Martin Kleinschrodt
878c03644e
Add Mixpanel logger
2021-10-19 17:15:59 +02:00
Martin Kleinschrodt
0af8e1f8a1
Refactor logging
2021-10-18 08:58:00 +02:00
Martin Kleinschrodt
bfa616b7a6
WIP
2021-10-17 13:48:53 +02:00
Martin Kleinschrodt
dc98368f5b
Load email content from templates instead of constructing it with javascript
2021-10-16 16:10:27 +02:00
Martin Kleinschrodt
96c0e69cee
WIP
2021-10-16 14:58:10 +02:00
Martin Kleinschrodt
5f5392ea93
if browser name is "Electron" simply say "[Platform] device" in device description
2021-10-11 15:01:54 +02:00
Martin Kleinschrodt
a90c8db059
Add support for setting default provisioning via simple provisioner api
2021-10-10 17:36:38 +02:00
Martin Kleinschrodt
b4ad156ff2
Fix validation of scheduled updates
2021-10-05 10:32:43 +02:00
Martin Kleinschrodt
5eb8375f5e
Make actionLabel mandatory if actionUrl is provided
2021-10-05 09:02:34 +02:00
Martin Kleinschrodt
027b25e112
Dont' forget to return entry
2021-10-04 13:18:04 +02:00
Martin Kleinschrodt
e02b74c11e
Add support for scheduled updates
2021-10-04 12:41:06 +02:00
Martin Kleinschrodt
48548d2691
Add provisioning status label
2021-10-04 08:56:12 +02:00
Martin Kleinschrodt
aa74bc3938
Delete auth info when logging out; make sure to use default action url and label when creating new account provisioning
2021-10-04 07:53:22 +02:00
Martin Kleinschrodt
cf753dfc59
Add provisioning endpoint to docker setup
2021-10-03 17:37:16 +02:00
Martin Kleinschrodt
ecaeffba4a
Handle vault provisioning separately
2021-10-03 15:56:01 +02:00
Martin Kleinschrodt
90c4a8d630
More work on new provisioning system
2021-10-03 13:49:04 +02:00
Martin Kleinschrodt
eb3823e852
First pass at implementing new provisioning system to replace existing billing system
2021-10-01 11:16:45 +02:00
Martin Kleinschrodt
78fc76b456
Add better implementation for "ad hoc" default authenticators; allow client to specify which authentication types it supports
2021-09-28 15:41:40 +02:00
Martin Kleinschrodt
23ac1969ec
First pass at refactoring login/signup flow
2021-09-26 09:08:48 +02:00
Martin Kleinschrodt
39d6334565
Add node http sender
2021-09-25 11:57:37 +02:00
Martin Kleinschrodt
19b0471c89
Surface verification error instead of returning false
2021-09-25 11:56:49 +02:00
Martin Kleinschrodt
7dfdd3a27b
Upgrade typescript version
2021-09-25 10:06:45 +02:00
Martin Kleinschrodt
93ce9de764
Reorganize auth-related files
2021-09-25 10:06:05 +02:00
Martin Kleinschrodt
3a5ea2e318
Implement PKCE for openid
2021-09-24 13:10:20 +02:00
Martin Kleinschrodt
5f16e75a99
Rename anything "MFA"-related to more generic "Auth" or "Authentication"
2021-09-23 17:02:44 +02:00
Martin Kleinschrodt
6357c32329
WIP
2021-09-22 17:29:19 +02:00
Martin Kleinschrodt
66b7e22bf6
First pass at implementing open id authenticator
2021-09-20 15:57:05 +02:00
Martin Kleinschrodt
30a47ec144
Allow marking certain config params as secret to prevent them from being logged
2021-09-16 14:28:05 +02:00
Martin Kleinschrodt
7b9392f7a1
Add better json serialization to config params
2021-09-16 10:54:21 +02:00
Martin Kleinschrodt
c36e172058
Add node http sender
2021-09-15 10:21:08 +02:00
Martin Kleinschrodt
6f1a144b16
Minor code cleanup
2021-09-14 08:01:52 +02:00
Martin Kleinschrodt
85aa8787e1
Update docker setup to include reverse proxy and mongo instance
2021-09-09 16:29:55 +02:00
Martin Kleinschrodt
5fa57eecfb
Update default mongodb port to correct value
2021-09-09 12:53:24 +02:00
Martin Kleinschrodt
8fc74cea62
Remove lookbehind regex expression since it's not supported in safari or firefox yet
2021-09-08 18:41:41 +02:00
Martin Kleinschrodt
1e640fdd5e
Implement more flexible configuration system; refactor server init script and directory structure
2021-09-08 09:50:59 +02:00
Martin Kleinschrodt
831ea321c6
Store active sessions on Auth object instead of the Account object; load auth object into request context by default
2021-09-06 15:11:32 +02:00
Martin Kleinschrodt
39f388bc54
Change attestation type to indirect
2021-08-31 08:24:51 +02:00
Martin Kleinschrodt
30cf0995a7
Upgrade SimpleWebAuthn dependency
2021-08-29 13:41:58 +02:00
Martin Kleinschrodt
6b2ec54664
Add support for biometric unlock on cordova via new MFAuthenticator Type
2021-08-29 11:20:38 +02:00
Martin Kleinschrodt
925cd29a33
- Add distinct MFA types for Webauthn platform and portable authenticators
...
- Prevent double registration of authenticators
- Move mfAuthenticator functionality into platform object
2021-08-27 16:55:20 +02:00
Martin Kleinschrodt
a1cfbbd992
Add support for TOTP as MFA method
2021-08-22 09:48:01 +02:00
Martin Kleinschrodt
321ff13fe3
Add session management to app
2021-08-21 09:06:35 +02:00
Martin Kleinschrodt
5755a4d46a
Remove usage of (monkey-patched) SimpleWebAuthn::MetaDataService until it is updated upstream
2021-08-20 16:19:26 +02:00
Martin Kleinschrodt
7854f37e8c
Rename EmailMessenger to SMTPMessenger
2021-08-20 08:43:28 +02:00
Martin Kleinschrodt
4f48679c91
Use maxminds official node package instead of geoip-lite
2021-08-20 08:43:00 +02:00
Martin Kleinschrodt
955a84ce1c
Initial test with geoip package
2021-08-20 07:58:10 +02:00
Martin Kleinschrodt
cd50bb5298
First pass at splitting up settings view and adding ui for adding/removing mfa methods
2021-08-19 17:04:59 +02:00
Martin Kleinschrodt
3a40638c8c
First pass at implementing more mfa methods for login
2021-08-15 18:52:02 +02:00
Martin Kleinschrodt
6cfa4e978e
Use client url instead of server URL for deriving webauthn rpID
2021-08-15 08:36:03 +02:00
Martin Kleinschrodt
67b201578b
Fix typo
2021-08-15 08:03:19 +02:00
Martin Kleinschrodt
af1c765291
Use correct client url for configuring webauthnserver
2021-08-15 08:01:57 +02:00
Martin Kleinschrodt
36d713961e
Properly configure webauthnauthserver
2021-08-15 07:28:30 +02:00
Martin Kleinschrodt
2a075877a8
Add support to connect to third-party mongodb instance via tls
2021-08-12 14:00:23 +02:00
Martin Kleinschrodt
26a6aa32bf
Add experimental S3 attachment storage engine
2021-08-12 10:27:00 +02:00
Martin Kleinschrodt
79884b2e37
Add (experimental) mongodb storage backend
2021-08-11 17:09:01 +02:00
Martin Kleinschrodt
3f01462f2f
Replace console messenger added for debugging
2021-08-06 15:25:52 +02:00
Martin Kleinschrodt
63076556d8
Bump npm version to 4.0.0; clean up/fix some dependencies
2021-08-06 15:07:25 +02:00
Martin Kleinschrodt
88beab7e4b
Merge commit '2a026dd03d0871160a33210837497d898ad5bf91' into v4
...
* commit '2a026dd03d0871160a33210837497d898ad5bf91':
Fix unauthenticated SMTP connection
v3.1.4
Don't attempt to translate "My Vault" until issues with language loading are resolved
Properly serialize/deserialize items during export/import
# Conflicts:
# packages/app/package-lock.json
# packages/app/package.json
# packages/cordova/package-lock.json
# packages/cordova/package.json
# packages/core/package-lock.json
# packages/core/package.json
# packages/electron/package-lock.json
# packages/electron/package.json
# packages/extension/package-lock.json
# packages/extension/package.json
# packages/locale/package-lock.json
# packages/manage/package.json
# packages/pwa/package-lock.json
# packages/server/package-lock.json
# packages/server/package.json
# packages/tauri/package-lock.json
# packages/tauri/package.json
2021-07-17 09:36:48 +02:00
Martin Kleinschrodt
87df974e6c
Implement "ConsoleMessenger" that prints messages to the console for testing/debugging
2021-06-27 11:19:14 +02:00
Martin Kleinschrodt
4e748dec1f
First pass at implementing biometric unlock using webauthn
2021-06-16 17:20:49 +02:00
Martin Kleinschrodt
516e2de4f7
WIP
2021-06-15 09:27:40 +02:00
Martin Kleinschrodt
afb6f9abcb
Update login and signup pages to work with new mfa system
2021-06-14 09:22:40 +02:00
Martin Kleinschrodt
cd17555740
First pass at implementing webauthn mfa provider
2021-06-13 10:46:54 +02:00
Martin Kleinschrodt
20ebc5c18c
First pass at new mfa system
2021-06-12 18:19:11 +02:00
Martin Kleinschrodt
0395ce559b
WIP 36
2021-05-30 17:03:22 +02:00
Martin Kleinschrodt
3444dc9e7f
WIP 35
2021-05-30 15:53:51 +02:00
Waked
2a026dd03d
Fix unauthenticated SMTP connection
2021-03-27 08:58:25 +01:00
Martin Kleinschrodt
c7a6682fe8
v3.1.4
2021-02-25 09:55:51 +01:00
Martin Kleinschrodt
97f0364fc5
Update stripe typings, fix typescript errors in billing module
...
Fixes #295
2020-11-11 09:04:43 +01:00
dome4
0ec2059dd7
Fix server import
2020-11-08 17:40:02 +01:00
Martin Kleinschrodt
062e0945d0
Update node typings in server package, convert Uint8Array to Buffer to fix compiler complaints
2020-10-28 13:36:51 +01:00
Martin Kleinschrodt
00da3cc59d
v3.1.3
2020-10-25 15:13:53 +01:00
Martin Kleinschrodt
7d0f08ea0a
Implement full crypto suite in node crypto provider
2020-10-25 13:55:28 +01:00
Martin Kleinschrodt
86a14ca48c
Fix bug causing trial period to end early when providing payment method
2020-07-28 08:16:34 +02:00
Martin Kleinschrodt
71578d3f1d
Bump version
2020-07-26 17:49:04 +02:00
Martin Kleinschrodt
2bd3188b11
Bump the rest of the package files to v3.1.1 that were missed before
2020-07-04 16:24:20 +02:00
Martin Kleinschrodt
46665c8890
Don't reset trial phase when switching or canceling subscriptions; update org revision after syncing billing information to make sure users get the updated info
2020-06-30 08:30:56 +02:00
Martin Kleinschrodt
196a600011
If subscription is canceled while still in trial mode, delete subscription immediately and instead of at period end
2020-06-28 15:52:38 +02:00
Martin Kleinschrodt
3955a2e57d
fix legacy server not resolving promise if not data is received
2020-05-30 09:02:01 +02:00
Martin Kleinschrodt
b10f0b5c30
Choose appropropriate request module based on legacy server url
2020-05-29 19:27:44 +02:00
Martin Kleinschrodt
2c2b2fc5e9
Fix legacy import; add some additional messages and guidance
2020-05-27 18:47:54 +02:00
Martin Kleinschrodt
82cb762f1f
bump version to 3.1.0
2020-05-27 18:47:53 +02:00
Martin Kleinschrodt
1a1d267a31
Always return null if request to legacy server fails
2020-05-27 18:47:52 +02:00
Martin Kleinschrodt
4295519eaa
Ask to delete legacy account after successful migration
2020-05-27 18:47:52 +02:00
Martin Kleinschrodt
fbdcc989a3
First pass at creating simple legacy account migration during login/signup
2020-05-27 18:47:51 +02:00
Martin Kleinschrodt
bdd0bab7e5
downgrade responses to the client version if necessary
2020-05-27 18:47:50 +02:00
Giancarlos Salas
1622784f11
Add option to use secure connection in mailing
2020-04-15 17:24:43 +02:00
Martin Kleinschrodt
c722d05203
v3.0.14
2020-03-10 14:57:01 +01:00
Martin Kleinschrodt
93eb3380db
Fix parsing of discounts without a name
2019-12-24 16:17:34 +01:00
Martin Kleinschrodt
da69813418
Load billing provider info from api rather than during build time
2019-12-15 11:46:13 +01:00
Martin Kleinschrodt
9e961e214b
v3.0.13
2019-12-13 10:39:02 +01:00
Martin Kleinschrodt
7e4c6f5b73
Add real convenience methods for updating accounts and orgs
2019-12-12 09:04:35 +01:00
Martin Kleinschrodt
840b4d2e71
Add various class constructors to repl context for convenience
2019-12-12 08:32:19 +01:00
Martin Kleinschrodt
cfa167f79f
v3.0.12
2019-12-05 15:27:35 +01:00
Martin Kleinschrodt
6cd9791cc6
Automatically subscribe customer to free plan if no plan is currently set
2019-12-03 15:50:31 +01:00
Martin Kleinschrodt
a270bd760a
Add option to revert to free plan if subscription is inactive
2019-12-03 15:49:50 +01:00
Martin Kleinschrodt
1839612d23
v3.0.11
2019-12-03 11:06:41 +01:00
Martin Kleinschrodt
1cff53ac7a
Clean up unused dependencies
2019-11-29 17:26:30 +01:00
Martin Kleinschrodt
4bde082799
Set up docker and docker-compose configs for use with logging and repl
2019-11-29 17:08:25 +01:00
Martin Kleinschrodt
a6aa819dd5
Add option to display logs
...
Add repl history support
2019-11-24 10:24:10 +01:00
Martin Kleinschrodt
70ed1f8928
WIP
2019-11-21 16:35:00 +01:00
Martin Kleinschrodt
d1209081a2
Server: add logging
2019-11-17 08:09:42 +01:00
Martin Kleinschrodt
2916223f14
Storage: allow limiting key range when listing objects
2019-11-17 08:09:42 +01:00
Martin Kleinschrodt
a7456972d6
More work on server management cli: Allow deleting accounts as well as manually syncing billing info with billing provider
2019-11-17 08:09:41 +01:00
Martin Kleinschrodt
31b877329a
Billing update: only call stripe update and second sync if necessary
2019-11-17 08:08:59 +01:00
Martin Kleinschrodt
342ce26ca3
First pass at implementing simple cli for managing accounts and organizations on the server side
2019-11-17 08:08:59 +01:00
Martin Kleinschrodt
1f8d152258
Clean up package files in preparation for publishing @padloc/core and @padloc/locale modules (all other packages will remain private for now)
2019-11-14 16:11:47 +01:00
Martin Kleinschrodt
ebc4090f67
v3.0.10
2019-11-14 15:36:32 +01:00
Martin Kleinschrodt
ec094c5296
v3.0.9
2019-11-10 17:14:45 +01:00
Martin Kleinschrodt
c1932781ed
v3.0.7
2019-11-02 18:25:25 +01:00
Martin Kleinschrodt
f2aefb8f7c
v3.0.6
2019-11-01 14:39:57 +01:00
Martin Kleinschrodt
7e1899cc66
Implement consistent defaults for configuration variables
...
Update npm scripts
Update readme
2019-11-01 14:39:00 +01:00
Martin Kleinschrodt
7e98bfb4d2
Fix typo
2019-10-30 22:49:51 +01:00
Martin Kleinschrodt
b5b8b6603f
Create new pwa package to separate webpack builds from ui package
2019-10-12 17:12:45 +02:00
Martin Kleinschrodt
62c25dba45
Bump version to 3.0.5
2019-10-08 12:04:41 +02:00
Martin Kleinschrodt
98966402e3
Handle inactive or missing subscription on accounts and organisations by resetting quota and freezing organization respectively
2019-10-07 17:19:19 +02:00
Martin Kleinschrodt
cd22b18ff9
Bump version to 3.0.4
2019-09-29 19:18:15 +02:00
Martin Kleinschrodt
710d2e50c1
Bump version to 3.0.3
2019-09-19 11:32:04 +02:00
Martin Kleinschrodt
0c87fc5dc5
Bump version to 3.0.1
2019-09-15 17:54:29 +02:00
Martin Kleinschrodt
33fb7e40c3
Add option to disable editing payment method (to comply with iOS app store regulations)
2019-09-15 17:48:38 +02:00
Martin Kleinschrodt
dd3df4cfde
Loosen age restriction for api request, make configurable, return more helpful message
2019-09-07 09:38:23 +02:00
Martin Kleinschrodt
3b5d903045
Add option to disable multi-factor auth for login
2019-09-05 14:32:39 +02:00
Martin Kleinschrodt
2c82d43e41
Update billing when first creating an account; Reuse "legacy" accounts with same email if one exists
2019-09-02 13:37:27 +02:00
Martin Kleinschrodt
964dd7c9f9
Fix npm audit warnings in app and server packages
2019-08-25 15:50:47 +02:00
Martin Kleinschrodt
342780c44f
Use json instead of yams for translation files so we don't need a custom webpack loader and can load it from node without webpack
...
Allow loading more specific locales by falling back to more generic ones (e.g. de-DE falls back to de)
2019-08-17 08:45:38 +02:00
Martin Kleinschrodt
db457b3aff
Merge branch 'ncc-audit-fixes' into v3
...
* ncc-audit-fixes:
Introduce an `updated` property on `OrgMember` and include it in the member signature. In addition to verifying the member signature itself, clients now also verify that the members `updated` property is higher than or equal to a minimum value which is stored in the `minMemberUpdated` property of the `Org` object. When removing a member, the organization owner increases the `minMemberUpdated` value to the current time and then re-signs all remaining members. To prevent this value from being rolled back by an attacker, clients also verify that this value is never lower than the last known (locally stored) value. This should prevent attackers from silently re-adding removed members as described in NCC-PadlockCryptoReview-013.
Use delimiter when constructing signature from multiple values Fixes NCC-PadlockCryptoReview-014
Remove support for smaller SRP group sizes Fixes NCC-PadlockCryptoReview-002
Increase default authentication tag size to 128 bits Fixes NCC-PadlockCryptoReview-006
Use constant-time comparison where appropriate Fixes NCC-PadlockCryptoReview-005, NCC-PadlockCryptoReview-008, NCC-PadlockCryptoReview-012
Don't include full Auth object in InitAuthResponse, passing account id and key derivation params only. Fixes NCC-PadlockCryptoReview-011
Conflicts:
packages/core/src/api.ts
packages/core/src/app.ts
packages/core/src/org.ts
packages/core/src/server.ts
2019-08-06 13:18:22 +02:00
Martin Kleinschrodt
d6da66f1b5
Provider default crypto provider via platform module
2019-07-16 10:52:56 +02:00
Martin Kleinschrodt
ea4c7dc5c0
Properly handle accounts for which the stripe customer object does no longer exist
2019-07-13 09:01:08 +02:00
Martin Kleinschrodt
ab7627beed
Update default account and org quota
2019-07-04 15:18:52 +02:00
Martin Kleinschrodt
f6064f1149
First pass at creating service worker for precaching and other PWA features
2019-07-02 15:10:00 +00:00
Martin Kleinschrodt
f101cf2620
fix dev npm script
2019-06-25 18:09:49 +01:00
Martin Kleinschrodt
c84a71d86b
Add Stripe webhook. Add support for 3D auth
2019-06-25 14:57:33 +00:00
Martin Kleinschrodt
dd01e5ab73
Implement element for displaying subscription status
...
Add info about used storage to Account and Org object
Implement cancelling a subscription
Add config for default Account/Org quota
2019-06-18 12:20:36 +01:00
Martin Kleinschrodt
9a2e27da6a
Add support for deleting an Organization
2019-06-15 16:27:56 +01:00
Martin Kleinschrodt
7aa682b795
Implement creating an org with a specific plan and billing info
2019-06-15 16:27:56 +01:00
Martin Kleinschrodt
5b2d41f66b
WIP
2019-06-15 16:27:56 +01:00
Martin Kleinschrodt
c4f50bf292
WIP
2019-06-15 16:27:55 +01:00
Martin Kleinschrodt
adbaafe26a
First pass at implementing a stripe-powered billing service
2019-06-15 16:27:55 +01:00
Martin Kleinschrodt
72e5ac8926
WIP
2019-06-15 16:27:26 +01:00
Martin Kleinschrodt
5705495025
Fix Content-Length header value in case of non-ascii characters
2019-06-02 15:58:22 +02:00
Martin Kleinschrodt
ddf3d94249
Add jsQR.js to external dependencies
2019-05-29 18:37:49 +02:00
Martin Kleinschrodt
07a7f5f3bd
Add docker support
2019-05-28 19:54:26 +02:00
Martin Kleinschrodt
00487aaf02
Implement TOTP support
2019-05-28 13:19:37 +02:00
Martin Kleinschrodt
46aea78985
Use constant-time comparison where appropriate
...
Fixes NCC-PadlockCryptoReview-005, NCC-PadlockCryptoReview-008, NCC-PadlockCryptoReview-012
2019-05-09 09:51:03 +02:00
Martin Kleinschrodt
5c300b6b17
Implement attachments (wip)
2019-04-22 21:29:24 +02:00
Martin Kleinschrodt
78da5a7a95
Fix typos in tsconfig
2019-04-20 08:27:07 +02:00
Martin Kleinschrodt
b169dc05b4
Add npm script for generating documentation for core module
2019-04-19 18:14:29 +02:00
Martin Kleinschrodt
75236fce69
Use base tsconfig.json for all packages
2019-04-19 18:00:44 +02:00
Martin Kleinschrodt
a93b500f5e
Require email verification when logging in from a new device
2019-04-18 07:32:43 +02:00
Martin Kleinschrodt
92d915b8f8
First pass at implementing organisation management in app interface
2019-03-09 14:12:46 +01:00