CalvinBackup/notesnook-sync-server_customPrivateV1
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook-sync-server.git synced 2026-02-12 11:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
287 Commits 3 Branches 21 Tags
master
Commit Graph

100 Commits

Author SHA1 Message Date
Abdullah Atta
64ae13b589 identity: handle crash on introspection when user is null 2024-06-07 15:36:01 +05:00
Abdullah Atta
99da765a1c api: use wamp services instead of forwarding http requests for internal apis 2024-06-07 15:35:31 +05:00
Abdullah Atta
0ce5b69f91 identity: send email even if gpg signing fails 2024-05-16 13:20:26 +05:00
Abdullah Atta
95119f8df2 global: change default log level in prod to Warning 2024-05-16 13:16:11 +05:00
Abdullah Atta
dac2d7a577 identity: many fixes to auth grant validation 2024-05-16 13:15:41 +05:00
Abdullah Atta
abe7e67933 identity: include scope when validating account recovery token 2024-05-16 13:15:04 +05:00
Abdullah Atta
e21e2f1510 identity: fix no error being showed if user is locked out 2024-03-05 10:10:47 +05:00
Abdullah Atta
cece6ad4e2 identity: catch and log errors during signup 2024-03-05 10:08:14 +05:00
Abdullah Atta
1e43f7bfdd identity: fix expired tokens not being removed 2024-03-05 10:07:54 +05:00
Abdullah Atta
29eedd57e8 global: minor refactoring 2024-03-05 10:07:01 +05:00
Abdullah Atta
4da9614851 global: upgrade to net8.0 2024-03-05 10:03:27 +05:00
Abdullah Atta
9f4293560f identity: only clean reference_tokens 2023-10-28 11:38:18 +05:00
Abdullah Atta
1f72e2c3a8 identity: fix session revokation 2023-10-28 11:08:17 +05:00
Abdullah Atta
3746c4b42b identity: extend token expiration time 2023-10-24 10:11:02 +05:00
Abdullah Atta
aa77c543dd identity: change disposable domains blocklist 2023-10-24 10:10:22 +05:00
Abdullah Atta
aa62803c73 identity: fix build 2023-09-09 20:37:45 +05:00
Abdullah Atta
3208fdd532 identity: allow twilio errors to propagate 2023-09-09 20:36:05 +05:00
Abdullah Atta
2c1dc6f95e identity: minor refactors 2023-09-09 20:31:21 +05:00
Abdullah Atta
d91df60c57 identity: reset user 2fa on password reset 2023-09-09 20:31:02 +05:00
Abdullah Atta
1a5fe8230e identity: move to twilio verify for SMS 2FA 2023-09-09 20:30:35 +05:00
Abdullah Atta
87fd5b8196 identity: delete user completely on unregister 2023-06-28 17:16:29 +05:00
Abdullah Atta
5e95cd5ec9 identity: do not enable mfa on sign up 2023-06-28 17:13:01 +05:00
Abdullah Atta
eb45e8c3ce identity: enable mfa after user confirms email 2023-06-28 17:12:49 +05:00
Abdullah Atta
0ad00c9747 identity: make 2fa truly mandatory 2023-06-08 12:55:27 +05:00
Abdullah Atta
26703bfd8e identity: add support for toggling marketing consent 2023-06-08 12:54:57 +05:00
Abdullah Atta
5ca66f5819 identity: save which platform a user signed up from 
this is normalized to web, android or iOS.
Specific device information is not saved.
 2023-05-22 18:23:22 +05:00
Abdullah Atta
99a7ffa6ae identity: keep all grants for 12 hours before cleaning up 2023-04-27 12:26:54 +05:00
Abdullah Atta
6f47574556 migrate to Streetwriters.IdentityServer4.KeyRack 2023-03-28 16:55:16 +05:00
Abdullah Atta
7dcda17474 identity: disable 2FA by SMS for trial users 2023-03-02 17:43:27 +05:00
Abdullah Atta
20eec79cef identity: prevent users with disposable emails from signing up 
while this is not a perfect way to prevent abuse of service, we do want
to avoid getting spammed with fake accounts. Creating a valid email
account is significantly more cumbersome than using a disposable email
address.

Currently the list of blacklisted domains is extracted from
https://github.com/disposable/disposable
and it is refreshed after every 24 hours.
 2023-03-02 17:43:10 +05:00
Abdullah Atta
5d5c179810 fix: fail by default if user has no 2fa method but is using a recovery code 2023-02-14 19:51:07 +05:00
Abdullah Atta
061a07120c fix: mfa recovery codes not working due to dual otp & recovery code checks 2023-02-14 18:02:17 +05:00
Abdullah Atta
c560f2ac5f identity: use Quartz.NET for token cleanup 2023-01-24 15:34:18 +05:00
Abdullah Atta
f38e61d58f global: update copyright year to 2023 2023-01-16 13:33:47 +05:00
Abdullah Atta
40ea0ab6b6 identity: add automatic expired token cleanup in prod 2023-01-16 13:30:34 +05:00
Abdullah Atta
ad03e9d6f0 identity: add support for infinite sliding refresh tokens 
this fixes a lot of unexpected session expiry issues.
 2023-01-16 13:30:12 +05:00
Abdullah Atta
a14ccfadce identity: better handling of unregistered users 2023-01-16 13:28:35 +05:00
Abdullah Atta
f2ee766b09 identity: get correct remote address in case of auth failure 2023-01-16 13:28:03 +05:00
Abdullah Atta
fc17e7a2fb identity: add support for account email changing 2023-01-16 13:25:38 +05:00
Abdullah Atta
c368d32694 identity: use MultipartSigned.CreateAsync 2023-01-05 19:45:03 +05:00
Abdullah Atta
cb3c8ed4ac global: add very basic server versioning 2023-01-05 19:44:45 +05:00
Abdullah Atta
38c410db58 common: make CORS origins configurable 2023-01-05 19:41:25 +05:00
Abdullah Atta
50c06fc11d global: read env from .env file in release mode 2023-01-05 19:27:25 +05:00
Abdullah Atta
9db20e7f98 global: add ssl support to all servers 2023-01-03 22:28:17 +05:00
Abdullah Atta
9af8a46f87 chore: read env vars from .env.local during dev 2022-12-30 19:23:39 +05:00
Abdullah Atta
b15495d1bc docker: add Dockerfiles for all servers & enable docker compose 2022-12-30 11:24:33 +05:00
Abdullah Atta
c0fab8a735 global: make ready for self hosting 
This exposes a few more env vars for configuration &
bypasses the Subscription backend
so each user is Pro by default. This is required because there won't be
any mechanism for the user to upgrade. We'll also have to disable a few
things on the client side to avoid confusion.
 2022-12-30 11:23:02 +05:00
Abdullah Atta
3f89ebc214 global: move more config to env vars 2022-12-29 11:18:29 +05:00
Abdullah Atta
af9b357f3f read env vars from .env file 2022-12-28 17:33:18 +05:00
Abdullah Atta
4e9f82fe48 open source identity server 2022-12-28 17:24:47 +05:00