Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth fix #54

Merged
merged 15 commits into from
Mar 7, 2019
Merged

Auth fix #54

merged 15 commits into from
Mar 7, 2019

Conversation

notimmates
Copy link
Contributor

@notimmates notimmates commented Mar 6, 2019
edited
Loading

#51

timakasucces added 14 commits January 16, 2019 14:29
Authorization added
4055f11
Merge branch 'authentication' of https://github.com/codex-team/codex.…
5d63199 
…docs into authentication
added secret to password, md5 hashing, removed promise from verifyTok…
5054d35 
…en, deleted links when not authorized
added dbinsert script
dc7676c
turned verifyToken to middleware, added description for dbinsert, add…
56e60df 
…ed hidden csrf field in auth form
added middlewares, user model and controller
6181231
JSDoc fix
a6dfbe7
wrong password processing fix
a45d875
added comments to dbinsert script, moved salt and passHash to singe d…
119e885 
…b doc
Moved salt to .env, upgradedscript for generating password was, fixed…
8767098 
… comments and JSDoc
Deleted using salt (now user is only one), changed verifying password…
d63323d 
… to bcrypt.compare, added httpyOnly property to jwt cookie
Resolved conflicts and fixed eslint
c853767
Merge branch 'master' of https://github.com/codex-team/codex.docs int…
90c7a2e 
…o authentication
Added verifyToken middleware to aliases route, added check for user e…
ae18f11 
…xistance on POST/auth
gohabereg
gohabereg suggested changes Mar 6, 2019
View reviewed changes
src/app.js Outdated
@@ -17,7 +17,7 @@ app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'twig');
require('./utils/twig');

app.use(logger('dev'));
app.use(logger('dev '));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Почему он все время ставит тут пробел?)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Не знаю

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

У меня даже не индексировался этот файл в git status

src/routes/auth.js Outdated
@@ -28,6 +28,10 @@ router.get('/auth', csrfProtection, function (req, res) {
router.post('/auth', parseForm, csrfProtection, async (req, res) => {
let userDoc = await Users.get();

if (!userDoc) {
throw new Error('Password not set');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

А что будет у пользователя в этот момент?
Лучше возвращать какое-нибудь сообщение

@notimmates notimmates merged commit 717fd3f into master Mar 7, 2019
@talyguryn talyguryn deleted the auth-fix branch March 14, 2019 14:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neSpecc neSpecc neSpecc approved these changes

@gohabereg gohabereg gohabereg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@notimmates @neSpecc @gohabereg