Commit Graph

52 Commits

Author SHA1 Message Date
Jordan Knott
229a53fa0a refactor: replace refresh & access token with auth token only
changes authentication to no longer use a refresh token & access token
for accessing protected endpoints. Instead only an auth token is used.

Before the login flow was:

Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) ->
  protected endpoint request (attach access token as Authorization header) -> access token expires in
  15 minutes, so use refresh token to obtain new one when that happens

now it looks like this:

Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont
request (token sent)

the reasoning for using the refresh + access token was to reduce DB
calls, but in the end I don't think its worth the hassle.
2021-04-28 21:38:49 -05:00
Jordan Knott
0cf4141418 refactor: move server.secret warning to before server startup messsage
done as it seems to be confusing some users that the server
actually had some issues starting when in reality it did not.
2021-04-28 21:38:49 -05:00
Jordan Knott
b5744bcf22 fix: fix task position to use task idx not task group idx 2021-01-05 17:00:07 -06:00
Jordan Knott
783e1c84c3 feat: add seed command to generate fake project data 2021-01-05 16:46:15 -06:00
Jordan Knott
f051bebd48 feat(MyTasks): allow filtering by task complete status 2021-01-03 17:04:15 -06:00
Jordan Knott
dcf53b9077 feat: add my tasks list view 2021-01-01 22:20:55 -06:00
Jordan Knott
d6101d9221 feat: redesign task due date manager 2021-01-01 14:54:05 -06:00
Jordan Knott
a8b3809515 feat: allow access token expiration to be set in the config 2020-12-30 21:10:55 -06:00
Jordan Knott
90b92781d7 refactor(Magefile): add build info in backend:build through ldflags 2020-12-29 19:37:14 -06:00
branchmispredictor
1bac555ebb fix: respect jwt validation errors 2020-12-29 17:42:38 -06:00
Jordan Knott
668b118b25 fix: admin created users are now set to be active by default 2020-12-29 17:25:42 -06:00
Jordan Knott
9f27bd157f feat: smtp server for sending email can now be set by config 2020-12-23 16:44:13 -06:00
Jordan Knott
19deab0515 feat: add task activity 2020-12-23 13:15:15 -06:00
leminhson2398
ea767f3d19 fix: replace deprecated method with a correct one 2020-12-17 22:47:43 -06:00
Jordan Knott
7b6624ecc3 feat: redesign project sharing & initial registration
redesigned the project sharing popup to be a multi select dropdown
that populates the options by using the input as a fuzzy search filter
on the current users & invited users.

users can now also be directly invited by email from the project share
window. if invited this way, then the user will receive an email
that sends them to a registration page, then a confirmation page.

the initial registration was always redone so that it uses a similar
system to the above in that it now will accept the first registered
user if there are no other accounts (besides 'system').
2020-12-17 22:39:14 -06:00
Jordan Knott
6c7203a4aa refactor: move default viper config values to commands/commands.go 2020-10-20 18:58:15 -05:00
IJustDev
86f2d90668 feat(cli): Reset Password Command
Introduce `reset-password` command.

Refs #71
2020-10-20 18:50:54 -05:00
Jordan Knott
4277b7b2a8 feat: add personal projects
personal projects are projects that have no team.

they can only seen by the project members (one of which is whoever first
creates the project).
2020-09-19 20:23:16 -05:00
Jordan Knott
0d4fb6a0d0 fix: member permissions now works correctly 2020-09-19 17:26:02 -05:00
Jordan Knott
058749cb17 fix(commands/web): return error from ListenAndServe 2020-09-18 20:19:14 -05:00
Jordan Knott
c7538a98e5 fix: segfault on database connection failure 2020-09-12 18:23:23 -05:00
Jordan Knott
fe84f97f18 fix: url encode avatar filename when showing path
fixes #61
2020-09-12 18:12:12 -05:00
Jordan Knott
52c60abcd7 fix: secret key is no longer hard coded
the secret key for signing JWT tokens is now read from server.secret.

if that does not exist, then a random UUID v4 is generated and used
instead. a log warning is also shown.
2020-09-12 18:03:17 -05:00
Jordan Knott
e2ef8a1a19 fix: initial access token after install is now set correctly 2020-09-12 03:24:09 -05:00
Jordan Knott
ba9fc64fd9 fix: do not add localhost:3333 url to avatar urls
fixes #58
2020-09-12 01:23:48 -05:00
Jordan Knott
923d7f7372 feat: add user profile settings tab 2020-09-11 14:26:02 -05:00
Jordan Knott
009d717d80 fix: uploading avatar image failing due to invalid UUID key
fixes #55
2020-09-11 13:57:02 -05:00
Jordan Knott
4272fefa28 feat: implement task group actions
- allow sorting specifc task groups
- duplicate task group
- delete all tasks in task group
2020-09-10 23:58:10 -05:00
Jordan Knott
0caa803d27 feat: add notification UI
showPopup was also refactored to be better
2020-09-10 15:31:04 -05:00
Jordan Knott
0a1bdc19f3 fix: remove cors middleware
fixes #51
2020-09-02 20:30:38 -05:00
Jordan Knott
66583bb4fb feat: add task sorting & filtering
adds filtering by task status (completion date, incomplete, completion)
adds filtering by task metadata (task name, labels, members, due date)
adds sorting by task name, labels, members, and due date
2020-08-28 23:32:17 -07:00
Jordan Knott
4988176220 fix: add retry with backoff to initial database connection 2020-08-28 14:22:24 -05:00
Jordan Knott
dd50baa05a refactor: add logging to CreateTask resolver 2020-08-23 17:52:45 -05:00
Jordan Knott
5ceafd556a fix: panic(nil) on loadConfig if config actually exists 2020-08-21 23:29:08 -05:00
Jordan Knott
314bf224ea fix: use correct context keys when retrieving userID & role 2020-08-21 23:08:30 -05:00
Jordan Knott
9dba566660 feat: add pre-commit hooks & refactor code to pass linting 2020-08-20 18:37:36 -05:00
Jordan Knott
db9c7408ab
fix: check error on read config
fixes #36
2020-08-19 00:34:27 -05:00
Sam
4e56ae88d6 Fix: remove debug statements when logging in with incorrect password 2020-08-18 16:50:10 -05:00
Jordan Knott
df4d114b98 fix: hide checklist badge if checklist item total is 0
fixes #31
2020-08-13 16:33:50 -05:00
Jordan Knott
c2ef8a7d56 feat: replace config system with viper based system
allows for config settings to be easily set through ENV variables,
config files, or CLI flags

adds flag to run migration on web server start (fixes #29)
2020-08-12 22:30:53 -05:00
Jordan Knott
e64f6f8569 feat: enforce user roles
enforces user admin role requirement for
- creating / deleting / setting role for organization users
- creating / deleting / setting role for project users
- updating project name
- deleting project

hides action elements based on role for
- admin console
- team settings if team is only visible through project membership
- add project tile if not team admin
- project name text editor if not team / project admin
- add redirect from team page if settings only visible through project
  membership
- add redirect from admin console if not org admin

role enforcement is handled on the api side through a custom GraphQL
directive `hasRole`. on the client side, role information is fetched in
the TopNavbar's `me` query and stored in the `UserContext`.

there is a custom hook, `useCurrentUser`, that provides a user object
with two functions, `isVisibile` & `isAdmin` which is used to check
roles in order to render/hide relevant UI elements.
2020-08-11 21:03:21 -05:00
Jordan Knott
5dbdc20b36 chore: rename Citadel to Taskcafe 2020-08-06 20:50:35 -05:00
Jordan Knott
20b5188662 fix: remove log containing user password
fixes issue #12
2020-07-20 17:34:57 -05:00
Jordan Knott
6f33cc5799 fix: update api import paths & fix Dockerfile not copying frontend build
fixes issue #7 & #9

also remove agGrid dependency from package.json to reduce download size
2020-07-19 17:25:58 -05:00
Jordan Knott
8eb41ab8a8 feat: embed schema migrations in binary 2020-07-19 16:10:07 -05:00
Jordan Knott
e5bfe9b9ab feature: fix user admin related bugs 2020-07-17 21:55:38 -05:00
Jordan Knott
68fa7aef94 feature: add user project count to Admin component 2020-07-17 19:40:05 -05:00
Jordan Knott
d3f29134e0 fix: ignore system user in users query & add full name to user in install route 2020-07-16 21:57:02 -05:00
Jordan Knott
2cf6be082c feature: add first time install process 2020-07-16 19:40:23 -05:00
Jordan Knott
90515f6aa4 feature: add web & migrate commands 2020-07-15 18:22:25 -05:00