CalvinBackup/notesnook-sync-server_customPrivateV1
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook-sync-server.git synced 2026-02-12 19:22:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
131 Commits 3 Branches 21 Tags
3ebfc8de7c7e736f1cfbdb0085ad93f6ce873786
Commit Graph

59 Commits

Author SHA1 Message Date
Abdullah Atta
3ebfc8de7c docker: remove --use-current-runtime 2024-07-31 09:12:28 +05:00
Abdullah Atta
2201984689 docker: fix You may also need to include 'linux-x64' in your project's RuntimeIdentifiers 2024-07-31 09:07:25 +05:00
Abdullah Atta
46675033c8 fix docker build (again) 2024-07-30 16:11:12 +05:00
Abdullah Atta
805ee02b4b fix docker build 2024-07-30 16:06:18 +05:00
Abdullah Atta
edd860e3ae global: simplify dockerfiles 2024-07-30 15:38:17 +05:00
Abdullah Atta
dad489f41d global: update docker-compose config 2024-07-30 11:30:56 +05:00
Abdullah Atta
a3b875a3c5 identity: change IPersistedGrantDbContext to a singleton 2024-06-07 15:42:08 +05:00
Abdullah Atta
b304d314a0 identity: minor refactor 2024-06-07 15:40:14 +05:00
Abdullah Atta
c5b41be2fd identity: register wamp user account service 2024-06-07 15:38:25 +05:00
Abdullah Atta
64ae13b589 identity: handle crash on introspection when user is null 2024-06-07 15:36:01 +05:00
Abdullah Atta
99da765a1c api: use wamp services instead of forwarding http requests for internal apis 2024-06-07 15:35:31 +05:00
Abdullah Atta
0ce5b69f91 identity: send email even if gpg signing fails 2024-05-16 13:20:26 +05:00
Abdullah Atta
95119f8df2 global: change default log level in prod to Warning 2024-05-16 13:16:11 +05:00
Abdullah Atta
dac2d7a577 identity: many fixes to auth grant validation 2024-05-16 13:15:41 +05:00
Abdullah Atta
abe7e67933 identity: include scope when validating account recovery token 2024-05-16 13:15:04 +05:00
Abdullah Atta
e21e2f1510 identity: fix no error being showed if user is locked out 2024-03-05 10:10:47 +05:00
Abdullah Atta
cece6ad4e2 identity: catch and log errors during signup 2024-03-05 10:08:14 +05:00
Abdullah Atta
1e43f7bfdd identity: fix expired tokens not being removed 2024-03-05 10:07:54 +05:00
Abdullah Atta
29eedd57e8 global: minor refactoring 2024-03-05 10:07:01 +05:00
Abdullah Atta
4da9614851 global: upgrade to net8.0 2024-03-05 10:03:27 +05:00
Abdullah Atta
9f4293560f identity: only clean reference_tokens 2023-10-28 11:38:18 +05:00
Abdullah Atta
1f72e2c3a8 identity: fix session revokation 2023-10-28 11:08:17 +05:00
Abdullah Atta
3746c4b42b identity: extend token expiration time 2023-10-24 10:11:02 +05:00
Abdullah Atta
aa77c543dd identity: change disposable domains blocklist 2023-10-24 10:10:22 +05:00
Abdullah Atta
aa62803c73 identity: fix build 2023-09-09 20:37:45 +05:00
Abdullah Atta
3208fdd532 identity: allow twilio errors to propagate 2023-09-09 20:36:05 +05:00
Abdullah Atta
2c1dc6f95e identity: minor refactors 2023-09-09 20:31:21 +05:00
Abdullah Atta
d91df60c57 identity: reset user 2fa on password reset 2023-09-09 20:31:02 +05:00
Abdullah Atta
1a5fe8230e identity: move to twilio verify for SMS 2FA 2023-09-09 20:30:35 +05:00
Abdullah Atta
87fd5b8196 identity: delete user completely on unregister 2023-06-28 17:16:29 +05:00
Abdullah Atta
5e95cd5ec9 identity: do not enable mfa on sign up 2023-06-28 17:13:01 +05:00
Abdullah Atta
eb45e8c3ce identity: enable mfa after user confirms email 2023-06-28 17:12:49 +05:00
Abdullah Atta
0ad00c9747 identity: make 2fa truly mandatory 2023-06-08 12:55:27 +05:00
Abdullah Atta
26703bfd8e identity: add support for toggling marketing consent 2023-06-08 12:54:57 +05:00
Abdullah Atta
5ca66f5819 identity: save which platform a user signed up from 
this is normalized to web, android or iOS.
Specific device information is not saved.
 2023-05-22 18:23:22 +05:00
Abdullah Atta
99a7ffa6ae identity: keep all grants for 12 hours before cleaning up 2023-04-27 12:26:54 +05:00
Abdullah Atta
6f47574556 migrate to Streetwriters.IdentityServer4.KeyRack 2023-03-28 16:55:16 +05:00
Abdullah Atta
7dcda17474 identity: disable 2FA by SMS for trial users 2023-03-02 17:43:27 +05:00
Abdullah Atta
20eec79cef identity: prevent users with disposable emails from signing up 
while this is not a perfect way to prevent abuse of service, we do want
to avoid getting spammed with fake accounts. Creating a valid email
account is significantly more cumbersome than using a disposable email
address.

Currently the list of blacklisted domains is extracted from
https://github.com/disposable/disposable
and it is refreshed after every 24 hours.
 2023-03-02 17:43:10 +05:00
Abdullah Atta
5d5c179810 fix: fail by default if user has no 2fa method but is using a recovery code 2023-02-14 19:51:07 +05:00
Abdullah Atta
061a07120c fix: mfa recovery codes not working due to dual otp & recovery code checks 2023-02-14 18:02:17 +05:00
Abdullah Atta
c560f2ac5f identity: use Quartz.NET for token cleanup 2023-01-24 15:34:18 +05:00
Abdullah Atta
f38e61d58f global: update copyright year to 2023 2023-01-16 13:33:47 +05:00
Abdullah Atta
40ea0ab6b6 identity: add automatic expired token cleanup in prod 2023-01-16 13:30:34 +05:00
Abdullah Atta
ad03e9d6f0 identity: add support for infinite sliding refresh tokens 
this fixes a lot of unexpected session expiry issues.
 2023-01-16 13:30:12 +05:00
Abdullah Atta
a14ccfadce identity: better handling of unregistered users 2023-01-16 13:28:35 +05:00
Abdullah Atta
f2ee766b09 identity: get correct remote address in case of auth failure 2023-01-16 13:28:03 +05:00
Abdullah Atta
fc17e7a2fb identity: add support for account email changing 2023-01-16 13:25:38 +05:00
Abdullah Atta
c368d32694 identity: use MultipartSigned.CreateAsync 2023-01-05 19:45:03 +05:00
Abdullah Atta
cb3c8ed4ac global: add very basic server versioning 2023-01-05 19:44:45 +05:00