mirror/formbricks-formbricks
1
0
Fork 0
mirror of https://github.com/formbricks/formbricks.git synced 2026-01-26 00:09:11 -06:00
Code Issues Packages Projects Releases 100 Wiki Activity
4,626 Commits 315 Branches 161 Tags
fa1663d8583be3930820caaf2954856b51b2b4f1
Commit Graph

67 Commits

Author SHA1 Message Date
Victor Hugo dos Santos
b67177ba55 Merge commit from fork 
* fix(auth): enhance password validation and rate limiting for login attempts

- Added password length validation to prevent CPU DoS attacks, limiting to 128 characters.
- Implemented constant-time password verification to mitigate timing attacks.
- Adjusted rate limit for login attempts from 30 to 10 per 15 minutes for improved security.
- Updated login form validation to reflect new password length constraints.
- Introduced constants for authentication endpoints in the API.

* fixed sample size for timing test

* password validation messages

---------

Co-authored-by: Your Name <you@example.com>
 2025-10-02 11:09:28 +02:00
Victor Hugo dos Santos
eb1349f205 fix: enhance JWT handling with improved encryption and decryption logic (#6596) 2025-09-25 11:45:08 +00:00
Matti Nannt
839144d338 chore: remove unused fields and tables from prisma schema (#6531) 
Co-authored-by: Dhruwang <dhruwangjariwala18@gmail.com>
 2025-09-12 09:01:03 +00:00
Anshuman Pandey
96031822a6 feat: s3 compatible storage (#6536) 
Co-authored-by: Victor Santos <victor@formbricks.com>
 2025-09-12 08:17:33 +00:00
Victor Hugo dos Santos
c259a61f0e feat: unified cache (#6520) 2025-09-10 09:59:16 +00:00
Piyush Gupta
ec52bdf3fe feat: adds stories for logo component (#6448) 2025-08-20 14:57:43 +00:00
Piyush Gupta
41d60c8a02 chore: custom avatar removal (#6408) 
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-08-14 10:17:05 +00:00
Piyush Gupta
7400ce2e67 fix: secure cookies fix for callback URL (#6358) 2025-08-05 17:44:13 +00:00
Piyush Gupta
355782f404 chore: sonarqube low reliability issues (#6359) 2025-08-05 10:06:53 +00:00
Piyush Gupta
84294f9df2 feat: adds debug logs (#6237) 
Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
 2025-08-01 11:10:21 +00:00
Piyush Gupta
28514487e0 chore: sunset weekly summary (#6282) 2025-07-24 12:01:39 +00:00
Piyush Gupta
58213969e8 feat: remove brevo contact on account deletion (#6231) 
Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
 2025-07-16 16:00:34 +00:00
Victor Hugo dos Santos
ef973c8995 chore: merge rate limiter epic branch into main (#6236) 
Co-authored-by: Harsh Bhat <90265455+harshsbhat@users.noreply.github.com>
Co-authored-by: Johannes <johannes@formbricks.com>
Co-authored-by: Piyush Gupta <56182734+gupta-piyush19@users.noreply.github.com>
Co-authored-by: Aditya <162564995+Naidu-4444@users.noreply.github.com>
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
Co-authored-by: Dhruwang Jariwala <67850763+Dhruwang@users.noreply.github.com>
Co-authored-by: Johannes <72809645+jobenjada@users.noreply.github.com>
Co-authored-by: Jakob Schott <154420406+jakobsitory@users.noreply.github.com>
Co-authored-by: Suraj <surajsuthar0067@gmail.com>
Co-authored-by: Kshitij Sharma <63995641+kshitij-codes@users.noreply.github.com>
Co-authored-by: Dhruwang <dhruwangjariwala18@gmail.com>
Co-authored-by: Matti Nannt <mail@matthiasnannt.com>
 2025-07-16 12:28:59 +00:00
Kunal Garg
979fd71a11 feat: reset password in accounts page (#5219) 
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
Co-authored-by: Johannes <johannes@formbricks.com>
 2025-07-01 15:41:14 +00:00
Dhruwang Jariwala
34e8f4931d chore: simplified sharing modal access (#6103) 2025-06-27 11:39:15 +00:00
Matti Nannt
bebe29815d feat: domain based access control (#5985) 
Co-authored-by: Piyush Gupta <56182734+gupta-piyush19@users.noreply.github.com>
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
Co-authored-by: Dhruwang <dhruwangjariwala18@gmail.com>
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-06-16 11:37:02 +00:00
Dhruwang Jariwala
5fb5215680 fix: email enumeration via signup page (#5853) 
Co-authored-by: Victor Santos <victor@formbricks.com>
 2025-06-13 16:25:40 +00:00
victorvhs017
a9946737df feat: audit logs (#5866) 
Co-authored-by: Dhruwang <dhruwangjariwala18@gmail.com>
Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
 2025-06-05 19:31:39 +00:00
Matti Nannt
c0b8edfdf2 chore: Comprehensive Cache Optimization & Performance Enhancement (#5926) 
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
 2025-06-04 20:33:17 +02:00
Piyush Gupta
919febd166 fix: resend verification email translation (#5881) 2025-05-28 09:51:55 +00:00
Piyush Gupta
87870919ca fix: issues in the email change feature (#5868) 2025-05-24 12:04:58 +00:00
Piyush Gupta
f7e5ef96d2 feat: added email change feature (#5837) 
Co-authored-by: Paribesh01 <nepalparibesh01@gmail.com>
Co-authored-by: Paribesh Nepal <100255987+Paribesh01@users.noreply.github.com>
 2025-05-21 11:23:12 +00:00
devin-ai-integration[bot]
0e7f3adf53 feat: Make session maxAge configurable with environment variable (#5830) 
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Matti Nannt <mail@matti.sh>
Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
 2025-05-21 05:49:18 +00:00
Piyush Gupta
15279685f7 fix: delete pre-filled value (#5839) 2025-05-21 04:23:05 +00:00
Dhruwang Jariwala
a525589186 fix: token permisson issues (#4986) 2025-05-15 08:29:40 +00:00
Matti Nannt
c1a35e2d75 chore: introduce new reliable cache for enterprise license check (#5740) 
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
 2025-05-12 10:41:53 +02:00
Piyush Gupta
13415c75c2 docs: adds auth-behaviour docs (#5743) 2025-05-12 05:28:12 +00:00
Matti Nannt
3f7dafb65c fix: failing authOptions test because of missing mock (#5727) 2025-05-09 02:28:55 +02:00
Johannes
154c85a0f7 test: add test to multiple files (#5719) 
Co-authored-by: Victor Santos <victor@formbricks.com>
 2025-05-08 19:24:50 +00:00
Matti Nannt
f7ac38953b fix: infinite redirect issue (#5693) 
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-05-07 09:40:45 +02:00
Piyush Gupta
e0e42d2eed fix: adds support for default_team_id env var (#5046) 
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-05-05 18:40:19 +00:00
Johannes
7538e570c5 chore: enforce cookie options for more security (#5618) 2025-05-05 12:09:35 +00:00
Dhruwang Jariwala
8bdb818995 fix: server side checks for file upload (#5566) 
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-04-30 16:24:54 +00:00
Jakob Schott
a9eedd3c7a fix: Editing active surveys (#5015) 
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
 2025-04-28 14:50:25 +00:00
Gulshan Kumar
fb3f425c27 fix: Enhances ux in input box in login-page (#5509) 2025-04-27 20:53:55 -07:00
victorvhs017
df06540f1b chore: move package lib to web/lib (#5425) 2025-04-21 15:57:54 +02:00
Anshuman Pandey
d2f7485098 feat: advanced follow ups (#5340) 
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
Co-authored-by: Johannes <johannes@formbricks.com>
 2025-04-17 06:39:22 +00:00
Anshuman Pandey
01e5700340 fix: adds eslint rules for using test and refactors the current tests (#5397) 2025-04-17 03:32:03 +00:00
Matti Nannt
87b925d622 chore: update apps/web npm dependencies (#5300) 2025-04-09 06:58:53 +02:00
victorvhs017
15878a4ac5 chore: Refactored the Turnstile next public env variable and added test files (#4997) 
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
 2025-04-07 06:07:39 +00:00
Piyush Gupta
c653841037 chore: block signin with SSO when user is not found (#5233) 
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-04-06 04:22:53 +00:00
Dhruwang Jariwala
cbf2343143 feat: lastLoginAt to user model (#5216) 2025-04-05 13:22:38 +02:00
Dhruwang Jariwala
9d9b3ac543 chore: added isActive to user model (#5211) 
Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
 2025-04-05 12:22:45 +02:00
Piyush Gupta
2500c739ae fix: next-auth inactive session timeout changed 30days -> 1hr (#5066) 2025-03-27 09:54:35 +00:00
victorvhs017
46f06f4c0e feat: Added Webhooks in Management API V2 (#4949) 
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-03-25 14:28:44 +00:00
Johannes
7050caa2f3 fix: tweak password reset ux (#5049) 2025-03-24 08:32:11 -07:00
Piyush Gupta
5527f184b7 feat: adds configurable logging (#4914) 
Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-03-21 06:09:13 -07:00
Piyush Gupta
3b126291a6 docs: removed XM & Survey -> SAML SSO (#4999) 2025-03-19 07:06:46 +00:00
Piyush Gupta
48a92f3e55 feat: OIDC name fields added (#4872) 
Co-authored-by: pandeymangg <anshuman.pandey9999@gmail.com>
 2025-03-09 08:42:00 +00:00
Dhruwang Jariwala
4113dd1873 fix: signup vulnerability (#4859) 2025-03-06 12:08:40 +00:00