7a8ccdb229
feat: Microsoft authentication ( #1953 )
...
closes #755
2021-04-17 13:22:18 -07:00
190f0b6dc5
fix: Improve handling of suspended users signing in with email ( #2012 )
...
* chore: Separate signin/auth middleware
fix: Email signin token parsed by JWT middleware
fix: Email signin marked as active when logging in as suspended
fix: Suspended email signin correctly redirected to login screen
closes #1740
* refactor middleware -> lib
* lint
2021-04-08 20:40:04 -07:00
b5dcb1b3fe
fix: JS error from #1962 refactor when Google or Slack auth credentials are missing
2021-03-29 22:03:40 -07:00
e00a437f2f
feat: authenticationProviders API endpoints ( #1962 )
2021-03-26 11:31:07 -07:00
1b972070d7
feat: Enforce single team when self-hosted ( #1954 )
...
* fix: Enforce single team when self hosting
* test: positive case
* refactor
* fix: Visible error message on login screen for max teams scenario
* Update Notices.js
* lint
2021-03-18 21:56:24 -07:00
5d6f68d399
feat: Move to passport for authentication ( #1934 )
...
- Added `accountProvisioner`
- Move authentication to use passport strategies
- Make authentication more pluggable
- Change language of services -> providers
closes #1120
2021-03-11 10:02:22 -08:00
ed2a42ac27
chore: Migrate authentication to new tables ( #1929 )
...
This work provides a foundation for a more pluggable authentication system such as the one outlined in #1317 .
closes #1317
2021-03-09 12:22:08 -08:00
f799758a6f
feat: Allow Google sign-in users to choose account
...
Alternative to https://github.com/outline/outline/pull/1763
2021-01-03 08:54:47 -08:00
ba61091c4c
fix: Allow soft deletion of teams ( #1754 )
...
* fix: Allow soft deletion of teams
* test: regression specs
2020-12-30 09:40:23 -08:00
e966eb8c9a
fix: Error notice not displayed to user when exceeding rate limit on signin attempt
2020-12-20 13:05:16 -08:00
19ab32f551
chore: Add additional missing events ( #1639 )
...
* chore: Add additional missing events
signed in
profile updated
team setting updated
* Minor refactor to DRY existing code
* Add events
* lint
* flow: Add missing ip to event types
2020-11-14 20:44:18 -08:00
1b6a986986
chore: Refactor authentication pass between subdomains ( #1619 )
...
* fix: Use get request instead of cookie to transfer token between domains
* Add domain to database
Add redirects to team domain when present
* 30s -> 1m
* fix: Avoid redirect loop if subdomain and domain set
* fix: Create a transfer specific token to prevent replay requests
* refactor: Move isCustomDomain out of shared as it won't work on the client
2020-11-04 19:54:04 -08:00
b78e2f1e05
fix: Match search requests from Slack using Integration for non-Slack teams ( #1599 )
...
* Match slack hook requests to integration
2020-10-21 08:53:38 -07:00
2c1a111dee
feat: Support importing .docx or .html files as new documents ( #1551 )
...
* Support importing .docx as new documents
* Add html file support, build types and interface for easily adding file types to importer
* fix: Upload embedded images in docx to storage
* refactor: Bulk of logic to command
* refactor: Do all importing on server, so we're not splitting logic for import into two places
* test: Add documentImporter tests
Co-authored-by: Lance Whatley <whatl3y@gmail.com >
2020-09-16 21:54:33 -07:00
449dc55aaa
chore: Upgrade Babel, Jest, Eslint ( #1437 )
...
* chore: Upgrade Prettier 1.8 -> 2.0
* chore: Upgrade Babel 6 -> 7
* chore: Upgrade eslint plugins
* chore: Add eslint import/order rules
* chore: Update flow-typed deps
2020-08-08 22:53:59 -07:00
e312b264a6
chore: Upgrade Prettier 1.8 -> 2.0 ( #1436 )
2020-08-08 18:53:11 -07:00
67981a351e
chore: Remove env variables in webpack bundle ( #1353 )
...
* chore: Remove env variables in webpack bundle
* remove unused globals
* refactor: consolidate window.env calls to single file
* fix: Slack client side integration auth
* fix: developers url
2020-07-18 11:02:40 -07:00
5cb04d7ac1
New login screen ( #1331 )
...
* wip
* feat: first draft of auth.config
* chore: auth methodS
* chore: styling
* styling, styling, styling
* feat: Auth notices
* chore: Remove server-rendered pages, move shared/components -> components
* lint
* cleanup
* cleanup
* fix: Remove unused component
* fix: Ensure env variables in prod too
* style tweaks
* fix: Entering SSO email into login form fails
fix: Tweak language around guest signin
2020-07-09 22:33:07 -07:00
efcfda8398
fix: Port from hosted
2020-06-22 22:11:39 -07:00
f43deb7940
chore: Move to prettier standard double quotes ( #1309 )
2020-06-20 13:59:15 -07:00
f4c4a11277
fix: Only transfer accessToken if matches root token
2020-05-21 21:42:46 -07:00
092d9dce18
fix: Don't set cookie domain when not using multiple subdomains ( #1145 )
...
* fix: Don't set cookie domain when not using multiple subdomains
* wip logging domain
* wip logging domain
* wip logging domain
* wip logging domain
* Revert "wip logging domain"
This reverts commit 325907e74962179e02cee0b1df364a3aedbe62e3.
* Revert "wip logging domain"
This reverts commit 6ee095a49e9c18999a20d5379234323d49d5e6c8.
* Revert "wip logging domain"
This reverts commit 813d8eb960cdf4dd6db4795739df3adf895600e2.
* Revert "wip logging domain"
This reverts commit f1ca81927626bbd0d46c1963510d115a003176d8.
* Remove SUBDOMAINS_ENABLED from documented env variables, no-one self hosting should need this – it just adds confusion to those looking to host on a single subdomain
fix: Account for server/client process.env parsing
Co-authored-by: Nan Yu <nanyu@Nans-MBP-2.lan >
Co-authored-by: Nan Yu <nan@getoutline.com >
2020-05-19 21:05:57 -07:00
dac2d43f55
dashboard -> home ( #1194 )
2020-02-26 21:10:20 -08:00
98dda567c2
fix: User records not written correctly on signin ( #1119 )
...
* Initial fix for #1116
* clarify logic
2019-12-22 20:14:06 -08:00
89b87c5268
fix: Emails should be stored and processed in lowercase ( #1109 )
2019-12-17 19:44:50 -08:00
6d8216c54e
feat: Guest email authentication ( #1088 )
...
* feat: API endpoints for email signin
* fix: After testing
* Initial signin flow working
* move shared middleware
* feat: Add guest signin toggle, obey on endpoints
* feat: Basic email signin when enabled
* Improve guest signin email
Disable double signin with JWT
* fix: Simple rate limiting
* create placeholder users in db
* fix: Give invited users default avatar
add invited users to people settings
* test
* add transaction
* tmp: test CI
* derp
* md5
* urgh
* again
* test: pass
* test
* fix: Remove usage of data values
* guest signin page
* Visually separator 'Invited' from other people tabs
* fix: Edge case attempting SSO signin for guest email account
* fix: Correctly set email auth method to cookie
* Improve rate limit error display
* lint: cleanup / comments
* Improve invalid token error display
* style tweaks
* pass guest value to subdomain
* Restore copy link option
* feat: Allow invite revoke from people management
* fix: Incorrect users email schema does not allow for user deletion
* lint
* fix: avatarUrl for deleted user failure
* change default to off for guest invites
* fix: Changing security settings wipes subdomain
* fix: user delete permissioning
* test: Add user.invite specs
2019-12-15 18:46:08 -08:00
fb4f6822a4
feat: Events / audit log ( #1008 )
...
* feat: Record events in DB
* feat: events API
* First pass, hacky activity feed
* WIP
* Reset dashboard
* feat: audit log UI
feat: store ip address
* chore: Document events.list api
* fix: command specs
* await event create
* fix: backlinks service
* tidy
* fix: Hide audit log menu item if not admin
2019-08-05 20:38:31 -07:00
7aea6458ce
fix: Update email in auth service should update email in Outline
2019-06-25 21:44:46 -07:00
32f83311f6
chore: upgrade sequelize ( #965 )
...
* 0.18.0
* chore: Upgrade sequelize 4 -> 5
* fix: migrations v5 support
* fix: Majority of test failures
* fix: the rest of v5 tests
2019-06-23 15:49:45 -07:00
f80c3c6877
Fixed: Return error when Slack auth fails to help with debugging
2019-03-13 23:22:12 -07:00
ac814abda4
Fixes: Oauth error on subdomains authenticating slack post
2018-12-20 20:25:13 -08:00
8653338f4e
Fixes: Connecting slack commands from subdomain
2018-12-15 19:05:22 -08:00
b068ba9f02
Customize route for first signin for tracking
2018-12-08 08:57:34 -08:00
c60bd4260f
Provision subdomain for ALL new teams, add tests
2018-11-12 14:00:23 -08:00
61138ff4fa
Cleanup
2018-11-11 21:17:03 -08:00
cc9f32cdc9
Team switcher
2018-11-11 16:24:05 -08:00
10e1f0231c
Iterate, iterate
2018-11-11 14:23:31 -08:00
e24a187699
accessToken per subdomain
2018-11-09 23:40:33 -08:00
c323de4807
Attempt to provision subdomain on team create
2018-11-08 21:05:07 -08:00
21b1c0747c
Basic functionality in place, need improved errors and logged in redirect
2018-11-08 21:05:07 -08:00
662f908c76
Allow Slack integration setup for Google Auth accounts
2018-08-02 23:26:44 -07:00
4faccbcb4e
Fixes: Slack integration creation
2018-08-01 21:55:30 -07:00
fad5976dd2
Allowed domains env variable for Google Auth ( #682 )
...
* Allowed domains env variable for Google Auth
* Fixing lint errors
* PR comments. Use includes instead of indexOf
2018-06-16 12:36:02 -07:00
22e823df9a
Closes #665 - Correctly handle user not granting auth permissions, display friendly error
2018-06-04 21:06:47 -07:00
53a0f423c3
Track recently active and signin times ( #663 )
...
* Track recently active and signin times
* Trust proxy headers in production
2018-06-04 19:07:56 -07:00
329d23828d
Fallback for domain without public logo
2018-06-02 18:43:44 -04:00
2337b9df7f
service -> serviceId
2018-06-01 15:13:05 -04:00
55e1451160
Slack commands and post working agagain with new flow
2018-05-29 23:33:30 -07:00
4a7f8d3895
Move slack auth handling entirely to server
2018-05-28 23:44:56 -07:00
aa9ed09f08
Prevent signin without hosted domain
2018-05-28 22:32:36 -07:00
