This is because the full name makes the entire workspace name very long. If we just use the first name, it'll be a shorter string and easier to read by the end user as well.
Modifying the forgotPassword flow to send the email to the user with a clickable URL.
Also adding the domain to which we need to link to in the resetPassword POST body. This will ensure that we send a valid URL to redirect the user back to the client app to ensure that they can set a new password.
See merge request theappsmith/internal-tools-server!138
2. Only dependencies of actions over other actions are counted. If the action is dependent on widgets, thats is not counted as a dependency and is left for the frontend to handle.
Sending email to new user on signup
We now send a welcome email to the user when they signup on the Appsmith platform.
See merge request theappsmith/internal-tools-server!137
Fixing the bug where the custom authentication failure handler wasn't being invoked
This was because we need a custom authentication entry point to override the failure handler as well.
See merge request theappsmith/internal-tools-server!136
Modifying the logoutSuccessHandler to return success and failure JSONs instead...
Modifying the logoutSuccessHandler to return success and failure JSONs instead of redirecting the client to the login page
This allows the client to invoke the logout call via a XHR request instead of a form post.
See merge request theappsmith/internal-tools-server!135
Adding a logout handler to redirect the client back to the login page
Adding a logout handler to redirect the client back to the login page after the user logs out of the application.
Also refactoring all the custom authentication classes into a single package to make it code organization clearer.
See merge request theappsmith/internal-tools-server!133
Fixing bug where we shouldn't query the DB to find action and store cached result if it's a dry run
See merge request theappsmith/internal-tools-server!132
Bugfix: Returning only orgs that belong to a user
When the user lists the organizations for themselves, we should only return those orgs that belong to the user instead of all the organizations in the db.
See merge request theappsmith/internal-tools-server!131
Adding the redirect back to the client's index page on successful oauth2 login by the user
We use the referer header to find the client's endpoint and redirect to that endpoint once the OAuth2 login is successful. This is implemented via CustomServerOAuth2AuthorizationRequestResolver and AuthenticationSuccessHandler
See merge request theappsmith/internal-tools-server!130
We use the referer header to find the client's endpoint and redirect to that endpoint once the OAuth2 login is successful. This is implemented via CustomServerOAuth2AuthorizationRequestResolver and AuthenticationSuccessHandler
Responding with 401 unauthorized http response header for all unauthenticated requests
This ensures that the client can redirect to the login page whenever it receives the http status 401 in the response header. Now, the server is no longer responsible for redirecting to the login page. All server redirects have been disabled.
See merge request theappsmith/internal-tools-server!128
This ensures that the client can redirect to the login page whenever it receives the http status 401 in the response header. Now, the server is no longer responsible for redirecting to the login page. All server redirects have been disabled.
Adding the invite user flow to invite a new user into the organization.
This includes multiple APIs:
1. Invite user which creates an invite token for the user and then sends it to the new user via email. This token is valid for 1 hour (for now).
2. An endpoint to verify the invite token so that the client can pre-emptively show any errors or expired token messages. This endpoint is publicly accessible and doesn't require a session.
3. An endpoint for the new user to sign up and set their password by providing their invite token. This endpoint is publicly accessible and doesn't require a session.
Also extending the redis session timeout to 1 day instead of 30 mins.
See merge request theappsmith/internal-tools-server!125
On user signup install the default plugins in the user's personal organization
When a user signs up, a personal organization is created for that user. There are a bunch of plugins marked in the DB as with field `defaultInstall` as true. These plugins must be installed for the new organization. This ensures that the user is able to run basic actions such as executing an API, DB query etc.
Also, adding a condition in the `getPlugins` API to return only the plugins installed by the user's organization.
See merge request theappsmith/internal-tools-server!124
Handling duplicate email in forgotPassword flow.
Now if the user requests for the reset password token multiple times, we will override the previous token and save the new token against that user.
See merge request theappsmith/internal-tools-server!122
Correcting the HTTP methods in SecurityConfig and acl.rego to fix bug in forgotPassword and resetPassword authorization.
See merge request theappsmith/internal-tools-server!121
Adding a flag to determine if we should send emails for that particular environment
This is to prevent us from sending erroneous emails from our dev/test environments
See merge request theappsmith/internal-tools-server!120
Removing the logic to bind actions to pages when a dynamic binding happens.
This is because when an action is created, it is already bound to that page. This assumption will not change. Also, adding the pageId when searching for an action because the action name and pageId is a unique index. There may be actions with similar names across multiple pages.
See merge request theappsmith/internal-tools-server!119
This is because when an action is created, it is already bound to that page. This assumption will not change. Also, adding the pageId when searching for an action because the action name and pageId is a unique index. There may be actions with similar names across multiple pages.
Creating a list of public endpoints that anonymous users can access.
OPA controls access to all endpoints and the list of authenticated resources and public URLs is defined in a single place in that file.
The url_allow function in acl.rego is an overloaded function that replicates the OR condition in Rego. Either the user is authenticated and has permissions to access those resources, or the URL is public and accessible by any user.
See merge request theappsmith/internal-tools-server!117
OPA controls access to all endpoints and the list of authenticated resources and public URLs is defined in a single place in that file.
The url_allow function in acl.rego is an overloaded function that replicates the OR condition in Rego. Either the user is authenticated and has permissions to access those resources, or the URL is public and accessible by any user.
Upgrading to Spring boot 2.2.2 for features in Spring security
Now, we have an authenticationSuccessHandler & authenticationFailureHandler for OAuth & Form sign ups. This makes the whole flow much cleaner & easier to handle.
See merge request theappsmith/internal-tools-server!115
Now, we have an authenticationSuccessHandler & authenticationFailureHandler for OAuth & Form sign ups. This makes the whole flow much easier to handle.
