Commit Graph

51 Commits

Author SHA1 Message Date
Vitalii Shpital
60b209e47d web/satellite, satellite/console: reworked registration email validation
Reworked email validation for new users (for old users trying to login or reset password validation remains the same).
Regular expression was built according to RFC 5322 and then extended to include international characters.

Change-Id: Id0224fee21a1ec0f8a2dcca5b8431197dee6b9d3
2022-03-16 09:40:53 +00:00
Jeremy Wharton
66e6a75e2a satellite/console,web/satellite: Add MFA to password reset
Users will be required to enter a MFA passcode or recovery code
upon attempting a password reset for an account with MFA enabled.

Change-Id: I08d07597035d5a25849dbc70f7fd686753530610
2022-03-03 17:27:04 +00:00
Malcolm Bouzi
3451162583 web/console: Save timestamp when creating users to mark their first email verification notification.
This value will be updated whenever we send a reminder for a user to verify their email.

Change-Id: I7f08b16eccc6633b8eb3662eb7efed1f1f780f44
2022-01-24 16:53:51 +00:00
Malcolm Bouzi
c30c7def44 satellite/{console,payments},web/satellite: save signup promo code to newly registered users
Users signing up through a url containing a promo code will have that code applied to their stripe account instead of the free tier coupon.

Change-Id: I071041b0934648ef3f5bdb05b6ec97c400f89ae4
2022-01-21 15:02:22 +00:00
Moby von Briesen
464b4b02fa satellite/console/consoleweb: Only replace some kinds of characters in name
The previous change (59648dc272) ends up removing a lot of characters
for valid non-English names. Instead, only replace URL characters such
as slashes, colons, and periods. Since someone may use these characters
to separate two parts of a name, e.g. Name1/Name2, replace these
characters with a hyphen.

Change-Id: I4cc3d1bdb05d525a83970cf1b42479414c9678e7
2022-01-20 11:13:26 -05:00
Moby von Briesen
59648dc272 satellite/console: Filter special characters out of name
When a user is created, but before verification or forgot password email
is sent, remove any special characters in the provided name. This
protects us against certain phishing attacks.

Change-Id: Ieddd3479da20eb80b9f1b56eb86c8f46bca2642c
2022-01-20 00:18:56 +00:00
Moby von Briesen
5351c43757 satellite/analytics: track origin header and referer on signup
This allows us to distinguish between accounts created from the signup
page vs. from www.storj.io.
Also set a field `account_created=true` when we send so
that we can see when existing leads have created an account.

Change-Id: Ibef34825a08b6c68b8f2869625e576bb837520e5
2022-01-03 17:47:48 +00:00
Jeremy Wharton
9d13c649a2 satellite/{console,satellitedb}: Forbid creating users with used email
This change disallows creation of users possessing the same email.
If a user attempts to create an account with an email address
that's already used - whether it belongs to an active account or not -
he will be notified of unsuccessful account creation. If he attempts to
log in using an email address belonging to an inactive account,
he will be presented with a link allowing him to re-send the
verification email. Attempting to register with an email address
belonging to an existing account triggers a password reset email.

Change-Id: Iefd8c3bef00ecb1dd9e8504594607aa0dca7d82e
2021-12-15 17:24:35 +00:00
dlamarmorgan
4bbf667ad1 satellite/{satellitedb,attribution,console}: value attribution changes that add userAgent field to buckets table and all tables that have partner_id
Change-Id: I36a13bb651b86bfc14fe5a0a2258f719e6cd2b48
2021-10-18 13:56:19 +00:00
Moby von Briesen
7b4a09c1ea satellite/console: Allow basic headers in CORS preflight
Currently, post requests originating from www.storj.io are failing
because the content-type header is not permitted for the /register
endpoint.

Change-Id: I14f21c2a27d8f0c8bae3609a5bf4b1e69a72c119
2021-08-25 12:47:14 -04:00
Jeremy Wharton
96e39018c7 satellite/console,web/satellite: Allow disabling MFA with recovery code
This change allows users to disable multi-factor authentication
with a recovery code. Previously, users could only disable MFA
with a passcode.

Change-Id: Iec20bf7d8f6781182b81d1f17d9641491dbc8460
2021-08-18 14:34:17 +00:00
Jeremy Wharton
24b39b7559 web/satellite: Warn user if number of MFA recovery codes is low
Adds a banner at the top of the dashboard warning the user if he
has 3 or less MFA recovery codes.

Change-Id: I3271f1fe33501eaeeeca343bf60ca899e80f0fa1
2021-08-18 13:18:34 +00:00
Moby von Briesen
1fa0cfbfe0 satellite/console: Add CORS headers for register endpoint
Set the Access-Control-Allow-Origin header if a request is made to the
registration endpoint from storj.io or www.storj.io. This allows the
client to make the request with no issues.

Change-Id: I0cd747ececfe877fb5f834d8292307fc14e3db5c
2021-08-16 17:46:08 -04:00
Jeremy Wharton
51ebc564d9 web/satellite,satellite/console: Overhaul password reset
Updates the password reset page to use the new theme.
Adds new endpoint '/api/v0/auth/reset-password'
for password reset.

Additionally, updates the link-clicking mail simulator to only
click links with a specified attribute. Otherwise, the password reset
cancellation link would be clicked before the password reset link
could be accessed, rendering testing impossible.

Change-Id: I8fde74ef7ad980880a7bf6558e3b9ed31509a393
2021-08-12 17:40:53 +00:00
Vitalii Shpital
c6c2a1daf9 web/satellite: added MFA login step
Added Enter MFA passcode step to login after first attempt.
Connected client-side and server-side.

Change-Id: I4482afde50172bbf2c598aa01bbd220763b4f6d1
2021-07-30 08:50:19 +00:00
Jeremy Wharton
dae6ed7d03 satellite/console: Implement MFA backend
Added MFA passcode and recovery code field for token requests.
Added endpoints for MFA-related activity: enabling MFA,
disabling MFA, generating a new MFA secret key, and
generating new MFA recovery codes.

Change-Id: Ia1443f05d3a2fecaa7f170f56d73c7a4e9b69ad5
2021-07-26 16:37:05 +00:00
Jeremy Wharton
1535bbe673 satellite/console: Forward friendly registration errors to client
Provides the means to serve an error to the user with a user-friendly
error message (serveCustomJSONError). Auth API uses this when
processing registration attempts.

Previously, the error message was inferred by the client based on
the status code of the response received from the server. However,
if multiple distinct errors fit a certain status code, it was impossible
to correctly interpret the error.

Change-Id: I2f91e9c81ba1a4d14ba67e0b4b531a48800d4799
2021-07-22 11:31:12 +00:00
Jeremy Wharton
a5f6bb9cc0 satellite/console: Add reCAPTCHA verification step to registration
The user must complete a reCAPTCHA in order to register.
ReCAPTCHA verification failure results in rejection of the
registration attempt.

Change-Id: I34ba7db414d756fd1aaebdc3d19cccbfc7fc1ea3
2021-07-07 21:34:07 +00:00
Vitalii Shpital
bab43af6ce web/satellite: added Upgrade to Paid Tier banner
Added new info banner to show user their used and total storage values with a button to upgrade to Paid Tier with auto limit increase

Change-Id: I827818dcb5179358df246218a47feb61bc1a1bac
2021-07-01 15:05:03 +00:00
Moby von Briesen
d999a963ca satellite/console/.../consoleapi: Standardize serveJSONError
This change removes all the separate implementations for
`apiservice.serveJSONError()` and defines one for every service to use
in `consoleapi/common.go`.

Change-Id: Iabf184e5cba69a98eb25936ce11ebd07f02c8ff3
2021-06-29 09:40:07 -04:00
Malcolm Bouzi
136af8e630 web, satellite: allow registering business accounts to ask for contact from sales team
Full prefix: web/satellite, satellite/{console, analytics, satellitedb}

- checkbox added to register view - business tab
- user being saved with new column
- add sales contact choice to Segment calls
- ui fix added to employee count dropdown

Change-Id: Ib976872463b88874ea9714db635d58c79cdbe3a1
2021-06-02 13:10:38 +00:00
Egon Elbre
961e841bd7 all: fix error naming
errs.Class should not contain "error" in the name, since that causes a
lot of stutter in the error logs. As an example a log line could end up
looking like:

    ERROR node stats service error: satellitedbs error: node stats database error: no rows

Whereas something like:

    ERROR nodestats service: satellitedbs: nodestatsdb: no rows

Would contain all the necessary information without the stutter.

Change-Id: I7b7cb7e592ebab4bcfadc1eef11122584d2b20e0
2021-04-29 15:38:21 +03:00
Moby von Briesen
51d667a65e satellite/analytics: Add anonymous ID to TrackCreateUser
If a visitor to the website (run through the reverse proxy) consented to
cookies, read the ID stored in that cookie and send it along with the
Identify/Track calls sent to Segment upon account creation. This allows
us to connect referral information gathered when visitors land on our
website with account activity, helping us improve our onboarding flow.

Change-Id: I0ece717ab5bba67901e50a9b4229c1d4ed7e46b7
2021-04-09 14:19:35 +00:00
Moby von Briesen
3db52491ec satellite/analytics: Add analytics service to satellite
* Set up basic structure of new service.
* Implement a basic analytics track event for user creation.

Change-Id: Ica8c785540b1ef9d848404af307a22f21d33c6aa
2021-03-25 13:28:51 -04:00
Malcolm Bouzi
4e3ac2c490 satellite/console: add new professional fields to console api
Change-Id: Ib7a69e117c7cf7f5eacd9f4ffc2c79fc94f01811
2021-02-12 17:21:09 -05:00
Yingrong Zhao
3b49d3cddf satellite: remove referral program related code
This PR removes all back-end related referral program code including the
marketing portal.

We will have a separate PR for front-end code and database migration to
drop `offers` and `usercredits` table

Change-Id: If59f952cddfe0558a7dc03a0eac7cc1081517f88
2021-02-08 13:52:50 +00:00
VitaliiShpital
f8c3848c78 satellite/console: change user's email endpoint/feature
WHAT:
change user's email endpoint and appropriate service method was implemented

WHY:
make it possible to change user's email for temporary filezilla account

Change-Id: Ieea41bf49819a42b5f433e8dfaeec24c6d5ddc9f
2020-11-06 11:54:07 +00:00
Ivan Fraixedes
4b61ca638b
satellite/console/consoleweb/consoleapi: Fix & add test DeleteAccount
Fix the DeleteAccount handler to return 501 HTTP status code because
it's what corresponds for a "Not Implemented" status.

Add a black box test for the DeleteAccount to ensure that always return
an error response because, at this time, we don't allow to delete
accounts through the API.

This test was not added to the corresponding commit
https://review.dev.storj.io/c/storj/storj/+/2712 due to the rush to
fix it.

Change-Id: Ibcf09e2ec52f182a8a580d606c457328d94c8b60
2020-10-23 09:14:50 +02:00
Ivan Fraixedes
9abdcc05e5 satellite/console/consoleweb/consoleapi: report err to monkit
Report the "Not Implemented" error response returned by DeleteAccount
API handler to monkit.

Change-Id: I17e319639c458cbe803b65b5a34111b8f74daece
2020-10-22 17:07:13 +00:00
VitaliiShpital
59d85aab5b web/satellite: take project amount limit from db instead of config
WHAT:
Now project amount limit is taken from users db instead of config. But if db value is 0 then default config value will be used instead.

WHY:
this will allow us to change user's project limit by changing db value.

Change-Id: I9edcd0bf9eaae5fe40e90a44cac82d9ce8519274
2020-10-14 14:17:45 +00:00
Stefan Benten
9deea2ffe2 satellite/console: disable account deletion via API
Change-Id: Ia8e43284c90fb2b833eb601e2c8f701cb5a4d9c0
2020-10-06 13:01:46 +02:00
Michal Niewrzal
4561d9bdb0 satellite/console/consoleweb: add support for partner parameter for
signup page

With this change partner id can be associated with user during creating
account by adding `?partner=partner_name` parameter to signup page url
e.g. https://tardigrade.io/signup?partner=mongodb

https://storjlabs.atlassian.net/browse/USR-999

Change-Id: I12a5ebec92a6f5135909447172ef24da57fb1c68
2020-07-30 11:29:31 +00:00
Bill Thorp
341aecfe0f satellite/console: add rate limiter to login, register, password recovery
Added a per IP rate limiter to the console web.
Cleaned up password check to leak less bcyrpt info.

Change-Id: I3c882978bd8de3ee9428cb6434a41ab2fc405fb2
2020-04-24 17:15:49 +00:00
Egon Elbre
1024bf9ce1 all: simplify uuid usage
Instead of uuid.Parse, use uuid.FromString.
This removes a bunch of pointer management logic.

Change-Id: Id25bd174eb43c71d00b450158a198abafd8958f2
2020-04-02 13:45:19 +00:00
Egon Elbre
0a69da4ff1 all: switch to storj.io/common/uuid
Change-Id: I178a0a8dac691e57bce317b91411292fb3c40c9f
2020-03-31 19:16:41 +03:00
VitaliiShpital
23da9228b3 satellite/console: email used error handling for registration
Change-Id: Ifd3f2ce065ebd3c5e538c5c1eeaa76137b243b78
2020-03-26 17:42:33 +00:00
NikolaiYurchenko
e641ff45a5 web/satellite: logout fix
Change-Id: I1b2b14c098e0959e9c5bd36adc889a425d00963c
2020-01-29 16:53:21 +00:00
NikolaiYurchenko
9bcb81108f web/satellite: verification email change
Change-Id: I0293ef4411b55e42bb372b230d797d6798eda515
2020-01-27 15:55:52 +02:00
Yaroslav
c636b06191 satellite/console: use cookie based auth scheme
Change-Id: I143b56f49fa9028ec172db8c29fd93577c3e7878
2020-01-20 21:35:23 +02:00
Yingrong Zhao
79a4fff6c7
satellite/referrals: set up referrals service and http endpoints (#3566) 2019-11-25 16:36:36 -05:00
Nikolai Siedov
e5934cc92a
satellite/console/auth: return in error handle added (#3639) 2019-11-22 21:44:57 +02:00
Egon Elbre
ee6c1cac8a
private: rename internal to private (#3573) 2019-11-14 21:46:15 +02:00
Nikolai Siedov
70c7ee842e
satellite: adding proper headers to api responses (#3489) 2019-11-12 15:05:35 +02:00
Nikolai Siedov
c1ae8c332f
satellite/console: auth API error handling refactored (#3540) 2019-11-12 13:53:00 +02:00
Nikolai Siedov
1a0757ebf7
web/satellite: auth error messages fixed (#3426) 2019-11-05 13:55:26 +02:00
Nikolai Siedov
6354b38849
web/satellite: auth graphql api replaced with REST API (#3396) 2019-10-29 16:24:16 +02:00
Nikolai Siedov
f4f142bf3e
satellite/console: get, update auth api endpoints added (#3375) 2019-10-25 15:07:17 +03:00
Yehor Butko
e82245e10e
satellite/payments: credit card selection (#3304) 2019-10-23 20:33:24 +03:00
Nikolai Siedov
3eec4e9070
satellite/console: add REST delete API endpoint (#3337) 2019-10-22 19:17:09 +03:00
Nikolai Siedov
6dd478e43c
satellite/console: forgot password, resend email endpoints added, default http route replaced with gorilla mux (#3327) 2019-10-21 19:42:49 +03:00