Maciej Ziarkowski
e2e37d88b8
Set max pass length to 128
...
OWASP Authentication cheatsheet says 128 is typical max password length
It suggests to not set it too low to let users use complex passwords
2019-09-18 15:17:22 +01:00
Tom Russell
a022d90e59
Merge branch 'develop' into feature/view_edit_refactor
2019-09-17 21:25:50 +01:00
Maciej Ziarkowski
9fd690c1ac
Update cache invalidation mechanism
2019-09-17 18:12:18 +01:00
Maciej Ziarkowski
ef4d46e36b
Add asyncController
2019-09-17 18:05:05 +01:00
Maciej Ziarkowski
31efae3885
Add username and password validation
2019-09-11 16:28:05 +01:00
Maciej Ziarkowski
d14c4ce671
Prevent logging passwords in failed login attempts
2019-09-10 15:38:01 +01:00
Maciej Ziarkowski
0f30573180
Add comments to non-obvious code
2019-09-09 15:17:44 +01:00
Maciej Ziarkowski
7491d2aa1c
Unify imports/export
2019-09-09 15:17:24 +01:00
Tom Russell
1c1e8df704
Merge pull request #402 from mz8i/feature/61-forgotten-password
...
Introduce env variable for webapp origin
2019-08-30 13:59:38 +01:00
Maciej Ziarkowski
6733d02876
Add data extract controllers and routes
2019-08-29 17:54:08 +01:00
Maciej Ziarkowski
1008c09905
Add data extract service
2019-08-29 17:53:48 +01:00
Maciej Ziarkowski
9e62d4c114
Move asyncController calls to controller files
2019-08-29 17:52:30 +01:00
Tom Russell
b76eb35ade
Drop user routes from api.ts
2019-08-23 17:38:22 +01:00
Tom Russell
a35289d9b8
Merge branch 'master' into feature/63-delete-account-frontend
2019-08-23 12:42:03 +01:00
Maciej Ziarkowski
7cc358dcb7
Introduce env variable for webapp origin
2019-08-22 15:56:04 +01:00
Maciej Ziarkowski
6d4c514c00
Remove always failing error commited accidentally
2019-08-22 10:29:40 +01:00
Maciej Ziarkowski
2622269f77
Add global error handler
2019-08-21 14:47:44 +01:00
Maciej Ziarkowski
4d27c3b889
Add controller and route for password reset
2019-08-21 14:47:23 +01:00
Maciej Ziarkowski
fc2666364d
Add backend services for password reset
2019-08-21 14:46:14 +01:00
Maciej Ziarkowski
4259778224
Add email service and config template
2019-08-21 14:42:27 +01:00
Maciej Ziarkowski
54bd565cc8
Split /users into routes/controller/service
2019-08-19 14:31:35 +01:00
Maciej Ziarkowski
90da2a1522
Add user delete API endpoint
...
The deleted user username will be changed to 'deleted_'
plus the 13 initial characters of the standard format user_id.
Email, hashed password and API key are all cleared for the user.
The endpoint is currently only available through /api/users/me
and only allows a logged-in user to delete their own account.
2019-08-16 11:12:18 +01:00
mz8i
b5b72e7152
Switch from express app to router in API
...
Co-Authored-By: Tom Russell <tomalrussell@gmail.com>
2019-08-16 10:57:15 +01:00
Maciej Ziarkowski
185a94b5cb
Add user delete API endpoint
...
The deleted user username will be changed to 'deleted_'
plus the 13 initial characters of the standard format user_id.
Email, hashed password and API key are all cleared for the user.
The endpoint is currently only available through /api/users/me
and only allows a logged-in user to delete their own account.
2019-08-15 16:12:01 +01:00
Maciej Ziarkowski
be564dccea
Add JSON API 404 handler
2019-08-14 14:13:14 +01:00
Maciej Ziarkowski
2c9b5ea3d8
Modify routes, refactor API structure
2019-08-14 14:05:49 +01:00
Maciej Ziarkowski
a2394ef962
Move JSON API into its own directory
2019-08-14 10:54:13 +01:00
Maciej Ziarkowski
4421930942
Squash TypeScript errors and fix bugs
...
Most errors highglighted by TS were due to a lack of type definitions
and were ignored by settings types to `any`.
Some minor bugs were resolved where the fix was obvious.
TODO marks left where `any` needs to be later removed or bugfix verified
2019-08-09 18:49:43 +01:00
Tom Russell
39be3507a2
Include edit history in building data from API
2019-06-07 14:01:48 +01:00
Tom Russell
1ad7e1de4d
Fix transaction mode for likes
2019-05-27 21:28:19 +01:00
Tom Russell
f6e933ff8f
Lint empty lines
2019-05-27 18:33:36 +01:00
Tom Russell
9b96872922
Lint prop-types, camelCase
2019-05-27 18:26:29 +01:00
Tom Russell
aef53a0ae0
Lint multi-spaces
2019-05-27 16:46:54 +01:00
Tom Russell
907afa29f0
Lint single quotes
2019-05-27 16:31:48 +01:00
Tom Russell
4362c9c947
Rewrite cache to allow expiry, use promises
...
- tileserver changes use of cache (slightly simplified from callbacks)
- cache methods return promises
- add 'remove' method to cache, with remove_all_at_bbox helper
- from api/building.js, call remove after successful db updates
2019-04-27 15:56:16 +01:00
Martin-dJ
29f3bff0d5
Revised fix for issue #216 Reduce log noise (my previous attempt was incorrect). Switched to db.oneOrNone
2019-03-14 17:02:26 +00:00
Martin-dJ
c83f2bc0c2
Attempt to fix issue #216-Reduce log noise
2019-03-14 12:32:49 +00:00
Tom Russell
2d8b62fb84
Lint spacing
2019-02-24 19:28:11 +00:00
Tom Russell
961441c5c0
Move api/tiles modules to subfolders
2019-02-24 12:17:59 +00:00