mirrors/puter
1
0
Fork 0
mirror of https://github.com/HeyPuter/puter synced 2024-11-15 06:15:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,324 Commits 21 Branches 9 Tags 28 MiB
ef298ce3aa
Commit Graph

345 Commits

Author SHA1 Message Date
KernelDeimos
684b0dc059 Support configurable mod locations 2024-06-10 03:02:17 -04:00
KernelDeimos
8d22276f13 fix(backend): remove a bad thing that really doesn't work 2024-06-09 14:21:07 -04:00
KernelDeimos
eb05fbd2dc feat: add external mod loading 
A package called "useapi" is introduced to provide a dynamic import
system. This import system, rather than relying on the state of the
filesystem, is populated as modules are installed into Puter's kernel.

The "useapi" package is then used to add support for loading external
mod directories as Puter kernel modules, making it possible to mod puter
without any tooling.
 2024-06-09 13:14:48 -04:00
Eric Dubé
fa7bec3854
refactor: flatten the monorepo 2024-06-08 01:07:42 -04:00
KernelDeimos
f88c4a5c9c doc(backend): document modules, services, and service-scripts 2024-06-06 20:10:23 -04:00
KernelDeimos
30550fcddd feat(backend): add script service 
The script service allows other services to register re-runnable tasks
called "scripts". These can be invoked via "script:run" in the console.
 2024-06-05 16:17:03 -04:00
KernelDeimos
0b0707363c Fix potential race condition 2024-06-04 16:28:53 -04:00
KernelDeimos
665b2d4e4e refactor(backend): de-couple driver registration from DriverService 2024-06-01 18:20:27 -04:00
KernelDeimos
2d8e6240c6 feat(backend): add tip of day 2024-05-31 20:36:14 -04:00
KernelDeimos
4bdad75766 feat(backend): improve logger and reduce logs 2024-05-31 19:40:13 -04:00
KernelDeimos
522664d415 feat(backend): allow services to provide user properties 2024-05-31 18:10:11 -04:00
KernelDeimos
fccabf1bc0 feat(backend): allow services to provide whoami values 2024-05-30 17:11:06 -04:00
Eric Dubé
0672562c8a
Merge pull request #442 from HeyPuter/eric/extensibility 
class registry for service scripts
 2024-05-28 20:10:03 -04:00
KernelDeimos
e050506a05 Add class registry (second pass) 
ExportService gets removed and instead a global class registry is added.
The `init.js` file is split into `init_sync.js` and `init_async.js`
so that synchronous code that isn't dependent on imports is guarenteed
to run before initgui.js. The globalThis scope and service-script API
now expose `def`, a function for registering class definitions, and
`use`, a function for obtaining registered classes.
 2024-05-28 19:06:00 -04:00
KernelDeimos
cd574c87ef Fix the previous fix 2024-05-28 16:10:43 -04:00
KernelDeimos
4e3a24e609 fix: check subdomain earlier for /apps 2024-05-28 15:51:22 -04:00
Eric Dubé
c495ccff65
Merge pull request #408 from AtkinsSJ/git-client 
Add a git client
 2024-05-28 12:10:01 -04:00
KernelDeimos
51bac4486f Add class registry (first pass) 
In the first pass I add a `register` method and update `defineComponent`
so it calls `register` as well. This made it possible to create a
proof-of-concept for registered classes. Additionally ExportService was
added to expose registered classes to service scripts. This first pass
works, but it would be better if all types of classes (components or
otherwise) were registered via the same method.
 2024-05-27 21:16:50 -04:00
KernelDeimos
c0cb1cd2b8 refactor: add GetUserService 2024-05-26 00:31:51 -04:00
KernelDeimos
cbfad2ef7a refactor(gui): add service scripts 2024-05-24 19:29:07 -04:00
KernelDeimos
a1cfe7aef2 Allow services to register additional js files for gui 2024-05-23 18:41:34 -04:00
KernelDeimos
5042d49935 Simplify debugging runtime config object changes 2024-05-23 18:40:41 -04:00
KernelDeimos
c89b50bf31 Refactor gui loading 2024-05-23 18:13:57 -04:00
Sam Atkins
0d2ffdb380 Add boilerplate for empty git app 
It does nothing but output a message to the console.
 2024-05-22 08:56:50 +01:00
KernelDeimos
1f6a2093fb Disallow negative size values 2024-05-21 18:46:34 -04:00
KernelDeimos
90463a0732 Add support for webhook endpoints 2024-05-21 17:25:28 -04:00
KernelDeimos
8cca067991 Fix 8688ha84v 2024-05-17 22:55:40 -04:00
Eric Dubé
80b763c47c
Merge pull request #407 from AtkinsSJ/clean-suggested-apps 
fix: Remove null or duplicate app entries from suggest_app_for_fsentry()
 2024-05-17 15:46:06 -04:00
KernelDeimos
e4543c5f35 Fix 8688ggu00 (2) 2024-05-17 12:32:16 -04:00
Sam Atkins
6900233c5a fix: Remove null or duplicate app entries from suggest_app_for_fsentry() 2024-05-17 15:34:36 +01:00
KernelDeimos
c55b1e4680 Remove verification requirement on contact us form 2024-05-16 19:08:51 -04:00
KernelDeimos
e3f57ee20e Add path builder 2024-05-16 19:02:58 -04:00
KernelDeimos
5031cea040 Update _default.js for deployment purposes 2024-05-16 18:55:59 -04:00
KernelDeimos
49b257ecff fix(security): Move token for socket.io to request body 
Currently this commit breaks websocket events and needs to
be updated.
 2024-05-16 17:58:44 -04:00
KernelDeimos
f042b095f1 Fix 8688gxkuj 2024-05-16 17:25:41 -04:00
KernelDeimos
691c8f1436 Add locking to save_account 2024-05-15 18:22:54 -04:00
Eric Dubé
b72e5b7e02
Merge pull request #401 from HeyPuter/eric/service-patches 
Allow patching services
 2024-05-15 15:47:14 -04:00
KernelDeimos
c70e378973 Add error id for expired auth tokens 2024-05-15 15:42:00 -04:00
KernelDeimos
21444daefb Add jsdoc comments to registerService and patchService 2024-05-15 15:41:37 -04:00
KernelDeimos
2e0d7361cb Add method to patch services 2024-05-15 15:32:18 -04:00
Eric Dubé
6e0b6d84d2
Merge pull request #400 from AtkinsSJ/fix-apierror-includes 
fix: Correct APIError imports
 2024-05-15 13:51:04 -04:00
Sam Atkins
062e23b5c9 fix: Correct APIError imports 
APIError is the only thing exported from its file, so we must not wrap
it in {}.
 2024-05-15 17:47:15 +01:00
Sam Atkins
a8160a8cdc fix: Add missing file extension to 0009_app-prefix-fix.sql in DB init 2024-05-15 10:18:28 +01:00
KernelDeimos
0b093dd57e Revoke other sessions when password is changed 2024-05-14 19:40:57 -04:00
KernelDeimos
923d5878c3 Prevent enable of 2FA without configure 2024-05-14 17:33:14 -04:00
KernelDeimos
800aef1942 Implement anti-CSRF for logout 2024-05-13 20:40:27 -04:00
KernelDeimos
da7f73baa6 Add AntiCSRFService 2024-05-13 19:08:51 -04:00
KernelDeimos
afb9d866b5 fix: Fix phoenix app prefix and TokenService test 2024-05-13 18:17:39 -04:00
KernelDeimos
c2f1694107 Require password entry to disable 2FA 2024-05-13 16:00:07 -04:00
KernelDeimos
23215bd6f7 Move change_email/start to password-protected endpoint 2024-05-13 16:00:07 -04:00
KernelDeimos
1493cacb69 Add rate-limiting to new password change endpoint 2024-05-13 16:00:07 -04:00
KernelDeimos
9076fddc0d Add new password change endpoint 2024-05-13 16:00:07 -04:00
KernelDeimos
a89c9d59cf Add UserProtectedEndpointsService 2024-05-13 16:00:07 -04:00
KernelDeimos
15dec21118 doc(backend): Document the boot sequence 
Now that the boot sequence is better formalized it may be documented.
 2024-05-13 16:00:07 -04:00
KernelDeimos
d800b12569 refactor(backend): Trigger webserver events in webserver 
We were triggering webserver events in Kernel. This change improves
adherence to separation-of-concerns and ensures event cascading is
working as expected. This also better formalizes the boot sequence.
 2024-05-13 01:05:49 -04:00
Eric Dubé
3992fe1a45
Merge pull request #384 from AtkinsSJ/progress-dialogs 
refactor: Replace several existing progress dialogs with one configurable one
 2024-05-10 12:25:32 -04:00
Eric Dubé
17e08cafce
Merge pull request #380 from AtkinsSJ/eslint-ci 
Run ESLint on CI
 2024-05-10 12:24:31 -04:00
KernelDeimos
cd2daa1910 Require email verification for contact form 2024-05-09 19:40:34 -04:00
KernelDeimos
8b6bbe003d fix(security) Disable 2FA configure if 2FA is enabled 2024-05-09 18:04:58 -04:00
Sam Atkins
f3269693de Stop dumping binary data to the console 
This was freaking out and freezing the Puter server, and my entire
terminal app. XD
 2024-05-09 18:28:39 +01:00
KernelDeimos
df24c663df Invalidate email confirmation on password change 2024-05-08 22:28:41 -04:00
KernelDeimos
45e7f162a2 Add password change notification 2024-05-08 16:01:20 -04:00
Sam Atkins
8c70efa058 Suppress remaining eslint errors 
These two seem like bugs but are unclear to me how to fix, so I've added
FIXMEs.

/puter/packages/backend/src/routers/kvstore/clearItems.js
  41:32  error  'DB_MODE_WRITE' is not defined  no-undef

/puter/packages/backend/src/routers/whoami.js
  104:35  error  'db' is not defined  no-undef
 2024-05-08 18:53:36 +01:00
KernelDeimos
5890b7e7bf Disable password reset token when email or password is changed 2024-05-07 20:18:11 -04:00
KernelDeimos
d20249f29a Send email notifications when 2FA state changes 2024-05-06 21:13:00 -04:00
KernelDeimos
7f3e2852c6 Add rate limits 2024-05-06 16:12:54 -04:00
KernelDeimos
7fce223a6d Fix OTP test endpoint 2024-05-06 15:40:34 -04:00
KernelDeimos
a628358c9f Fix OTP time window 2024-05-06 15:02:14 -04:00
KernelDeimos
918eb3bb67 Put otpauth back on 9.2.4 2024-05-06 02:10:22 -04:00
KernelDeimos
ecae1997aa Maybe this?? 2024-05-06 01:58:55 -04:00
KernelDeimos
e4c7caa8ea Worth a try 2024-05-06 01:54:02 -04:00
KernelDeimos
00c8ece07e Finish recovery codes 2024-05-06 00:02:46 -04:00
KernelDeimos
5cbe256120 Add missing part of previous commit 2024-05-06 00:02:46 -04:00
KernelDeimos
a2a8f9de74 Fix cache state 2024-05-06 00:02:46 -04:00
KernelDeimos
3e380ba844 Add otp test endpoint and next wizard step 2024-05-06 00:02:46 -04:00
KernelDeimos
2681a78501 Use username as otp label 2024-05-06 00:02:46 -04:00
KernelDeimos
3bf7737790 Add recovery codes 2024-05-06 00:02:46 -04:00
KernelDeimos
455d3946d6 Add checkboxes and cancel action for 2FA setup 2024-05-06 00:02:46 -04:00
KernelDeimos
2dfecb5287 Add 2fa setting and complete login flow 2024-05-06 00:02:46 -04:00
KernelDeimos
d7c5c37cf8 Implement backend for 2FA 2024-05-06 00:02:46 -04:00
KernelDeimos
038373cbbc Fix filename inconsistency that breaks Linux support 2024-05-06 00:02:33 -04:00
Didi Keke
4d30740198 fix: typographical errors 🐛 2024-05-05 08:34:50 +00:00
Didi Keke
551121524c refactor: name from SelfhostedModule to SelfHostedModule 🔨 2024-05-05 07:53:55 +00:00
KernelDeimos
a86106c0c1 Fix save_account token 2024-05-04 14:19:09 -04:00
Eric Dubé
4d0e6b4772
Merge pull request #336 from AtkinsSJ/app-tab-completion 
Phoenix: Add tab-completion for command names
 2024-05-03 12:39:07 -04:00
Sam Atkins
fa7c6bee96 fix: Correct variables used in errors in sign.js 
I couldn't figure out how to get a name for the no_suitable_app error
unfortunately, so that's just commented out.

/puter/packages/backend/src/routers/sign.js
   65:74  error  'subject' is not defined  no-undef
  114:59  error  'subject' is not defined  no-undef
 2024-05-02 17:39:01 +01:00
Sam Atkins
52d5299374 fix: Use correct variable for version number 
/puter/packages/backend/src/services/ComplainAboutVersionsService.js
  30:36  error  'current_version' is not defined  no-undef
 2024-05-02 17:30:53 +01:00
Sam Atkins
2094e05a2e chore: Comment out unreachable code in ExpectationService 
The `return` looks temporary but I don't know this code well enough.

Solves this eslint issue:

/puter/packages/backend/src/services/runtime-analysis/ExpectationService.js
  94:9  error  Unreachable code  no-unreachable
 2024-05-02 11:21:50 +01:00
Sam Atkins
0df0de6507 chore: Define def() and defv() using const 
Fixes these eslint issues:

/puter/packages/backend/src/services/auth/TokenService.js
   3:1   error  'def' is not defined   no-undef
  18:1   error  'defv' is not defined  no-undef
  61:11  error  'def' is not defined   no-undef
  69:21  error  'defv' is not defined  no-undef
 2024-05-02 11:21:50 +01:00
Sam Atkins
01ab6b88ea chore: Remove unused uses of uuid_user in save_account.js 
The variable doesn't exist, and we never use it after this. Seems like a
copy-paste error.

Solves these eslint errors:

/puter/packages/backend/src/routers/save_account.js
  90:9   error  'uuid_user' is not defined  no-undef
  91:9   error  'uuid_user' is not defined  no-undef
  91:21  error  'uuid_user' is not defined  no-undef
 2024-05-02 11:21:50 +01:00
Sam Atkins
9b3dd6b753 chore: Fix eslint issues in backend util 
/puter/packages/backend/src/util/stdioutil.js
  26:24  error  Unexpected control character(s) in regular expression: \x1b  no-control-regex

/puter/packages/backend/src/util/streamutil.js
  368:1  error  'string_to_stream' is not defined  no-undef
  463:5  error  'string_to_stream' is not defined  no-undef

/puter/packages/backend/src/util/strutil.js
  42:1  error  'format_as_usd' is not defined  no-undef
  56:5  error  'format_as_usd' is not defined  no-undef
 2024-05-02 11:21:50 +01:00
Sam Atkins
60523dc7a7 chore: Fix some eslint issues in services 
/puter/packages/backend/src/services/ContextInitService.js
  57:18  error  'async_factory' is not defined  no-undef

/puter/packages/backend/src/services/StorageService.js
  22:5  error  Expected to call 'super()'  constructor-super

/puter/packages/backend/src/services/WebServerService.js
  258:35  error  'services' is not defined  no-undef

/puter/packages/backend/src/services/auth/AuthService.js
  52:13  error  Unreachable code  no-unreachable

/puter/packages/backend/src/services/drivers/implementations/BaseImplementation.js
   64:25  error  'services' is not defined  no-undef
   75:39  error  'services' is not defined  no-undef
  117:39  error  'services' is not defined  no-undef
  123:42  error  'services' is not defined  no-undef
  149:42  error  'services' is not defined  no-undef
  168:38  error  'services' is not defined  no-undef

/puter/packages/backend/src/services/drivers/implementations/PuterDriverProxy.js
  43:5  error  Expected to call 'super()'              constructor-super
  44:9  error  'this' is not allowed before 'super()'  no-this-before-super

/puter/packages/backend/src/services/drivers/meta/Construct.js
  125:9  error  Unreachable code  no-unreachable

/puter/packages/backend/src/services/runtime-analysis/PagerService.js
  49:41  error  'util' is not defined  no-undef
 2024-05-02 11:21:50 +01:00
Sam Atkins
ca3f9a823d chore: Fix some eslint issues in routers 
/puter/packages/backend/src/routers/open_item.js
  48:10  error  Unexpected negating the left operand of 'instanceof' operator  no-unsafe-negation

/puter/packages/backend/src/routers/save_account.js
  106:34  error  'get_user' is not defined   no-undef

/puter/packages/backend/src/routers/sign.js
  37:10  error  Unexpected negating the left operand of 'instanceof' operator  no-unsafe-negation
 2024-05-02 11:21:50 +01:00
Sam Atkins
0c0846eef9 chore: Fix some backend router eslint issues 
/puter/packages/backend/src/routers/auth/list-permissions.js
  36:15  error  'APIError' is not defined  no-undef

/puter/packages/backend/src/routers/auth/list-sessions.js
  17:15  error  'APIError' is not defined  no-undef

/puter/packages/backend/src/routers/auth/revoke-user-app.js
  34:15  error  'APIError' is not defined  no-undef
  43:15  error  'APIError' is not defined  no-undef

/puter/packages/backend/src/routers/delete-site.js
  43:11  error  Unexpected empty object pattern  no-empty-pattern

/puter/packages/backend/src/routers/drivers/usage.js
  146:11  error  'k' is not defined  no-undef
  147:21  error  'k' is not defined  no-undef
  147:52  error  'k' is not defined  no-undef

/puter/packages/backend/src/routers/drivers/xd.js
  68:5  error  'window' is not defined  no-undef
  69:21  error  Parsing error: The keyword 'interface' is reserved

/puter/packages/backend/src/routers/filesystem_api/batch/all.js
   51:21  error  'get_app' is not defined       no-undef
  224:13  error  Unexpected constant condition  no-constant-condition

/puter/packages/backend/src/routers/filesystem_api/copy.js
   70:10  error  Unexpected constant condition  no-constant-condition
  106:13  error  Duplicate key 'new_name'       no-dupe-keys

/puter/packages/backend/src/routers/filesystem_api/read.js
  80:5  error  Unreachable code  no-unreachable

/puter/packages/backend/src/routers/filesystem_api/token-read.js
   53:9  error  Unreachable code  no-unreachable
   58:9  error  Unreachable code  no-unreachable
  104:5  error  Unreachable code  no-unreachable

/puter/packages/backend/src/routers/hosting/puter-site.js
  65:21  error  Unexpected constant nullishness on the left-hand side of a `??` expression  no-constant-binary-expression
 2024-05-02 11:21:50 +01:00
Sam Atkins
b4af28a91b chore: Miscellaneous eslint fixes 
/puter/packages/backend/src/om/entitystorage/ValidationES.js
  89:25  error  Do not assign to the exception parameter  no-ex-assign

/puter/packages/backend/src/om/proptypes/__all__.js
  166:17  warning  Unexpected 'debugger' statement  no-debugger

/puter/packages/backend/src/routers/_default.js
  405:31  error  'err' is not defined  no-undef
 2024-05-02 11:21:50 +01:00
Sam Atkins
4879ee93bf chore: Fix eslint errors in backend/src/helpers.js 
/puter/packages/backend/src/helpers.js
   682:9   error  'sharing_users' is not defined     no-undef
   689:12  error  'sharing_users' is not defined     no-undef
   690:28  error  'sharing_users' is not defined     no-undef
   695:28  error  'sharing_users' is not defined     no-undef
   720:9   error  'shared_fsentries' is not defined  no-undef
   733:12  error  'shared_fsentries' is not defined  no-undef
   734:28  error  'shared_fsentries' is not defined  no-undef
   735:17  error  'shared_fsentries' is not defined  no-undef
   735:58  error  'shared_fsentries' is not defined  no-undef
   736:31  error  'shared_fsentries' is not defined  no-undef
   900:57  error  'e' is not defined                 no-undef
  1849:18  error  Empty block statement              no-empty
 2024-05-02 11:21:50 +01:00
Sam Atkins
8ab1cd0ca8 chore: Remove unused 'connective' source files 2024-05-02 11:21:50 +01:00
Sam Atkins
8cf6379de3 chore: Correct eslint errors in backend filesystem 
Removes or disables the following eslint errors/warnings:

/puter/packages/backend/src/api/filesystem/FlagParam.js
  33:19  error  'APIError' is not defined  no-undef
  47:19  error  'APIError' is not defined  no-undef
  58:15  error  'APIError' is not defined  no-undef

/puter/packages/backend/src/api/filesystem/StringParam.js
  32:19  error  'APIError' is not defined  no-undef
  39:13  error  'APIError' is not defined  no-undef
  46:19  error  'APIError' is not defined  no-undef

/puter/packages/backend/src/filesystem/FilesystemService.js
  141:17  warning  Unexpected 'debugger' statement  no-debugger
  366:21  error    'services' is not defined        no-undef

/puter/packages/backend/src/filesystem/batch/BatchExecutor.js
  121:21  error  Do not assign to the exception parameter  no-ex-assign

/puter/packages/backend/src/filesystem/hl_operations/hl_data_read.js
  44:19  error  'APIError' is not defined     no-undef
  47:22  error  'chkperm' is not defined      no-undef
  48:19  error  'APIError' is not defined     no-undef
  51:29  error  'LLRead' is not defined       no-undef
  54:13  error  'version_id' is not defined   no-undef
  88:35  error  'PassThrough' is not defined  no-undef

/puter/packages/backend/src/filesystem/hl_operations/hl_mkdir.js
  68:49  error  'fs' is not defined  no-undef

/puter/packages/backend/src/filesystem/hl_operations/hl_move.js
  102:33  error  'get_user' is not defined  no-undef
  104:35  error  'get_user' is not defined  no-undef
  110:33  error  'df' is not defined        no-undef

/puter/packages/backend/src/filesystem/hl_operations/hl_read.js
  54:13  error  'stream' is constant  no-const-assign

/puter/packages/backend/src/filesystem/hl_operations/hl_stat.js
  40:37  error  'APIError' is not defined  no-undef

/puter/packages/backend/src/filesystem/lib/PuterPath.js
  67:5  error  Expected to return a value in getter 'hasRelativePortion'  getter-return

/puter/packages/backend/src/filesystem/ll_operations/ll_copy_idea.js
   53:21  error  'UploadProgressTracker' is not defined   no-undef
   73:17  error  'PuterS3StorageStrategy' is not defined  no-undef
  137:22  error  'LLFilesystemOperation' is not defined   no-undef

/puter/packages/backend/src/filesystem/ll_operations/ll_read.js
  102:65  error  'offset' is not defined  no-undef
  102:73  error  'offset' is not defined  no-undef
  102:80  error  'length' is not defined  no-undef

/puter/packages/backend/src/filesystem/ll_operations/ll_rmnode.js
  43:23  error  'APIError' is not defined  no-undef

/puter/packages/backend/src/filesystem/storage/SystemFSEntryService.js
  101:26  error  '_path' is not defined  no-undef

/puter/packages/backend/src/filesystem/validation.js
  27:29  error  Unexpected control character(s) in regular expression: \x00, \x1f  no-control-regex
  28:29  error  Unexpected control character(s) in regular expression: \x00, \x1f  no-control-regex
  28:31  error  Unnecessary escape character: \/                                   no-useless-escape
 2024-05-02 11:21:50 +01:00
KernelDeimos
8e6ee9ea79 Fix oversight in token compression 2024-04-29 22:48:10 -04:00
KernelDeimos
e7e7363fa7 Drop useless header 2024-04-29 22:34:19 -04:00
KernelDeimos
5a76bad28d fix: reduce token lengths 2024-04-29 21:46:02 -04:00
KernelDeimos
c1e4eeec32 Add TokenService and test utility 2024-04-29 21:11:31 -04:00
KernelDeimos
04432df554 feat: improve password recovery experience 2024-04-29 19:26:29 -04:00
KernelDeimos
c44028f413 refactor: normalize email calls 2024-04-29 17:34:24 -04:00
Nariman Jelveh
42d85abfc2 Update WebServerService.js 2024-04-27 19:10:10 -07:00
Nariman Jelveh
fd4e2f59dc Update WebServerService.js 2024-04-27 19:03:48 -07:00
Nariman Jelveh
053728a03f Validate the Host header before responding to requests 2024-04-27 18:52:01 -07:00
KernelDeimos
d7d6ff0cca Rate limit updates 2024-04-26 21:02:01 -04:00
KernelDeimos
79d6f64451 Notify old email when email change is initiated 2024-04-26 21:02:01 -04:00
Eric Dubé
2ee00ca8e6
Revert "fix(security): Prevent email enumeration" (#351) 2024-04-26 18:22:14 -04:00
KernelDeimos
ecec8bf75d Use pread for signup page 2024-04-25 19:44:06 -04:00
KernelDeimos
736ebb6f28 Improve server health service 2024-04-25 19:39:18 -04:00
Nariman Jelveh
928dd90f61
Merge pull request #346 from youngsiiimba/main 
fix(security): Prevent email enumeration
 2024-04-25 14:59:56 -07:00
KernelDeimos
eb166a67a9 fix(security): Fix session revocation 2024-04-25 16:19:46 -04:00
Nariman Jelveh
c4b2d9861f Clean up some of the unnecessary console warnings 2024-04-25 13:11:11 -07:00
Simba Chawanda
ed70314686 fix(security): Prevent email enumeration 2024-04-25 09:27:37 +02:00
KernelDeimos
7800ef6102 fix(security): skip cache when checking old passwd 2024-04-24 22:28:27 -04:00
KernelDeimos
74e9270d58 Fix 2024-04-24 16:16:31 -04:00
KernelDeimos
b2e72adba9 Add ratelimit for /confirm-email 2024-04-24 16:12:09 -04:00
KernelDeimos
1eac147918 Add ratelimit for /contactUs 2024-04-24 16:09:04 -04:00
Sam Atkins
dc5b010d09 feat: Allow querying puter-apps driver by partial app names 2024-04-24 15:08:54 +01:00
Sam Atkins
a854a0dc0a feat: Implement 'Like' predicate in entity storage 
This acts like the SQL 'LIKE' keyword, allowing partial string matches.
 2024-04-24 15:08:54 +01:00
KernelDeimos
44aac16991 Add ip rate limiting 2024-04-23 19:13:37 -04:00
KernelDeimos
65a73b5b45 Rename workspace modules to avoid confusion 2024-04-23 04:06:15 -04:00
KernelDeimos
74e213a534 fix(security): always use application/octet-stream 2024-04-22 23:54:03 -04:00
KernelDeimos
f9d561d40b docs: document purpose of scary-looking token 2024-04-22 23:48:45 -04:00
KernelDeimos
c166560ff4 feat: add /healthcheck endpoint 2024-04-22 22:02:40 -04:00
Eric Dubé
331d9e7542
feat: allow apps to add a menubar via puter.js 
* Begin work on menubar and dropdowns

* Improve menubar

* Fix pointer event behavior

* Fix labels

* Fix active button

* Eliminate flicker

* Update _default.js

---------

Co-authored-by: Nariman Jelveh <n.jelveh@gmail.com>
 2024-04-22 20:38:16 -04:00
Nariman Jelveh
3cba4cab1e Disable iframing of the main domain using meta tags as well 2024-04-22 14:14:20 -07:00
Nariman Jelveh
ef35a04c4a Disable iframing of the main domain 2024-04-22 14:09:32 -07:00
KernelDeimos
eee5c9e48b Cleanup 2024-04-22 16:29:12 -04:00
KernelDeimos
2f5780d1d1 Cleanup 2024-04-22 16:28:22 -04:00
KernelDeimos
a741bd5419 Make errors in /batch more preemptive 2024-04-22 04:35:01 -04:00
KernelDeimos
4d2d4a7ca3 Fix 86888h53w 2024-04-21 22:06:36 -04:00
KernelDeimos
5c1e6ab16b Fix false-positive password recovery response 2024-04-21 18:28:58 -04:00
KernelDeimos
b2f5cc11b5 Fix dbrr reference 2024-04-21 17:10:18 -04:00
KernelDeimos
58b83c27f2 Remove large log 2024-04-20 07:23:32 -04:00
KernelDeimos
0e9e8d41d9 Fix authorizer not defined 2024-04-19 17:12:15 -04:00
Eric Lighthall
4783e3eae4 Optimize console redraw by tracking widget changes 
Instead of redrawing the widget area every 2 seconds, only auto redraw when the widget area has changed, reducing unecessary redraw operations.
 2024-04-19 00:48:36 -07:00
KernelDeimos
0361ceba6c Normalize session objects to have both user_uid and user_id 2024-04-17 23:22:10 -04:00
KernelDeimos
4ecc7372f9 Fix issue with use_bundled_gui flag 2024-04-17 22:59:22 -04:00
KernelDeimos
dbcd627815 Apply various small fixes 2024-04-17 20:57:59 -04:00
Nariman Jelveh
6061c81c36 Update get-launch-apps.js 2024-04-17 17:58:11 -07:00
KernelDeimos
f0d3346ca7 Update session.last_touch always 2024-04-17 13:03:32 -04:00
KernelDeimos
e8ca6376be Avoid logging sensitive query params 2024-04-17 12:51:30 -04:00
KernelDeimos
c48c134869 Remove verbose log 2024-04-17 12:42:12 -04:00
KernelDeimos
49e334521d Update timers 2024-04-17 12:41:43 -04:00
KernelDeimos
7e0c6c6470 Fix last_activity_ts 2024-04-16 19:30:30 -04:00
KernelDeimos
19c49db538 Improve sessions 2024-04-16 18:57:02 -04:00
KernelDeimos
653898b463 Report proper error when an operation is invalid 2024-04-15 22:27:03 -04:00