Commit Graph

21 Commits

Author SHA1 Message Date
mike12345567 b4bed6c0ce Updating redis to use typescript and adding the option of a writethrough cache which can be used, by passing a DB and a value to be written + a delay for writes. 2022-06-23 20:22:51 +01:00
Martin McKeaveney 4bbfae3880 add better logging on session invalidation 2022-05-25 13:02:15 +01:00
Martin McKeaveney 06fbcc4573 catch block in invalidate sessions 2022-05-24 22:57:32 +01:00
Rory Powell a57c35ee76 Add execute automation to basic user / write permission set 2022-05-12 17:35:31 +01:00
Martin McKeaveney 9ca4dacbaa merge with master 2022-04-26 10:21:45 +01:00
mike12345567 192fb1307e Initial version of memory leak protection, making sure that PouchDB databases are closed correctly after use, using a combination of closures wrapping DB gets (this replaces the getDB, leaving only a dangerousGetDB function which can be used in very very specific scenarios) and then closing the DB as part of CLS hooked functions finishing. Also moving the GlobalDB init to the tenancy middleware as this is used everywhere in the worker/app services - means that not all getGlobalDB calls require an async closure around them. 2022-04-19 19:42:52 +01:00
Dean 352c021955 Refactored the invalidate session functionality. 2022-04-07 12:32:00 +01:00
Martin McKeaveney bff43d37d5 Merge pull request #5151 from mslourens/prevent_multiple_sessions
invalidate sessions before login
2022-04-06 22:18:17 +01:00
Maurits Lourens 5f91841a26 move invalidation to the creation of a session 2022-03-29 11:59:16 +02:00
mike12345567 88437e11d0 Fix for #5103 - some templates are built on an older version that stored permissions differently, we can't migrate these as they will keep being added, easiest to just support the old method (apply the old rule and convert to the new format when retrieving roles). 2022-03-28 16:34:50 +01:00
mike12345567 8685abf99e Refactoring how endpoints are specified so that the middlewares can be applied in a more generic fashion. 2022-02-22 18:40:09 +00:00
Michael Drury 02479e4112 Using 10K iteration string stretching for encryption. 2022-02-14 21:37:40 +00:00
mike12345567 df4af0fb9a Adding basic encrypt/decrypt pathway. 2022-02-14 18:32:09 +00:00
mike12345567 249b2dbba8 Adding tenancy to the API key, making the authenticated middleware aware of new user API keys, using a view to lookup the user by API key. 2022-02-11 22:24:48 +00:00
mike12345567 d87b8c0563 Fix for #4267 - allow admins to access all roles. 2022-02-04 17:34:39 +00:00
mike12345567 72534c6ed2 Refactoring backend-core tenancy to context, splitting out tenancy functionality to its own area. 2022-01-31 17:53:19 +00:00
mike12345567 e718b18127 Merge branch 'develop' of github.com:Budibase/budibase into lab-day/refactor-app-db 2022-01-31 14:09:07 +00:00
mike12345567 91a90e62b2 Fixing some issues discovered by the cypress tests, cleaning up how Couch is used. 2022-01-28 18:52:34 +00:00
mike12345567 d2fe119d90 Main body of work, refactoring most usages. 2022-01-27 18:18:31 +00:00
Rory Powell ffcf5354eb Add CSRF Token 2022-01-25 22:54:50 +00:00
mike12345567 12ae9993ca Changing directory. 2022-01-10 19:30:35 +00:00