|
|
89048ce943
|
chore: move brute force protection logic to middleware and a singleton class
|
2023-03-29 15:33:32 +05:00 |
|
|
|
a82cabb001
|
feat: prevent brute force attack by rate limiting login endpoint
|
2023-03-28 21:43:10 +05:00 |
|
Saad Jutt
|
b1a2677b8c
|
chore: specified domain for cookie for csrf as well
|
2022-10-10 00:48:13 +05:00 |
|
Saad Jutt
|
fe3e5088f8
|
fix: csrf package is changed to pillarjs-csrf
|
2022-09-29 20:33:30 +05:00 |
|
Saad Jutt
|
77f8d30baf
|
fix(cookie): XSRF cookie is removed and passed token in head section
|
2022-08-03 03:38:11 +05:00 |
|
Saad Jutt
|
ce5218a227
|
fix: Revert "fix(security): missing cookie flags are added"
This reverts commit 526402fd73.
|
2022-07-20 03:58:25 +05:00 |
|
Saad Jutt
|
526402fd73
|
fix(security): missing cookie flags are added
|
2022-07-20 01:40:31 +05:00 |
|
|
|
65380be2f3
|
fix: update /logout route to /SASLogon/logout
|
2022-06-22 00:24:41 +05:00 |
|
Saad Jutt
|
414fb19de3
|
chore: code changes
|
2022-05-30 00:32:05 +05:00 |
|
Saad Jutt
|
143b367a0e
|
test: fixed specs
|
2022-05-12 20:42:50 +05:00 |
|
Saad Jutt
|
a0b52d9982
|
test(web): moved authorize specs from api to web
|
2022-05-12 17:59:12 +05:00 |
|
Saad Jutt
|
b40de8fa6a
|
fix: moved getAuthCode from api to web routes
|
2022-05-11 21:01:00 +05:00 |
|
Saad Jutt
|
1f89279264
|
fix(upload): appStream uses CSRF + Session authentication
|
2022-05-02 18:01:28 +05:00 |
|
Saad Jutt
|
5aaac24080
|
fix: consume swagger api with CSRF
|
2022-05-01 06:07:17 +05:00 |
|
Saad Jutt
|
7b39cc06d3
|
fix: removed fileExists for serving web
|
2022-05-01 02:28:50 +05:00 |
|
Saad Jutt
|
b4b60c69cf
|
fix: setting CSRF Token for only rendering SPA
|
2022-04-30 06:32:24 +05:00 |
|
Saad Jutt
|
b060ad1b8e
|
fix: added CSRF check for granting access via session authentication
|
2022-04-30 05:04:27 +05:00 |
|
Saad Jutt
|
e462aebdc0
|
feat: enabled csrf tokens for web component
|
2022-04-29 02:59:48 +05:00 |
|
Saad Jutt
|
5da93f318a
|
feat: enabled session based authentication for web
|
2022-04-28 06:44:25 +05:00 |
|
Saad Jutt
|
db70b1ce55
|
fix: provide clientId to web component
|
2022-04-19 21:26:55 +05:00 |
|
Saad Jutt
|
b75139dda5
|
feat: compile systemInit and inject to autoExec
|
2021-11-18 03:12:05 +05:00 |
|
Saad Jutt
|
5e7cecf3ea
|
chore: fix for development docker-compose
|
2021-11-14 21:12:10 +05:00 |
|
Saad Jutt
|
4792f15c40
|
chore: docker configured for development api+web+mongodb
|
2021-11-14 09:03:38 +05:00 |
|
Saad Jutt
|
cd738aa4b8
|
chore: default is desktop mode with prompts
|
2021-11-12 23:59:55 +05:00 |
|
Saad Jutt
|
46f2648a95
|
chore: windows env variables needs to be trimmed
|
2021-11-12 21:27:29 +05:00 |
|
Saad Jutt
|
2eb42408d1
|
chore: added desktop mode + drive tmp folder fix
|
2021-11-12 19:43:56 +05:00 |
|
Saad Jutt
|
7a8123eb52
|
chore: docs finalized for stp and others
|
2021-11-11 03:20:19 +05:00 |
|
|
|
d93673f2a5
|
fix: change api endpoint SASjsExecutor/do -> SASjsApi/stp/execute
|
2021-11-02 09:54:56 +00:00 |
|
|
|
d52c2ed18c
|
chore: lint fix
|
2021-11-01 15:28:07 +00:00 |
|
|
|
0c6ccddafd
|
Merge branch 'master' into homepage-sasjs-executor
Conflicts:
api/src/app.ts
api/src/routes/index.ts
api/src/routes/spec/routes.spec.ts
|
2021-11-01 13:12:52 +00:00 |
|
