2243 Commits (f9b248b87f3e950e819a0a2ad568d88efec18b4a)

Author SHA1 Message Date
Julian Lam d2960aeb09 feat: added GET user route for api v3 4 years ago
Julian Lam 48b8e3bb3f fix: error when trying to trim an object 4 years ago
Barış Soner Uşaklı 9ebfdeb7ee fix: #9580, proper 404 when ajaxifying 4 years ago
Barış Soner Uşaklı 09f5179216 fix: lint 4 years ago
Barış Soner Uşaklı 77dde41f7b feat: keep query string when redirecting category 4 years ago
Barış Soner Uşaklı 3d6bdeb3df feat: add req.query to flags.list/getCount 4 years ago
Julian Lam 1d9cfe1e96 fix: bug where interstitial errors were not properly passed to the front-end via req.flash 4 years ago
Barış Soner Uşaklı 518157d9fa feat: pass req.query to getUserDataByUserSlug 4 years ago
Barış Soner Uşaklı 0551642a35 fix: #9553, use same fields for user search results in acp 4 years ago
Barış Soner Uşaklı ffa8016355 fix: lint 4 years ago
Barış Soner Uşaklı fad5988ed6 fix: tests 4 years ago
Barış Soner Uşaklı 074ee859c4 fix: tests 4 years ago
Barış Soner Uşaklı 1f3e660108 feat: add template to hook 4 years ago
Barış Soner Uşaklı a2442ee914 feat: add filter:account.getPostsFromUserSet 4 years ago
Barış Soner Uşaklı 2ea468daa3 test: clear cache between runs, require middleware later in helpers 4 years ago
gasoved 8faa6e4515
feat: filter flags by username #8489 (#9451)
* feat: filter flags by username #8489

* feat: toggle flag filter text
4 years ago
Julian Lam 1fee6a702a fix: #9487, session data gathered during a session is lost upon login
e.g. returnTo, tids_viewed, etc.
4 years ago
Julian Lam 697ed3bf37 feat: roll session identifier on login, as security best practice
see: https://owasp.org/www-community/attacks/Session_fixation
4 years ago
Julian Lam e845c34b52 fix: registration interstitials not handling promise rejections properly 4 years ago
Barış Soner Uşaklı 4494728cf8 feat: allow different slugs 4 years ago
Barış Soner Uşaklı 036f935fa9
fix: #9473 (#9476) 4 years ago
Julian Lam f65d2162f8 feat: update hook
Hook payload updated to pass login strategy (if overridden, this value will be something other than 'local'), and explicitly pass error if the login failed.
4 years ago
Barış Soner Uşaklı f32ea1737a fix: #9466, don't call leaveRoom in maintenance mode 4 years ago
gasoved 077330b764
feat: scheduled topics (#9399)
* feat: scheduled topics

* refactor: linting fixes

* fix: tests

* fix(test): race condition

* fix: make a single request
4 years ago
Barış Soner Uşaklı 67b09cba5f fix: #9420, paginate after loading notifications 4 years ago
Julian Lam 98b72ca572 fix: allow local (and overridden) login strategies to pass Error objects back 4 years ago
Barış Soner Uşaklı 668508cc37 feat: closes #9380, add category filtering and topic tools to tag page 4 years ago
Julian Lam f71cb0e427 feat: pass interstital errors to individual partials as well as to registerComplete 4 years ago
Julian Lam 678e8f0fde fix: regression where login redirect for admin routes didn't go to local=1 4 years ago
Julian Lam 7da061f0d7
refactor: automatically authenticate all requests setup through route helpers (#9357)
* refactor: automatically authenticate all requests setup through route helpers

* fix: removed connect-ensure-login dependency

* fix: bug with some middlewares not defined outside route helper methods
4 years ago
Barış Soner Uşaklı 3aa26c4df2 fix: #9339, only log email errors once per digest, notification push
show notice in acp
4 years ago
Julian Lam c1b3079d93 feat: category privilege API routes
closes #9342
4 years ago
Julian Lam c8b78654d9 fix: bad assignment 4 years ago
Julian Lam fbe9215b17 fix: #9348 incorrect redirect via connect-ensure-login 4 years ago
Barış Soner Uşaklı a598abcd8e feat: use updateProfile for picture change
so it triggers action:user:updateProfile
4 years ago
Julian Lam f806befd2f fix: bug where loginSeconds setting was ignored for local login 4 years ago
Julian Lam 9bf94ad50f fix: allow interstitial callbacks to be functional (no cb required) 4 years ago
Barış Soner Uşaklı 293b7c2650
refactor: privileges, export modules directly (#9325)
fix unused/commented out methods in admin privileges
4 years ago
Julian Lam 0804d54759 spec: schema docs for new ACP dashboard subpage routes 4 years ago
Julian Lam 2f89b0d791 feat: recent logins sessions table in dashbaord subpage 4 years ago
Julian Lam e1ed514b10 feat: topics dashboard details subpage 4 years ago
Julian Lam cc93822436 feat: show list of recent users in dashboard/users 4 years ago
Julian Lam 6fdcae7320 feat: req.query parsing and dynamically loading data instead 4 years ago
Julian Lam f561799f74 refactor: abstract out some client side dashboard code into modules, analytics subpages for users, topics, and logins 4 years ago
Julian Lam 16d3c45782 feat: report login statistics from analytics data, instead of its own zset 4 years ago
Julian Lam 9a9f366d3b feat: track login sessions for admin dashboard reporting 4 years ago
Julian Lam 020f0b8322 fix: session not persisting to database in some scenarios
In some edge cases (e.g. SSO plugin redirecting the user immediately), with modern browsers, the request is never "completed" for speed. This causes a condition where the session object never persists to the database, even though it has changed. This added line forces a db persist on a successful login.

Context: https://github.com/expressjs/session/pull/484
4 years ago
Julian Lam 504fd107c7 feat: track successful logins in analytics 4 years ago
Julian Lam 955021247e feat(user): icon background selector in change picture modal 4 years ago
Julian Lam 2fef462782 fix: awaiting res.render in send404 controller
>
> A plugin wanted to use `response:rotuer.page` to 404 a specific page on some condition. res.render returns early in send404 and so must be awaited otherwise multiple responses will be sent
4 years ago