Commit graph

27 commits

Author SHA1 Message Date
Cassie Tarakajian
15ad07d5ce [#1314][#1489] Use collation instead of RegEx
- Add case insensitive indexes for User.email and User.username
- Update user queries by username or email so that they are case
  insensitive
2020-07-14 18:16:17 -04:00
Cassie Tarakajian
ef4a8d7ea1 Use MongoDB Regexes to query case insensitive username/password 2020-04-06 19:01:37 -04:00
Andrew Nicolaou
9f627c1c37 Fixes bug where lastUsedAt timestamp wasn't set when access token used 2019-05-29 12:51:50 -04:00
Vertmo
f0b669d5af Added Basic Auth using passport-http 2019-05-29 12:51:50 -04:00
Cassie Tarakajian
870d9ceded
Fixes #760 (#1046)
* fixes #760

* fixes linting errors
2019-05-01 15:38:11 -04:00
Cassie Tarakajian
c90dac55b7 update eslint and fix linting errors 2018-05-08 19:16:04 -07:00
Madhurjya Pegu
307091ad3c Solving #553 Addition of google oauth 2.0 for easy login (#608)
* google oauth added

* google credentials 

updated .env description for google oauth

* changes done wrt review
2018-04-18 13:38:02 -07:00
Andrew Nicolaou
1dc0c22cb7 Email verification (#369)
* Re-introduce Email Verification code

Revert "Revert "Email verification""
This reverts commit d154d8bff259350523a0f139e844db96c43d2ee1.

* Uses MJML to generate Reset Password email

* Sends Password Reset and Email Confirmation emails using MJML template

* Sends verified status along with user data

* API endpoint for resending email verification confirmation

* Displays verification status on Account page and allows resending

* Send back error string

* Passes email address through to sign/verify helper

* Uses enum-style object to set verified state

* Sends minimal info when user verifies since it can be done without login

* Provides /verify UI and sends confirmation token to API

* Better name for JWT secret token env var

* Adds mail config variables to Readme

* Encrypts email address in JWT

The JWT sent as the token in the Confirm Password URL
can be unencoded by anyone, although it's signature can only
be verified by us. To ensure that no passwords are leaked,
we encrypt the email address before creating the token.

* Removes unused mail templates

* Resets verified flag when email is changed and sends another email

* Moves email confirmation functions next to each other

* Extracts random token generator to helper

* Moves email confirmation actions into Redux

- updates the AccountForm label with a message to check inbox
- show status when verifying email token

* Uses generated token stored in DB for email confirmation

* Sets email confirmation status to verified if logging in from Github

* Sends email using new method on account creation

* Fixes linting errors

* Removes replyTo config
2017-06-26 12:48:28 -04:00
Andrew Nicolaou
7be45ce875 Search for existing user account using Github emails (#337)
* Tries to match user account from list of emails in Github API

Requests the 'user:email' scope from Github which returns the private
emails associated with the user's account.

* Centres GitHub button in layout
2017-04-13 12:04:10 -04:00
Cassie Tarakajian
e87390adb9 update eslint to latest version, fix lots of linting errors (#308)
* update eslint and dependencies, fix linting errors that can be fixed with --fix

* fix lots of linting errors

* update eslintrc, fix some linting errors

* fix all server side linting errors, untested

* fix errors that fixing linting errors had caused

* fix client side eslint errors

* fix client side linting errors

* fix refs lint errors

* fix more linting errors

* update eslint and dependencies, fix linting errors that can be fixed with --fix

* fix lots of linting errors

* update eslintrc, fix some linting errors

* fix all server side linting errors, untested

* fix errors that fixing linting errors had caused

* fix client side eslint errors

* fix client side linting errors

* fix refs lint errors

* fix more linting errors

* fix some accessibility linting errors

* fix a lot of linting errors

* fix a billion more linting errors

* hopefully fix all linting errors, still need to test

* fix bugs that fixing linting had caused
2017-02-22 14:29:35 -05:00
Cassie Tarakajian
311e8442a1 Revert "Email verification" (#265) 2017-01-13 10:35:39 -05:00
Akarshit Wal
2d781e22fb Email verification (#230)
* Making the email separate for future enhancements

* email-verification added

* Github users are verified

* update package

* Bug fixes and improvements

* jade to pug

* Bug fix

* changed route
2017-01-13 10:24:09 -05:00
Akarshit Wal
dee9688ece Use username also to log in (#250)
* Use username also to log in

* Minor changes
2017-01-06 18:14:42 -05:00
catarak
a741e4aaa8 fix passport strategy config, remove github button from signup form 2016-08-31 15:30:37 -04:00
catarak
7a8e77282d add github login and signup 2016-08-31 15:12:18 -04:00
catarak
29571e4764 login with github works if not already registered 2016-08-31 12:57:47 -04:00
catarak
ab576fe737 add github button styling, add backend for login with github 2016-08-31 12:28:06 -04:00
catarak
2bdd682771 fix some minor eslint errors 2016-06-27 13:09:18 -04:00
catarak
e18a5e0941 fix some linting errors 2016-06-24 18:18:22 -04:00
catarak
e20b0545d1 fix login and signup bugs 2016-06-24 18:08:52 -04:00
catarak
3d42da18a8 fix a ton of eslint errors 2016-06-23 18:29:55 -04:00
catarak
d672166b87 add login view 2016-06-20 17:50:45 -04:00
catarak
4908dc1e0b change authentication to cookies 2016-06-20 17:47:47 -04:00
catarak
c496f20699 add dotenv, start to add signup 2016-06-20 17:47:17 -04:00
catarak
1136ac3f16 add a lot of server side libraries, preemptively, still hooking everything up 2016-06-20 17:47:16 -04:00
catarak
1f75b4d390 add dotenv, start to add signup 2016-06-20 17:46:42 -04:00
catarak
47491f63ba add a lot of server side libraries, preemptively, still hooking everything up 2016-06-20 17:44:36 -04:00