878c03644e
Add Mixpanel logger
2021-10-19 17:15:59 +02:00
0af8e1f8a1
Refactor logging
2021-10-18 08:58:00 +02:00
bfa616b7a6
WIP
2021-10-17 13:48:53 +02:00
dc98368f5b
Load email content from templates instead of constructing it with javascript
2021-10-16 16:10:27 +02:00
96c0e69cee
WIP
2021-10-16 14:58:10 +02:00
5f5392ea93
if browser name is "Electron" simply say "[Platform] device" in device description
2021-10-11 15:01:54 +02:00
a90c8db059
Add support for setting default provisioning via simple provisioner api
2021-10-10 17:36:38 +02:00
b4ad156ff2
Fix validation of scheduled updates
2021-10-05 10:32:43 +02:00
5eb8375f5e
Make actionLabel mandatory if actionUrl is provided
2021-10-05 09:02:34 +02:00
027b25e112
Dont' forget to return entry
2021-10-04 13:18:04 +02:00
e02b74c11e
Add support for scheduled updates
2021-10-04 12:41:06 +02:00
48548d2691
Add provisioning status label
2021-10-04 08:56:12 +02:00
aa74bc3938
Delete auth info when logging out; make sure to use default action url and label when creating new account provisioning
2021-10-04 07:53:22 +02:00
cf753dfc59
Add provisioning endpoint to docker setup
2021-10-03 17:37:16 +02:00
ecaeffba4a
Handle vault provisioning separately
2021-10-03 15:56:01 +02:00
90c4a8d630
More work on new provisioning system
2021-10-03 13:49:04 +02:00
eb3823e852
First pass at implementing new provisioning system to replace existing billing system
2021-10-01 11:16:45 +02:00
78fc76b456
Add better implementation for "ad hoc" default authenticators; allow client to specify which authentication types it supports
2021-09-28 15:41:40 +02:00
23ac1969ec
First pass at refactoring login/signup flow
2021-09-26 09:08:48 +02:00
39d6334565
Add node http sender
2021-09-25 11:57:37 +02:00
19b0471c89
Surface verification error instead of returning false
2021-09-25 11:56:49 +02:00
7dfdd3a27b
Upgrade typescript version
2021-09-25 10:06:45 +02:00
93ce9de764
Reorganize auth-related files
2021-09-25 10:06:05 +02:00
3a5ea2e318
Implement PKCE for openid
2021-09-24 13:10:20 +02:00
5f16e75a99
Rename anything "MFA"-related to more generic "Auth" or "Authentication"
2021-09-23 17:02:44 +02:00
6357c32329
WIP
2021-09-22 17:29:19 +02:00
66b7e22bf6
First pass at implementing open id authenticator
2021-09-20 15:57:05 +02:00
30a47ec144
Allow marking certain config params as secret to prevent them from being logged
2021-09-16 14:28:05 +02:00
7b9392f7a1
Add better json serialization to config params
2021-09-16 10:54:21 +02:00
c36e172058
Add node http sender
2021-09-15 10:21:08 +02:00
6f1a144b16
Minor code cleanup
2021-09-14 08:01:52 +02:00
85aa8787e1
Update docker setup to include reverse proxy and mongo instance
2021-09-09 16:29:55 +02:00
5fa57eecfb
Update default mongodb port to correct value
2021-09-09 12:53:24 +02:00
8fc74cea62
Remove lookbehind regex expression since it's not supported in safari or firefox yet
2021-09-08 18:41:41 +02:00
1e640fdd5e
Implement more flexible configuration system; refactor server init script and directory structure
2021-09-08 09:50:59 +02:00
831ea321c6
Store active sessions on Auth object instead of the Account object; load auth object into request context by default
2021-09-06 15:11:32 +02:00
39f388bc54
Change attestation type to indirect
2021-08-31 08:24:51 +02:00
30cf0995a7
Upgrade SimpleWebAuthn dependency
2021-08-29 13:41:58 +02:00
6b2ec54664
Add support for biometric unlock on cordova via new MFAuthenticator Type
2021-08-29 11:20:38 +02:00
925cd29a33
- Add distinct MFA types for Webauthn platform and portable authenticators
...
- Prevent double registration of authenticators
- Move mfAuthenticator functionality into platform object
2021-08-27 16:55:20 +02:00
a1cfbbd992
Add support for TOTP as MFA method
2021-08-22 09:48:01 +02:00
321ff13fe3
Add session management to app
2021-08-21 09:06:35 +02:00
5755a4d46a
Remove usage of (monkey-patched) SimpleWebAuthn::MetaDataService until it is updated upstream
2021-08-20 16:19:26 +02:00
7854f37e8c
Rename EmailMessenger to SMTPMessenger
2021-08-20 08:43:28 +02:00
4f48679c91
Use maxminds official node package instead of geoip-lite
2021-08-20 08:43:00 +02:00
955a84ce1c
Initial test with geoip package
2021-08-20 07:58:10 +02:00
cd50bb5298
First pass at splitting up settings view and adding ui for adding/removing mfa methods
2021-08-19 17:04:59 +02:00
3a40638c8c
First pass at implementing more mfa methods for login
2021-08-15 18:52:02 +02:00
6cfa4e978e
Use client url instead of server URL for deriving webauthn rpID
2021-08-15 08:36:03 +02:00
67b201578b
Fix typo
2021-08-15 08:03:19 +02:00
af1c765291
Use correct client url for configuring webauthnserver
2021-08-15 08:01:57 +02:00
36d713961e
Properly configure webauthnauthserver
2021-08-15 07:28:30 +02:00
2a075877a8
Add support to connect to third-party mongodb instance via tls
2021-08-12 14:00:23 +02:00
26a6aa32bf
Add experimental S3 attachment storage engine
2021-08-12 10:27:00 +02:00
79884b2e37
Add (experimental) mongodb storage backend
2021-08-11 17:09:01 +02:00
3f01462f2f
Replace console messenger added for debugging
2021-08-06 15:25:52 +02:00
63076556d8
Bump npm version to 4.0.0; clean up/fix some dependencies
2021-08-06 15:07:25 +02:00
88beab7e4b
Merge commit '2a026dd03d0871160a33210837497d898ad5bf91' into v4
...
* commit '2a026dd03d0871160a33210837497d898ad5bf91':
Fix unauthenticated SMTP connection
v3.1.4
Don't attempt to translate "My Vault" until issues with language loading are resolved
Properly serialize/deserialize items during export/import
# Conflicts:
# packages/app/package-lock.json
# packages/app/package.json
# packages/cordova/package-lock.json
# packages/cordova/package.json
# packages/core/package-lock.json
# packages/core/package.json
# packages/electron/package-lock.json
# packages/electron/package.json
# packages/extension/package-lock.json
# packages/extension/package.json
# packages/locale/package-lock.json
# packages/manage/package.json
# packages/pwa/package-lock.json
# packages/server/package-lock.json
# packages/server/package.json
# packages/tauri/package-lock.json
# packages/tauri/package.json
2021-07-17 09:36:48 +02:00
87df974e6c
Implement "ConsoleMessenger" that prints messages to the console for testing/debugging
2021-06-27 11:19:14 +02:00
4e748dec1f
First pass at implementing biometric unlock using webauthn
2021-06-16 17:20:49 +02:00
516e2de4f7
WIP
2021-06-15 09:27:40 +02:00
afb6f9abcb
Update login and signup pages to work with new mfa system
2021-06-14 09:22:40 +02:00
cd17555740
First pass at implementing webauthn mfa provider
2021-06-13 10:46:54 +02:00
20ebc5c18c
First pass at new mfa system
2021-06-12 18:19:11 +02:00
0395ce559b
WIP 36
2021-05-30 17:03:22 +02:00
3444dc9e7f
WIP 35
2021-05-30 15:53:51 +02:00
2a026dd03d
Fix unauthenticated SMTP connection
2021-03-27 08:58:25 +01:00
c7a6682fe8
v3.1.4
2021-02-25 09:55:51 +01:00
97f0364fc5
Update stripe typings, fix typescript errors in billing module
...
Fixes #295
2020-11-11 09:04:43 +01:00
0ec2059dd7
Fix server import
2020-11-08 17:40:02 +01:00
062e0945d0
Update node typings in server package, convert Uint8Array to Buffer to fix compiler complaints
2020-10-28 13:36:51 +01:00
00da3cc59d
v3.1.3
2020-10-25 15:13:53 +01:00
7d0f08ea0a
Implement full crypto suite in node crypto provider
2020-10-25 13:55:28 +01:00
86a14ca48c
Fix bug causing trial period to end early when providing payment method
2020-07-28 08:16:34 +02:00
71578d3f1d
Bump version
2020-07-26 17:49:04 +02:00
2bd3188b11
Bump the rest of the package files to v3.1.1 that were missed before
2020-07-04 16:24:20 +02:00
46665c8890
Don't reset trial phase when switching or canceling subscriptions; update org revision after syncing billing information to make sure users get the updated info
2020-06-30 08:30:56 +02:00
196a600011
If subscription is canceled while still in trial mode, delete subscription immediately and instead of at period end
2020-06-28 15:52:38 +02:00
3955a2e57d
fix legacy server not resolving promise if not data is received
2020-05-30 09:02:01 +02:00
b10f0b5c30
Choose appropropriate request module based on legacy server url
2020-05-29 19:27:44 +02:00
2c2b2fc5e9
Fix legacy import; add some additional messages and guidance
2020-05-27 18:47:54 +02:00
82cb762f1f
bump version to 3.1.0
2020-05-27 18:47:53 +02:00
1a1d267a31
Always return null if request to legacy server fails
2020-05-27 18:47:52 +02:00
4295519eaa
Ask to delete legacy account after successful migration
2020-05-27 18:47:52 +02:00
fbdcc989a3
First pass at creating simple legacy account migration during login/signup
2020-05-27 18:47:51 +02:00
bdd0bab7e5
downgrade responses to the client version if necessary
2020-05-27 18:47:50 +02:00
1622784f11
Add option to use secure connection in mailing
2020-04-15 17:24:43 +02:00
c722d05203
v3.0.14
2020-03-10 14:57:01 +01:00
93eb3380db
Fix parsing of discounts without a name
2019-12-24 16:17:34 +01:00
da69813418
Load billing provider info from api rather than during build time
2019-12-15 11:46:13 +01:00
9e961e214b
v3.0.13
2019-12-13 10:39:02 +01:00
7e4c6f5b73
Add real convenience methods for updating accounts and orgs
2019-12-12 09:04:35 +01:00
840b4d2e71
Add various class constructors to repl context for convenience
2019-12-12 08:32:19 +01:00
cfa167f79f
v3.0.12
2019-12-05 15:27:35 +01:00
6cd9791cc6
Automatically subscribe customer to free plan if no plan is currently set
2019-12-03 15:50:31 +01:00
a270bd760a
Add option to revert to free plan if subscription is inactive
2019-12-03 15:49:50 +01:00
1839612d23
v3.0.11
2019-12-03 11:06:41 +01:00
1cff53ac7a
Clean up unused dependencies
2019-11-29 17:26:30 +01:00
4bde082799
Set up docker and docker-compose configs for use with logging and repl
2019-11-29 17:08:25 +01:00
a6aa819dd5
Add option to display logs
...
Add repl history support
2019-11-24 10:24:10 +01:00
70ed1f8928
WIP
2019-11-21 16:35:00 +01:00
d1209081a2
Server: add logging
2019-11-17 08:09:42 +01:00
2916223f14
Storage: allow limiting key range when listing objects
2019-11-17 08:09:42 +01:00
a7456972d6
More work on server management cli: Allow deleting accounts as well as manually syncing billing info with billing provider
2019-11-17 08:09:41 +01:00
31b877329a
Billing update: only call stripe update and second sync if necessary
2019-11-17 08:08:59 +01:00
342ce26ca3
First pass at implementing simple cli for managing accounts and organizations on the server side
2019-11-17 08:08:59 +01:00
1f8d152258
Clean up package files in preparation for publishing @padloc/core and @padloc/locale modules (all other packages will remain private for now)
2019-11-14 16:11:47 +01:00
ebc4090f67
v3.0.10
2019-11-14 15:36:32 +01:00
ec094c5296
v3.0.9
2019-11-10 17:14:45 +01:00
c1932781ed
v3.0.7
2019-11-02 18:25:25 +01:00
f2aefb8f7c
v3.0.6
2019-11-01 14:39:57 +01:00
7e1899cc66
Implement consistent defaults for configuration variables
...
Update npm scripts
Update readme
2019-11-01 14:39:00 +01:00
7e98bfb4d2
Fix typo
2019-10-30 22:49:51 +01:00
b5b8b6603f
Create new pwa package to separate webpack builds from ui package
2019-10-12 17:12:45 +02:00
62c25dba45
Bump version to 3.0.5
2019-10-08 12:04:41 +02:00
98966402e3
Handle inactive or missing subscription on accounts and organisations by resetting quota and freezing organization respectively
2019-10-07 17:19:19 +02:00
cd22b18ff9
Bump version to 3.0.4
2019-09-29 19:18:15 +02:00
710d2e50c1
Bump version to 3.0.3
2019-09-19 11:32:04 +02:00
0c87fc5dc5
Bump version to 3.0.1
2019-09-15 17:54:29 +02:00
33fb7e40c3
Add option to disable editing payment method (to comply with iOS app store regulations)
2019-09-15 17:48:38 +02:00
dd3df4cfde
Loosen age restriction for api request, make configurable, return more helpful message
2019-09-07 09:38:23 +02:00
3b5d903045
Add option to disable multi-factor auth for login
2019-09-05 14:32:39 +02:00
2c82d43e41
Update billing when first creating an account; Reuse "legacy" accounts with same email if one exists
2019-09-02 13:37:27 +02:00
964dd7c9f9
Fix npm audit warnings in app and server packages
2019-08-25 15:50:47 +02:00
342780c44f
Use json instead of yams for translation files so we don't need a custom webpack loader and can load it from node without webpack
...
Allow loading more specific locales by falling back to more generic ones (e.g. de-DE falls back to de)
2019-08-17 08:45:38 +02:00
db457b3aff
Merge branch 'ncc-audit-fixes' into v3
...
* ncc-audit-fixes:
Introduce an `updated` property on `OrgMember` and include it in the member signature. In addition to verifying the member signature itself, clients now also verify that the members `updated` property is higher than or equal to a minimum value which is stored in the `minMemberUpdated` property of the `Org` object. When removing a member, the organization owner increases the `minMemberUpdated` value to the current time and then re-signs all remaining members. To prevent this value from being rolled back by an attacker, clients also verify that this value is never lower than the last known (locally stored) value. This should prevent attackers from silently re-adding removed members as described in NCC-PadlockCryptoReview-013.
Use delimiter when constructing signature from multiple values Fixes NCC-PadlockCryptoReview-014
Remove support for smaller SRP group sizes Fixes NCC-PadlockCryptoReview-002
Increase default authentication tag size to 128 bits Fixes NCC-PadlockCryptoReview-006
Use constant-time comparison where appropriate Fixes NCC-PadlockCryptoReview-005, NCC-PadlockCryptoReview-008, NCC-PadlockCryptoReview-012
Don't include full Auth object in InitAuthResponse, passing account id and key derivation params only. Fixes NCC-PadlockCryptoReview-011
Conflicts:
packages/core/src/api.ts
packages/core/src/app.ts
packages/core/src/org.ts
packages/core/src/server.ts
2019-08-06 13:18:22 +02:00
d6da66f1b5
Provider default crypto provider via platform module
2019-07-16 10:52:56 +02:00
ea4c7dc5c0
Properly handle accounts for which the stripe customer object does no longer exist
2019-07-13 09:01:08 +02:00
ab7627beed
Update default account and org quota
2019-07-04 15:18:52 +02:00
f6064f1149
First pass at creating service worker for precaching and other PWA features
2019-07-02 15:10:00 +00:00
f101cf2620
fix dev npm script
2019-06-25 18:09:49 +01:00
c84a71d86b
Add Stripe webhook. Add support for 3D auth
2019-06-25 14:57:33 +00:00
dd01e5ab73
Implement element for displaying subscription status
...
Add info about used storage to Account and Org object
Implement cancelling a subscription
Add config for default Account/Org quota
2019-06-18 12:20:36 +01:00
9a2e27da6a
Add support for deleting an Organization
2019-06-15 16:27:56 +01:00
7aa682b795
Implement creating an org with a specific plan and billing info
2019-06-15 16:27:56 +01:00
5b2d41f66b
WIP
2019-06-15 16:27:56 +01:00
c4f50bf292
WIP
2019-06-15 16:27:55 +01:00
adbaafe26a
First pass at implementing a stripe-powered billing service
2019-06-15 16:27:55 +01:00
72e5ac8926
WIP
2019-06-15 16:27:26 +01:00
5705495025
Fix Content-Length header value in case of non-ascii characters
2019-06-02 15:58:22 +02:00
ddf3d94249
Add jsQR.js to external dependencies
2019-05-29 18:37:49 +02:00
07a7f5f3bd
Add docker support
2019-05-28 19:54:26 +02:00
00487aaf02
Implement TOTP support
2019-05-28 13:19:37 +02:00
46aea78985
Use constant-time comparison where appropriate
...
Fixes NCC-PadlockCryptoReview-005, NCC-PadlockCryptoReview-008, NCC-PadlockCryptoReview-012
2019-05-09 09:51:03 +02:00
5c300b6b17
Implement attachments (wip)
2019-04-22 21:29:24 +02:00
78da5a7a95
Fix typos in tsconfig
2019-04-20 08:27:07 +02:00
b169dc05b4
Add npm script for generating documentation for core module
2019-04-19 18:14:29 +02:00
75236fce69
Use base tsconfig.json for all packages
2019-04-19 18:00:44 +02:00
a93b500f5e
Require email verification when logging in from a new device
2019-04-18 07:32:43 +02:00
92d915b8f8
First pass at implementing organisation management in app interface
2019-03-09 14:12:46 +01:00
Martin Kleinschrodt
Waked
dome4
Giancarlos Salas