Commit Graph

245 Commits

Author SHA1 Message Date
KernelDeimos
5a76bad28d fix: reduce token lengths 2024-04-29 21:46:02 -04:00
KernelDeimos
c1e4eeec32 Add TokenService and test utility 2024-04-29 21:11:31 -04:00
KernelDeimos
04432df554 feat: improve password recovery experience 2024-04-29 19:26:29 -04:00
KernelDeimos
c44028f413 refactor: normalize email calls 2024-04-29 17:34:24 -04:00
Nariman Jelveh
42d85abfc2 Update WebServerService.js 2024-04-27 19:10:10 -07:00
Nariman Jelveh
fd4e2f59dc Update WebServerService.js 2024-04-27 19:03:48 -07:00
Nariman Jelveh
053728a03f Validate the Host header before responding to requests 2024-04-27 18:52:01 -07:00
KernelDeimos
d7d6ff0cca Rate limit updates 2024-04-26 21:02:01 -04:00
KernelDeimos
79d6f64451 Notify old email when email change is initiated 2024-04-26 21:02:01 -04:00
Eric Dubé
2ee00ca8e6
Revert "fix(security): Prevent email enumeration" (#351) 2024-04-26 18:22:14 -04:00
KernelDeimos
ecec8bf75d Use pread for signup page 2024-04-25 19:44:06 -04:00
KernelDeimos
736ebb6f28 Improve server health service 2024-04-25 19:39:18 -04:00
Nariman Jelveh
928dd90f61
Merge pull request #346 from youngsiiimba/main
fix(security): Prevent email enumeration
2024-04-25 14:59:56 -07:00
KernelDeimos
eb166a67a9 fix(security): Fix session revocation 2024-04-25 16:19:46 -04:00
Nariman Jelveh
c4b2d9861f Clean up some of the unnecessary console warnings 2024-04-25 13:11:11 -07:00
Simba Chawanda
ed70314686 fix(security): Prevent email enumeration 2024-04-25 09:27:37 +02:00
KernelDeimos
7800ef6102 fix(security): skip cache when checking old passwd 2024-04-24 22:28:27 -04:00
KernelDeimos
74e9270d58 Fix 2024-04-24 16:16:31 -04:00
KernelDeimos
b2e72adba9 Add ratelimit for /confirm-email 2024-04-24 16:12:09 -04:00
KernelDeimos
1eac147918 Add ratelimit for /contactUs 2024-04-24 16:09:04 -04:00
Sam Atkins
dc5b010d09 feat: Allow querying puter-apps driver by partial app names 2024-04-24 15:08:54 +01:00
Sam Atkins
a854a0dc0a feat: Implement 'Like' predicate in entity storage
This acts like the SQL 'LIKE' keyword, allowing partial string matches.
2024-04-24 15:08:54 +01:00
KernelDeimos
44aac16991 Add ip rate limiting 2024-04-23 19:13:37 -04:00
KernelDeimos
65a73b5b45 Rename workspace modules to avoid confusion 2024-04-23 04:06:15 -04:00
KernelDeimos
74e213a534 fix(security): always use application/octet-stream 2024-04-22 23:54:03 -04:00
KernelDeimos
f9d561d40b docs: document purpose of scary-looking token 2024-04-22 23:48:45 -04:00
KernelDeimos
c166560ff4 feat: add /healthcheck endpoint 2024-04-22 22:02:40 -04:00
Eric Dubé
331d9e7542
feat: allow apps to add a menubar via puter.js
* Begin work on menubar and dropdowns

* Improve menubar

* Fix pointer event behavior

* Fix labels

* Fix active button

* Eliminate flicker

* Update _default.js

---------

Co-authored-by: Nariman Jelveh <n.jelveh@gmail.com>
2024-04-22 20:38:16 -04:00
Nariman Jelveh
3cba4cab1e Disable iframing of the main domain using meta tags as well 2024-04-22 14:14:20 -07:00
Nariman Jelveh
ef35a04c4a Disable iframing of the main domain 2024-04-22 14:09:32 -07:00
KernelDeimos
eee5c9e48b Cleanup 2024-04-22 16:29:12 -04:00
KernelDeimos
2f5780d1d1 Cleanup 2024-04-22 16:28:22 -04:00
KernelDeimos
a741bd5419 Make errors in /batch more preemptive 2024-04-22 04:35:01 -04:00
KernelDeimos
4d2d4a7ca3 Fix 86888h53w 2024-04-21 22:06:36 -04:00
KernelDeimos
5c1e6ab16b Fix false-positive password recovery response 2024-04-21 18:28:58 -04:00
KernelDeimos
b2f5cc11b5 Fix dbrr reference 2024-04-21 17:10:18 -04:00
KernelDeimos
58b83c27f2 Remove large log 2024-04-20 07:23:32 -04:00
KernelDeimos
0e9e8d41d9 Fix authorizer not defined 2024-04-19 17:12:15 -04:00
Eric Lighthall
4783e3eae4 Optimize console redraw by tracking widget changes
Instead of redrawing the widget area every 2 seconds, only auto redraw when the widget area has changed, reducing unecessary redraw operations.
2024-04-19 00:48:36 -07:00
KernelDeimos
0361ceba6c Normalize session objects to have both user_uid and user_id 2024-04-17 23:22:10 -04:00
KernelDeimos
4ecc7372f9 Fix issue with use_bundled_gui flag 2024-04-17 22:59:22 -04:00
KernelDeimos
dbcd627815 Apply various small fixes 2024-04-17 20:57:59 -04:00
Nariman Jelveh
6061c81c36 Update get-launch-apps.js 2024-04-17 17:58:11 -07:00
KernelDeimos
f0d3346ca7 Update session.last_touch always 2024-04-17 13:03:32 -04:00
KernelDeimos
e8ca6376be Avoid logging sensitive query params 2024-04-17 12:51:30 -04:00
KernelDeimos
c48c134869 Remove verbose log 2024-04-17 12:42:12 -04:00
KernelDeimos
49e334521d Update timers 2024-04-17 12:41:43 -04:00
KernelDeimos
7e0c6c6470 Fix last_activity_ts 2024-04-16 19:30:30 -04:00
KernelDeimos
19c49db538 Improve sessions 2024-04-16 18:57:02 -04:00
KernelDeimos
653898b463 Report proper error when an operation is invalid 2024-04-15 22:27:03 -04:00
Eric Dubé
e4f2c4a28b
Merge pull request #280 from vineeth-vk11/#206
fixing on conflict issue in sqlite kv write
2024-04-15 17:55:52 -04:00
KernelDeimos
826ea36502 Add use_bundled_gui option 2024-04-15 17:50:44 -04:00
KernelDeimos
397819d45e Add missing endpoint /down 2024-04-15 16:38:03 -04:00
KernelDeimos
e8dc220981 This is 2.1.0 I decided 2024-04-15 15:37:13 -04:00
KernelDeimos
1c2b05d8f6 Fix phoenix for auto ports 2024-04-15 15:34:58 -04:00
KernelDeimos
081b093e7e Add missing asset for xterm, fix SDK url 2024-04-15 14:43:15 -04:00
KernelDeimos
4d30753958 Fix more phoenix dev issues 2024-04-15 14:25:40 -04:00
KernelDeimos
c72e0cb0e0 Fix phoenix watcher 2024-04-15 14:08:50 -04:00
KernelDeimos
e71b586fe5 Invalidate cached user when the user's email address is changed 2024-04-14 23:50:39 -04:00
KernelDeimos
2fcac12340 Fixg 2024-04-14 23:24:47 -04:00
KernelDeimos
0847395c92 Socket 2024-04-14 23:10:23 -04:00
KernelDeimos
58192cacb3 Try again 2024-04-14 23:00:07 -04:00
KernelDeimos
b81284e2c6 Pass the RIGHT token to email 2024-04-14 22:49:51 -04:00
KernelDeimos
5b39e39e1f Use jwt for email change confirmation 2024-04-14 22:44:04 -04:00
KernelDeimos
b944217410 Fix 2024-04-14 22:29:54 -04:00
KernelDeimos
dca7304be9 Remove requirement of auth from email confirm 2024-04-14 22:23:42 -04:00
KernelDeimos
231878266c Fix 2024-04-14 22:08:31 -04:00
KernelDeimos
51bf8fdde6 Fix 2024-04-14 21:41:08 -04:00
KernelDeimos
18134629d2 Move 2024-04-14 21:37:12 -04:00
KernelDeimos
f6b737e45d Add confirmation email for email change 2024-04-14 21:33:15 -04:00
KernelDeimos
3b7be8a719 Add delete-own-user 2024-04-14 21:32:43 -04:00
KernelDeimos
ef0da306a8 Fix change_email 2024-04-14 20:35:34 -04:00
vineethvk11
5d8d25f370 fixing on conflict issue in sqlite kv write 2024-04-14 16:39:29 +05:30
KernelDeimos
965d99d137 Fix socket auth 2024-04-13 17:19:12 -04:00
KernelDeimos
00e9f922c0 Fix target version 2024-04-12 23:16:49 -04:00
KernelDeimos
361e51060a Update apps 2024-04-12 22:03:40 -04:00
KernelDeimos
d919b1f312 Register terminal and phoenix builtins 2024-04-12 20:56:16 -04:00
KernelDeimos
5fbbfb4c18 Enable background and builtin apps 2024-04-12 20:52:57 -04:00
KernelDeimos
09c3cc6db1 Fix error when session not found 2024-04-12 01:22:33 -04:00
KernelDeimos
356a3284fa Fix mysql incompatibility 2024-04-12 00:10:56 -04:00
KernelDeimos
0eedcf567e Apply some fixes 2024-04-11 23:48:17 -04:00
KernelDeimos
f4f58dbfb9 Fix destructuring 2024-04-11 23:28:40 -04:00
Eric Dubé
8135e076c2
Merge pull request #266 from HeyPuter/eric/session-updates
session management
2024-04-11 22:04:07 -04:00
KernelDeimos
13525c85a0 -dot- 2024-04-11 21:46:43 -04:00
KernelDeimos
2f6f7e39bb Add timestamp 2024-04-11 21:41:19 -04:00
KernelDeimos
2d76025c9c Send cookie on token upgrade 2024-04-11 21:40:10 -04:00
KernelDeimos
bb9edc4f65 Add automatic token migration 2024-04-11 21:33:44 -04:00
KernelDeimos
b8e66cada9 Add puter.js 2024-04-11 19:07:00 -04:00
KernelDeimos
fc5025a2a8 Simplify PuterVersionService 2024-04-11 14:37:34 -04:00
KernelDeimos
e3d238f897 Do not use git to get version number 2024-04-11 13:57:40 -04:00
Nariman Jelveh
9ab3e3ccd8
Merge pull request #244 from HeyPuter/eric/host-storage
Display storage use of host/puter separately
2024-04-11 10:14:45 -07:00
KernelDeimos
09bf422686 Add session manager ui 2024-04-11 00:29:39 -04:00
KernelDeimos
18b3e06fe8 Add session listing and revocation 2024-04-10 23:00:37 -04:00
KernelDeimos
e436693d3e Improve session mgmt (part 1) 2024-04-10 21:54:16 -04:00
KernelDeimos
eb66848aee Update database version when creating a new one 2024-04-10 12:25:44 -04:00
KernelDeimos
0eded34c8c Add indented logs and fix a bug 2024-04-10 12:22:21 -04:00
KernelDeimos
367c18bfc5 Add endpoint to list permissions 2024-04-10 12:16:08 -04:00
KernelDeimos
cb4b8c5914 Add minor fixes 2024-04-07 00:06:11 -04:00
KernelDeimos
dc5a7ca431 Display storage use of host/puter separately 2024-04-06 23:26:18 -04:00
KernelDeimos
674cebd9e1 Add Linux support to HostDiskUsageService 2024-04-06 05:33:46 -04:00
Eric Dubé
0dd66463df
Merge pull request #241 from vineeth-vk11/#233
Implementing HostDiskUsageService removing diskusage dependency
2024-04-06 05:29:21 -04:00
vineethvk11
bf4bc214b2 Implementing HostDiskUsageService removing diskusage dependency 2024-04-06 13:03:09 +05:30
Eric Dubé
c6fb75c65f
Merge pull request #231 from HeyPuter/eric/user-to-user-permissions
User-to-User Permission Granting
2024-04-05 23:11:32 -04:00
KernelDeimos
38e8b19b50 Cleanup 2024-04-05 23:05:20 -04:00
KernelDeimos
90ce840234 Add revoke-user-user endpoint 2024-04-05 23:01:50 -04:00
KernelDeimos
fc6eda392b Allow granting user-to-user permissions 2024-04-05 22:11:36 -04:00
KernelDeimos
343edbff51 Use weak CORS policy for experimental_no_subdomain 2024-04-05 16:51:57 -04:00
KernelDeimos
fe88880486 Add experimental_no_subdomain flag 2024-04-05 16:21:19 -04:00
KernelDeimos
1c2e4968e2 Remove console log 2024-04-05 14:38:50 -04:00
KernelDeimos
f9b375a39b Fix case when main domain is a subdomain 2024-04-05 14:38:33 -04:00
KernelDeimos
207fa139d4 Add user-to-user permissions table 2024-04-05 03:23:31 -04:00
vineethvk11
6006767a9f fixing issues in copy while overwriting 2024-04-05 09:11:39 +05:30
KernelDeimos
35abf9a6bc Stop printing default password in logs 2024-04-04 22:17:00 -04:00
KernelDeimos
c3a4223bbf Add service to check EOL date of node 2024-04-04 22:10:56 -04:00
KernelDeimos
17a323298c Make dismiss command print what was dismissed 2024-04-04 20:46:03 -04:00
KernelDeimos
27c99fd90a Use OR IGNORE when sqlite 2024-04-04 20:02:35 -04:00
KernelDeimos
6c7175c109 NOOP legacy share fetch 2024-04-04 19:26:29 -04:00
Eric Dubé
3e1c7eb434
Merge pull request #223 from vineeth-vk11/#211
removing storage limit for self hosters
2024-04-04 16:12:31 -04:00
KernelDeimos
2125367683 Avoid predicate.values not iterable error 2024-04-04 14:20:30 -04:00
KernelDeimos
809e33b053 Remove unused code 2024-04-04 14:18:34 -04:00
vineethvk11
0da9e1fab3 removing storage limit for self hosters 2024-04-04 22:31:37 +05:30
KernelDeimos
b055c5cdad Fix change_username 2024-04-03 22:06:06 -04:00
KernelDeimos
b7a1f21e31 Fix puter sites errors 2024-04-03 22:05:33 -04:00
KernelDeimos
a04cac60e6 Fix db migration error in SQLES 2024-04-03 17:38:42 -04:00
KernelDeimos
274b69d017 Fix /file and /setItem 2024-04-03 17:21:25 -04:00
KernelDeimos
369037e269 Fix incorrect asset urls 2024-04-02 04:19:22 -04:00
KernelDeimos
9881fecacd Fix error caused by fixing kv 2024-04-02 03:40:58 -04:00
KernelDeimos
0651aab1be Fix DBKVStore value format 2024-04-02 00:47:14 -04:00
KernelDeimos
a973f66092 Only load from source in dev environment 2024-04-01 22:26:09 -04:00
KernelDeimos
5d81ff4cbe Fix dev console bar when columns has small value 2024-04-01 22:01:34 -04:00
KernelDeimos
7442b48157 Fix undefined instead of null in db query 2024-04-01 19:41:16 -04:00
KernelDeimos
59003a9ab9 Make dev-console use in WebServerService optional 2024-04-01 19:40:59 -04:00
KernelDeimos
65b61fc90d Remove unused variable 2024-04-01 17:24:48 -04:00
KernelDeimos
05c6cd6c3d Separate default user into SelfhostedModule 2024-04-01 17:24:07 -04:00
KernelDeimos
92b3f4ff76 Default user random pass, sqlite query patches 2024-04-01 01:23:53 -04:00
KernelDeimos
4845bd28a1 Create default user 2024-03-31 21:21:17 -04:00
KernelDeimos
88bd45cfda Add note about private UID namespace 2024-03-30 22:35:47 -04:00
KernelDeimos
a09d7bcd54 Patch log service 2024-03-30 22:10:18 -04:00
KernelDeimos
752496bfe1 Need to revisit this later 2024-03-30 21:52:31 -04:00
KernelDeimos
007ebdadb1 Center that launch logo 2024-03-30 19:35:11 -04:00
KernelDeimos
26c435c829 Fix port in use message 2024-03-30 19:26:58 -04:00
KernelDeimos
4244f2bc69 Remove verbose log for config values 2024-03-30 19:25:35 -04:00
KernelDeimos
a5c2d6b0f5 Remove debug logs for start message 2024-03-30 19:25:02 -04:00
KernelDeimos
16cb6c52f5 Add README.md to backend directory 2024-03-30 19:23:43 -04:00
KernelDeimos
384a1534ec Release backend 2024-03-30 19:08:03 -04:00