status-im
/
codimd
mirror of https://github.com/status-im/codimd.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,742 Commits 23 Branches 35 Tags 26 MiB
Commit Graph

680 Commits

Author SHA1 Message Date
Yukai Huang ab0ac83582
Fix updateHistory parameter 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-08-12 18:10:39 +08:00
James Tsai 4792908169 Fix linter 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-08-04 17:11:09 +08:00
James Tsai e7a4996cbe Update note title and history in update api 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-08-04 16:48:33 +08:00
James Tsai 091c77bdb1 Refactor, change response type to json in update-api user online checking 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-30 18:56:57 +08:00
James Tsai 04fe74d520 Refactor, use body parser, adjust update api content column 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-30 18:14:10 +08:00
James Tsai 53526c154a Check online users, update authorships, save revisions in update note content API 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-27 18:01:10 +08:00
James Tsai 96f8f06b00 Disconnect online users by delete API 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-27 18:01:10 +08:00
James Tsai b3cf98b329 Fix linter 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-27 18:01:10 +08:00
James Tsai b597dc9811 Add update note api 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-27 18:01:10 +08:00
James Tsai 66d53956c4 Add delete note api 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-27 18:01:10 +08:00
Yukai Huang 8e72eb5aca
Merge pull request #1548 from hackmdio/feature/list-my-note-api 
List-my-note API
 2020-07-15 17:13:35 +08:00
James Tsai 03bc329b3f Fix linter 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-14 17:34:32 +08:00
James Tsai a22cf73f60 Refactor, variable naming and myNoteList mapping 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-14 17:34:32 +08:00
James Tsai dcf48e749e Update route of list-my-notes api 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-14 17:34:32 +08:00
Yukai Huang 91fb54539a
Merge pull request #1546 from schokotets/develop 
feature: pass-through yaml metadata image to html meta tag
 2020-07-10 10:33:55 +08:00
Yukai Huang 3e09c7a21f
Merge pull request #1505 from daniele-athome/pr/feature/tags-array 
Use array for tags when available (close #1496)
 2020-07-09 15:50:57 +08:00
James Tsai 07f32f5bbf Fix standard 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-01 11:42:28 +08:00
James Tsai 2973bfbceb Add list-my-note API 
Signed-off-by: James Tsai <jamesscamel@gmail.com>
 2020-07-01 11:42:28 +08:00
schokotets 2c9f73cfb2
feature: pass-through yaml metadata image to html meta tag 
Signed-off-by: schokotets <moritzleni@gmail.com>
 2020-06-27 17:22:11 +02:00
Raccoon 8b67d6916d
fix: improve image upload to filesystem may caused app crash 
Signed-off-by: Raccoon <raccoon@hackmd.io>
 2020-05-31 00:41:01 +08:00
Raccoon ac6021a579 fix: returning 500 when getStatus failed 
Signed-off-by: Raccoon <raccoon@hackmd.io>
 2020-05-17 03:25:57 +08:00
Raccoon a3742e4564 fix: getStatus should reject promise 
1. reject promise when getStatus failed
2. change to use promise-way call getStatus in debug message

Signed-off-by: Raccoon <raccoon@hackmd.io>
 2020-05-17 03:25:20 +08:00
Raccoon 54ab0a08de
Merge pull request #1512 from stregouet/oauth2-state 
fix: add state parameter for oauth2
 2020-05-13 16:26:26 +08:00
Raccoon 20bacfbaf1
Merge pull request #1507 from tarlety/feature-metrics-merge-develop 
Exporting metrics for node.js, express, router, and codimd realtime status.
 2020-05-13 16:25:38 +08:00
Samuel Trégouët 6ff6d215ab fix: add state parameter for oauth2 
state parameter is recommended with oauth2 authentification
to mitigate CSRF attacks (see [1]).
hydra [2] will throw the following error message if state is
missing:

  description="The state is missing or has less than 8 characters and is therefore considered too weak" error=invalid_state hint="Request
 parameter \"state\" must be at least be 8 characters long to ensure sufficient entropy."

[1]: https://auth0.com/docs/protocols/oauth2/oauth-state
[2]: https://www.ory.sh/hydra/

Signed-off-by: Samuel Trégouët <samuel.tregouet@gmail.com>
 2020-05-11 15:59:49 +02:00
tarlety ac31e51d67
Fix session flood issue after prometheus metrics are implemented. 
Root cause:
- prometheus metrics '/metrics/codimd' exported by 3ca0341 are still in 'routes need sessions' section.
- prometheus scrapes metrics repeatedly.
- new session created every time while prometheus scrapes metrics '/metrics/codimd'.

Solution:
- move /metrics/codimd from lib/routes.js to lib/metrics.js.
- move /metrics/codimd from section 'routes need sessions' of app.js to 'routes without sessions'.

Signed-off-by: tarlety <tarlety@gmail.com>
 2020-05-04 20:57:46 +08:00
tarlety 09eb8556db
Exporting metrics for node.js, express, router, and codimd realtime status. 
1. **/metrics/router** : exporting node.js/express Prometheus metrics by
[prometheus-api-metrics](https://www.npmjs.com/package/prometheus-api-metrics)

2. **/metrics/codimd** : exporting codimd realtime status (/status) as
Prometheus metrics

Signed-off-by: tarlety <tarlety@gmail.com>
 2020-05-01 22:17:22 +08:00
Daniele Ricci 5463c8412c Use array for tags when available (close #1496) 
Signed-off-by: Daniele Ricci <daniele@casaricci.it>
 2020-04-30 20:31:22 +02:00
Lucas Druschke bcd92f500f return errorForbidden when anonymous user tries to create freeUrl pad (closes #1499) 
Signed-off-by: Lucas Druschke <ldruschk@posteo.de>
 2020-04-29 22:42:56 +02:00
Rafal Proszowski e1977a1da7
Fix GitHub's avatar URL 
At the moment, the URL is being composed and modified with the use of
string composition.

This causes issues, if the URL returned by GitHub slightly differs from
the time developer initially had a look into it.

In our case, the URL from GitHub has two query parameters in it, whilst
the codebase only expected one.

This change will take all of these parameters and only set the one we
care about, whilst leaving others intact and carry on with the full URL.

Fixes #1489

Signed-off-by: Rafal Proszowski <paroxp@gmail.com>
 2020-04-20 12:25:32 +01:00
BinotaLIU d4d0120ab7
prevert directly call of User.hashPassword() 
this preverted changes made in 7b8576d. now we use hooks to hash password.
no need to call User.hashPassword() manually.

Signed-off-by: BinotaLIU <me@binota.org>
 2020-04-20 00:04:13 +08:00
BinotaLIU 027195e973
add hooks for hash password 
Signed-off-by: BinotaLIU <me@binota.org>
 2020-04-20 00:04:13 +08:00
BinotaLIU f618576193
use async hashPassword/verifyPassword 
Signed-off-by: BinotaLIU <me@binota.org>
 2020-04-20 00:04:12 +08:00
BinotaLIU ec206db173
add methods for password hashing in User model 
Signed-off-by: BinotaLIU <me@binota.org>
 2020-04-20 00:04:12 +08:00
Raccoon 2fe10a78b7
chore: change aws-sdk to @aws-sdk/client-s3-node, reduced module size 
Signed-off-by: Raccoon <raccoon@hackmd.io>
 2020-04-12 02:24:35 +08:00
Raccoon 421ccbfc25
fix: lutim not required properly 
Signed-off-by: Raccoon <raccoon@hackmd.io>
 2020-04-12 02:11:43 +08:00
Raccoon e72bcfe0ea
Merge pull request #1459 from hackmdio/feat/improve-version-check 
Improve version checker behavior
 2020-04-05 15:36:10 +08:00
Raccoon 1b80245546
Merge pull request #1453 from moycat/feature/oauth-avatar 
Support avatar for OAuth users
 2020-03-26 05:17:27 +08:00
Mark Steve Samson 72c9d049f7
Fix check for creating free url notes 
Signed-off-by: Mark Steve Samson <marksteve@thinkingmachin.es>
 2020-03-17 21:00:16 +08:00
Raccoon bd508b166f
Update lib/web/middleware/checkVersion.js 
Signed-off-by: BoHong Li <raccoon@hackmd.io>
 2020-03-17 02:24:01 +08:00
BoHong Li b49a4e24f1
feat(versionCheck): add timeout to 1s and change logger type to avoid log error to disturb user 
Signed-off-by: BoHong Li <raccoon@hackmd.io>
 2020-03-17 01:24:38 +08:00
Kishan Mehta a1a69a75c0 Add correct path for minio 
This should fix #1452

Signed-off-by: Kishan Mehta <kishan@scrapinghub.com>
 2020-03-13 18:22:40 +05:30
moycat 46fdb6a6f0
Support avatar for OAuth users 
Signed-off-by: Moycat <i@moy.cat>
 2020-03-12 13:48:18 +08:00
BoHong Li 3ae3cb191d
fix: some environment variables not in docker secret 
Signed-off-by: BoHong Li <raccoon@hackmd.io>
 2020-03-06 20:51:25 +08:00
Max Wu fc662661a8 fix: only enable dropbox directives when config is given 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2020-03-03 18:35:57 +08:00
Max Wu e2c31e4cb3 fix: allow Dropbox dropins in CSP directives 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2020-03-03 17:25:36 +08:00
Max Wu 5c9438697a
Merge pull request #1435 from hackmdio/feat/remove-old-config 
Remove old config and environment
 2020-03-02 21:55:24 +08:00
BoHong Li 48582617ad
doc: remove HMD related and remove docs 
All docs migrate to online documentation now and store in `codimd-docs`

Signed-off-by: BoHong Li <raccoon@hackmd.io>
 2020-03-02 18:35:25 +08:00
Max Wu d658903d01
Merge pull request #1433 from hackmdio/feature/disable-include-subdomain-hsts 
Disable HSTS IncludeSubdomain, to prevent unexpected behavior
 2020-03-02 18:29:03 +08:00
BoHong Li ffe0783869
feat: old config and environment is not use anymore 
BREAKING CHANGE: remove old config and environment

Signed-off-by: BoHong Li <raccoon@hackmd.io>
 2020-03-02 12:06:28 +08:00