Rate limits application of coupon codes by user ID to prevent
brute forcing. Refactors the rate limiter to allow limiting based
on arbitrary criteria and not just by IP.
Change-Id: I99d6749bd5b5e47d7e1aeb0314e363a8e7259dba
This change allows users to disable multi-factor authentication
with a recovery code. Previously, users could only disable MFA
with a passcode.
Change-Id: Iec20bf7d8f6781182b81d1f17d9641491dbc8460
Adds a banner at the top of the dashboard warning the user if he
has 3 or less MFA recovery codes.
Change-Id: I3271f1fe33501eaeeeca343bf60ca899e80f0fa1
Added editable fields to the project details page for Storage Limit and Bandwidth limit. Leveraged existing types when possible.
Added fixed checking into the limits to prevent reducing limits beyond current usage, as well as limiting usage to less than the default paid tier maximum.
Change-Id: I07ce53470919a8a9d4dce56ade6904ede8daf34c
Updates the password reset page to use the new theme.
Adds new endpoint '/api/v0/auth/reset-password'
for password reset.
Additionally, updates the link-clicking mail simulator to only
click links with a specified attribute. Otherwise, the password reset
cancellation link would be clicked before the password reset link
could be accessed, rendering testing impossible.
Change-Id: I8fde74ef7ad980880a7bf6558e3b9ed31509a393
Fixes two things:
All button tags must have type field specified, otherwise it defaults to
submit, which is mostly not correct for our site.
Disallows unused refs.
Change-Id: I28bb44aab9c153f83fec16fc4023a453444c3926
Replaces all occurrences of the non-existent 'font_normal'
with 'font_regular'. References to 'font_normal' would always
fallback and never display the proper font.
Change-Id: I2cb98a5bbec33b45f7e4ec6ba67bc5be63b5b523
After migrating to eslint some errors were disabled to make it easier to
migrate.
This enables all the lint rules and treats all warnings as a build
failure. Similarly, CI won't automatically try to fix mistakes.
Change-Id: I80f808af026fc51bed90421b3b24737994a52094
The Usage Report page referenced a nonexistent stylesheet and improperly
imported a font that does not exist in this repository. This change
resolves those issues.
Change-Id: I78006d4a652fd1e32dd4dd146b2287f58a7659d6
MFA is complete and we are good to enable it in production. This change
removes the flag that disables MFA by default.
Change-Id: I2f985ae501171bdab505d664b43c8cfc248bad8d
tslint has been deprecated so it's nice to switch to eslint.
Currently this uses a minimal eslint, to get things up and running.
node-sass requires C which does not work nicely on all platforms.
Change-Id: I3ca9adf2971475c009e541652b7637c18ad960f4
Added ability to regenerate MFA recovery codes to account settings.
Appropriate button and popup were added.
Change-Id: Ie7d42e7e13e868f3b0b8b7d5db7eacc9e8206aaf
Added Enter MFA passcode step to login after first attempt.
Connected client-side and server-side.
Change-Id: I4482afde50172bbf2c598aa01bbd220763b4f6d1
Error message for attempting to activate an already-activated
account is removed from its own page and incorporated into the
login page in an identical manner to the message that appears
upon successful activation.
Change-Id: I29cd2685a7808fa71d34a439c86a38eb5fc3e199
Unifies the stylesheet for 404 and 500 errors. References the
Storj logo rather than embedding it in the HTML. Replaces references
to Storj with Storj DCS. Removes reference to nonexistent font.
Change-Id: If224f30eb0b21171fc8f575de6c4cef98a48c6f5
Merges the 'Forgot Password' page files into one Vue file and updates
it to be consistent with deployed code. This change is part of an
ongoing effort to remove code from the branding repo.
Change-Id: Ib18b95dd5a3269f26f4f547fc46ac6278c468a54
Update the forgot password, invite, and welcome emails to be
cosistent with deployed code. This change is part of an ongoing
effort to remove code from the branding repo.
Change-Id: I6edb6811904552c1cf7761b96bc9aa879c2eb154
Full path: satellite/{payments,console},web/satellite
* Adds the ability to apply coupon codes from the billing page in the
satellite UI.
* Flag for coupon code UI is split into two flags - one for the billing
page and one for the signup page. This commit implements the first, but
not the second.
* Update the Stripe dependency to v72, which is necessary to
use Stripe's promo code functionality.
Change-Id: I19d9815c48205932bef68d87d5cb0b000498fa70
Provides the means to serve an error to the user with a user-friendly
error message (serveCustomJSONError). Auth API uses this when
processing registration attempts.
Previously, the error message was inferred by the client based on
the status code of the response received from the server. However,
if multiple distinct errors fit a certain status code, it was impossible
to correctly interpret the error.
Change-Id: I2f91e9c81ba1a4d14ba67e0b4b531a48800d4799
Since we removed login/registration explicit templates and styles from branding repo we don't need file splitting in main repo anymore.
So moved html and css code into components
Change-Id: Ib297e2576f16a7fddd17cc62f6c655adf96a59b6
It turns out, there are multiple different 400 errors that might be
returned from the server during registration. Rather than display
hardcoded text on the client ("Validation of reCAPTCHA was
unsuccessful"), this change simply displays the error sent by the
server.
As mentioned in the comment, we should eventually do this for all
errors, but that will be a more in-depth change. The purpose of this
commit is to unblock a point release.
Change-Id: Ideca107cc4039a0dabfa0fb02c943da920f7ff4f
Previously, the reCAPTCHA would only reset if a Bad Request
error was received. Resets should initiate regardless of error
type to prevent the same reCAPTCHA response from being submitted
more then once.
Additionally, registration errors could trigger a reset for a
nonexistent reCAPTCHA element.
Change-Id: Ib405707f1803cf41e5de192f31d75153136e6c67
Added disable user MFA functionality to account settings.
Disable MFA popup where user will have to enter MFA passcode first.
2 buttons (enable, disable)) are visible for now until backend is ready.
Change-Id: Iff8b497a370fc1c6c08c5ccaf01ce1f2dc317126
Added feature flagged functionality for enabling user MFA.
Added new Popup where user will scan qr code and confirm enabling
by entering passcode from MFA app. Also recovery codes will be visible afterwords
Change-Id: Ie8d1bc83c941a08fd8701442601a2d20126c8892
Also, show paid tier banner if a user has not added a credit card,
rather than if they are flagged as "paid_tier" in the database. This
addresses issues where we might display the banner for users who have
already added a credit card before the paid tier commit: e36001b7cf
Change-Id: I0352d48ae9f97ceab81ae065ccb97be3e5516857
Added feature flag for MFA
Added new client-side api call to enable MFA returning secret
Updated users Vuex module to include new API call
Change-Id: Ia9e10f68c4a7da39b4f7c1073e657c2de98fb0db
The user must complete a reCAPTCHA in order to register.
ReCAPTCHA verification failure results in rejection of the
registration attempt.
Change-Id: I34ba7db414d756fd1aaebdc3d19cccbfc7fc1ea3
Remove the Enter Encryption Passphrase screen that
immediately follows the Generate Passphrase screen upon entering
the Object Browser for the first time.
Change-Id: I04fb00325e7798096dc209473f5553d6e5df0dd3
Added new PaidTier-related modal where user can add CC or STORJ Tokens.
Becomes visible on CTA click on Paid Tier banner at the top.
Change-Id: I51015e95d396e21d5c1a1728b8f753798626c09e
Added new info banner to show user their used and total storage values with a button to upgrade to Paid Tier with auto limit increase
Change-Id: I827818dcb5179358df246218a47feb61bc1a1bac
We want to calculate bucket tally only from iterating objects.
Object currently has an info about totals for bytes and segments.
We need to adjust tallies to keep those totals. Older entries will
be untouched and code will use totals only if available. Change
is adding columns for totals to bucket_storage_tally table and
is adding general handling for them.
Next step is to start using total columns instead of inline/remote.
This will be done with next change.
Change-Id: I37fed1b327789efcf1d0570318aee3045db17fad
Because of our free/paid tier plan, we do not need a paywall anymore. We
have not used it in a while, but still have leftover code laying around.
Change-Id: Iaea8c39faf042a2f7a6b837727bb135c8bdf2907
Added new endpoint and service method to return total usage and limits for all the projects that user owns.
It is needed for new paid tier UI
Change-Id: Ic5b67ca7b275ec4930d976a007168235c0500b70
Added warning popup for when file upload is in progress.
It says that leaving objects page will cancel upload
Change-Id: If49c1ddc898f2e6dbdc86e5a00d604a55b628720
Replaced old .ttf Inter fonts with new version fonts.
For all modern browsers that use woff2 we save ~700KBs
Change-Id: I937c6e850298ad4bdd1f6c7279c6552c897c1ac4
Added loader spinners across all of the UI to be visible while data is being fetched.
Removed most of the requests from the initial load of the satellite dashboard.
Removed useless requests after creating of new projects.
This should make user's experience much more better since load time of the app is much lower than it was before.
Change-Id: Ib0941ad4eee6b3caf781d132062b55cb17703fe7