaklı a05905f196
performance improvements (#8795) 
* perf: nconf/winston/render

cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests

* fix: copy paste fail

* refactor: style and fire hook only log in dev mode

* fix: cache key, header changes based on template

* perf: change replace

* fix: add missing await

* perf: category

* perf: lodash clone

* perf: remove escapeRegexChars
 5 years ago
Barış Soner Uşaklı db63f5e3f0 fix: #8781 5 years ago
Barış Soner Uşaklı 43afe7ffab refactor: async/await src/user/approval 5 years ago
Barış Soner Uşaklı 872bacf1c4
Admin/users (#8762) 
* feat: wip admin/users

* feat: more work

* feat: more fixes

* feat: #8662, verified/unverified user groups

* feat: add filter

* feat: change user search to use filters array

* refactor: remove unused search call

* fix: tests

* fix: cant join system groups

* fix: upgrade script
 5 years ago
Julian Lam 30b3fedca4 fix: password reset to invalidate all existing reset tokens for that uid 5 years ago
Barış Soner Uşaklı 1ee9384875 fix: #8757, allow all slashes in category route 5 years ago
Barış Soner Uşaklı dc29f4dca2 refactor: switch to using slugify module 5 years ago
cryptoethic b3ed26ac2c
feat: revoke user sessions above threshold (#8731) 
* feat: revoke user sessions above threshold

* fix: removed translations from en-US

* fix: defined default maxUserSessions in install\data\defaults.json
 5 years ago
Julian Lam a5af2dc819 feat: added PUT/DELETE /api/v1/users/:uid/ban routes 5 years ago
Barış Soner Uşaklı e60357d20d
feat: #6594, add top/popular sections to digest email (#8709) 5 years ago
Timothy Fike f85fe7faff
don't invite an already invited email (#8688) 
* don't invite an already invited email

* add email-invited translation string
 5 years ago
psychobunny b6f2f0e5d0 fix: #8681 change owner modal's search should check if user is banned 5 years ago
Barış Soner Uşaklı ac43cd8b6f fix: #8665, trim email before checking validity 5 years ago
Julian Lam 29b357bc66 refactor: expose new method for appending moderation note 5 years ago
Barış Soner Uşaklı 38d3982bf1 fix: #8418 
allow updating other profile fields when username isnt being changed
 5 years ago
Barış Soner Uşaklı 4be693f2e7
feat: fullname search (#8641) 
* feat: fullname search

* fix: take last element

* fix: attempt to fix psql like query

* feat: upgrade sript, another fix attempt

* fix: psql test

* fix: psql scan

* feat: add debug for test

* feat: test collate

* feat: cleanup

* fix: upgrade script
 5 years ago
Barış Soner Uşaklı 5f10d67db5
Remove sounds (#8617) 
* feat: remove sounds

* feat: remove more sounds

* feat: disable sounds plugin

* fix: openapi
 5 years ago
Barış Soner Uşaklı 54b497258f feat: add missing name to profile image upload 5 years ago
Barış Soner Uşaklı a263897627 fix: #8604 5 years ago
Barış Soner Uşaklı 9f9164a9be fix: #8582 5 years ago
Barış Soner Uşaklı 846b7d2430 refactor: change pwd change logic 
add one more test
 5 years ago
Julian Lam 16cee1b03b fix: improper targetUid check during password change 5 years ago
Barış Soner Uşaklı dfabd0a3fe feat: remove administrator property from public routes 5 years ago
Barış Soner Uşaklı f89ec20574 feat: allow passing groupName to user.search 5 years ago
Barış Soner Uşaklı 8bd63f61e0 feat: resolve flag on delete/purge/ban/delete account 5 years ago
Barış Soner Uşaklı 57135761ca fix: move check inside lock 5 years ago
Barış Soner Uşaklı ce6b20c4b7 feat: remove topics.async.getTopicData usage 5 years ago
Barış Soner Uşaklı 72c60d19c2 fix: tests 5 years ago
Barış Soner Uşaklı 2a5f8ab27e feat: dont load all subscribers at once 
increase batch to 500
 5 years ago
Barış Soner Uşaklı 3dcf538773 feat: #8023, allow wildcard search for uid/email 5 years ago
Barış Soner Uşaklı e95cd28f6f
Zscan (#8458) 
* feat: zscan

* fix: mongodb tests

* feat: scan, ip search starts with
 5 years ago
Barış Soner Uşaklı 59a2ace6f7 fix: only add blocksCount for self and admins 5 years ago
Barış Soner Uşaklı bd228d5ee7 feat: fix blocksCount not being returned on user profile 
add hook action:user.blocks.toggle
 5 years ago
Barış Soner Uşaklı e53a18f219 fix: #8437, #8433 5 years ago
Barış Soner Uşaklı 8383992dcc feat: move export functions into child processes 5 years ago
Barış Soner Uşaklı 48b41debe6
fix: vulnerability in cover and admin uploads (#8419) 
* fix: vulnerability in cover and admin uploads

* fix: remove old test

* fix: update tests
 5 years ago
Barış Soner Uşaklı e80379dc0e feat: display stack trace on winston.error 5 years ago
Barış Soner Uşaklı 79a7f89235 Merge branch 'master' of https://github.com/NodeBB/NodeBB 5 years ago
Barış Soner Uşaklı 2bcf7f72d2 fix: follower count going out of sync with real follower count 5 years ago
Barış Soner Uşaklı bef37e27cb
fix: test lock for user create (#8415) 
* fix: test lock for user create

* fix: redis hdel with undefined

* feat: add test for undefined key in deleteObjectFields
 5 years ago
Barış Soner Uşaklı f0526bff9f fix: add mising timestamp 5 years ago
Barış Soner Uşaklı a680a95e73 feat: add filter:user.getFields to match topic/posts 5 years ago
Barış Soner Uşaklı 18d892398f fix: add timestamp to initial username history 5 years ago
Julian Lam 67aca822e6 feat: account content deletion, closes #8381 5 years ago
Barış Soner Uşaklı 5a2b515431 feat: #8349, remove user posts from queue if user is deleted 5 years ago