mirror of
https://github.com/HeyPuter/puter.git
synced 2025-12-31 10:10:17 -06:00
ad4b3e7aeb
* Added Revis distributed cash to enhance our Captcha Verification system so that we prevent our system from replay attacks * Fix: There was an error with the implementation of Redis, so I reverted to our previous version that uses in memory storage * Integrated the captcha verification system into our sign in Form. The captcha verification system now works on both login and sign int * Remove test files from captcha module * Update src/backend/src/modules/captcha/middleware/captcha-middleware.js Co-authored-by: Eric Dubé <eric.alex.dube@gmail.com> * Update src/backend/src/modules/captcha/middleware/captcha-middleware.js Co-authored-by: Eric Dubé <eric.alex.dube@gmail.com> * Now the captcha can be requested on condition, this llaows extenstions to control wether a captcha should be required, I fixed the code in CaptchaModule to use config and got rid of the lines that made captcha middleware available since it wasn't used anywhre * I split the middleware into two distinct parts, so that the frontend can now determine captach requirements. PuterHomePageService can set GUI parameters for captcha requirements. The /whoarewe endpoint provides captcha requirement information and the extensuo system integration is maintained * Fix security issues with password handling in URL query parameters * Made sure that the enter key, submits the login request instead of refreshing the captcha * In development we can now disable the Captcha verification system by running it with CAPTCHA_ENABLED=false npm start * Went back and modified checkCaptcha so that it checks at the start to check what CAPTCHA_ENABLED is equal to * Refactor captcha system to use configuration values instead of environment variables * Fix captcha verification and align with project standards * Update src/backend/src/modules/captcha/README.md Co-authored-by: Eric Dubé <eric.alex.dube@gmail.com> * fix: incorrect service name * dev: use Endpoint for captcha endpoints Use Endpoint class, which uses eggspress behind the scenes, which handles async errors in handlers automatically. * dev: add extension support and simplify captcha - removed extra error handling - removed dormant code - no distinction between login and signup (for now) * clean: remove local files * fix: undefined edge case --------- Co-authored-by: Eric Dubé <eric.alex.dube@gmail.com>
20 lines
511 B
JSON
20 lines
511 B
JSON
{
|
|
"name": "puter-integration-tests",
|
|
"version": "1.0.0",
|
|
"description": "Integration tests for Puter",
|
|
"main": "index.js",
|
|
"scripts": {
|
|
"test": "mocha captcha/**/*.test.js",
|
|
"test:auth": "mocha captcha/authentication-flow.test.js",
|
|
"test:ui": "mocha captcha/ui-behavior.test.js"
|
|
},
|
|
"devDependencies": {
|
|
"chai": "^4.3.7",
|
|
"express": "^4.18.2",
|
|
"jsdom": "^21.1.0",
|
|
"mocha": "^10.2.0",
|
|
"sinon": "^15.2.0",
|
|
"body-parser": "^1.20.2",
|
|
"supertest": "^6.3.3"
|
|
}
|
|
} |