Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge pull request #830 from SISheogorath/feature/GDPR | Christoph (Sheogorath) Kern | 2018-06-17 | 1 | -0/+7 |
|\ | | | | | GDPR compliant part 1 | ||||
| * | Add token based security feature | Sheogorath | 2018-05-25 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | In the current setup users could be tricked into deleting their data by providing a malicious link like `[click me](/me/delete)`. This commit prevents such an easy attack and need the user's deleteToken to get his data deleted. In case someone requests his deletion by email you can also ask him for this token. We can add a GUI that shows it later on. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
| * | Fix requests for deleted users | Sheogorath | 2018-05-25 | 1 | -0/+3 |
| | | | | | | | | | | | | | | When users are requested from the authorship which no longer exist, they shouldn't cause a 500. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | | Merge pull request #784 from pferreir/add-oauth2-support | Christoph (Sheogorath) Kern | 2018-06-04 | 1 | -2/+2 |
|\ \ | |/ |/| | Add "generic" OAuth2 support | ||||
| * | Use TEXT instead of STRING for tokens | Pedro Ferreira | 2018-03-26 | 1 | -2/+2 |
| | | | | | | | | Signed-off-by: Pedro Ferreira <pedro.ferreira@cern.ch> | ||||
* | | Move letter-avatars into own request | Sheogorath | 2018-04-17 | 1 | -5/+5 |
|/ | | | | | | | | | | To prevent further weakening of our CSP policies, moving the Avatars into a non-inline version is the way to go. This implementation probably needs some beautification. But already fixes the bug. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | Initial support for SAML authentication | Norihito Nakae | 2017-11-28 | 1 | -0/+9 |
| | |||||
* | Add mattermost authentication | Christoph Witzany | 2017-10-31 | 1 | -0/+9 |
| | |||||
* | Fix broken profile images | Sheogorath | 2017-09-22 | 1 | -2/+6 |
| | |||||
* | refactor: Remove `require` extension filename | BoHong Li | 2017-05-08 | 1 | -2/+2 |
| | |||||
* | Use strict mode in all backend files | BoHong Li | 2017-03-14 | 1 | -0/+1 |
| | | | | add ‘use strict’ in all backend file | ||||
* | Use JavaScript Standard Style | BoHong Li | 2017-03-08 | 1 | -140/+138 |
| | | | | | Introduce JavaScript Standard Style as project style rule, and fixed all fail on backend code. | ||||
* | Fix user profile photo might not replace to proper size | Wu Cheng-Han | 2017-02-18 | 1 | -4/+4 |
| | |||||
* | Update to add biggerphoto on parsing user profile | Wu Cheng-Han | 2017-02-03 | 1 | -10/+26 |
| | |||||
* | Profile pictures for LDAP users | alecdwm | 2017-01-06 | 1 | -0/+11 |
| | |||||
* | Update to support optional email register and signin | Wu Cheng-Han | 2016-12-02 | 1 | -0/+33 |
| | |||||
* | Update to use bigger size of profile image | Cheng-Han, Wu | 2016-05-21 | 1 | -3/+3 |
| | |||||
* | Add support of google signin | Cheng-Han, Wu | 2016-05-21 | 1 | -0/+3 |
| | |||||
* | Update to use bigger avatar image and twitter now use screen_name based ↵ | Cheng-Han, Wu | 2016-05-20 | 1 | -2/+2 |
| | | | | profile image url | ||||
* | Add db migrations for PR #121 | Cheng-Han, Wu | 2016-05-15 | 1 | -0/+3 |
| | |||||
* | Retrieve GitLab avatar. | Jason Croft | 2016-05-12 | 1 | -0/+3 |
| | |||||
* | Add accessToken column | Jason Croft | 2016-05-11 | 1 | -1/+4 |
| | |||||
* | Refactor server with Sequelize ORM, refactor server configs, now will show ↵ | Cheng-Han, Wu | 2016-04-20 | 1 | -0/+77 |
note status (created or updated) and support docs (note alias) |