Commit Graph

535 Commits

Author SHA1 Message Date
Jeremy Wharton
7a2be3e6f6 private/web,satellite/console/.../consoleapi: serve rate limiting errors as JSON
This change causes rate limiting errors to be returned to the client
as JSON objects rather than plain text to prevent the satellite UI from
encountering issues when trying to parse them.

Resolves storj/customer-issues#88

Change-Id: I11abd19068927a22f1c28d18fc99e7dad8461834
2022-11-23 17:56:07 +00:00
Jeremy Wharton
e339f1a785 satellite/console: enable session timeout by default
This change causes the session inactivity timer to be enabled unless
expressly specified otherwise.

Change-Id: I85b4014394afac2feb21f383cac414cddb09ca8f
2022-11-17 17:41:15 +00:00
Moby von Briesen
776f1128b3 web/satellite: project level passphrase vuex logic
Added new feature flag.
Reworked vuex logic to work properly with project level passphrase.
Implemented new simple set project level passphrase modal.

Issue:
https://github.com/storj/storj/issues/5280

Change-Id: I6a15e90ee9fa7aa8a09c67022466787090120f9c
2022-11-17 16:53:25 +00:00
Jeremy Wharton
3c8facfe58 satellite/console,web/satellite: always notify when adding project members
Upon adding members to a project using the Add Team Member modal,
users are now notified that only email addresses belonging to an
account will receive a project invitation. This notification appears
regardless of whether every submitted email corresponds to an account.
Previously, users received an error message if any email address not
attached to an account was submitted.

Change-Id: Ia014c8311c1347e001b1c6c33de73ea61f20b0cb
2022-11-09 17:48:50 +00:00
Michal Niewrzal
f465fa927e satellite/console: drop redundant bucket interface
Change-Id: I1e132199f7c2f25eceb49a052ef4016d62db9705
2022-11-09 09:50:54 +01:00
Moby von Briesen
cc858f4e91 satellite/console: Turn new billing screens on by default
Set default value for console.new-billing-screen to true.

Change-Id: I0f7f9663af4b4dc384d2bda946b4853593151cfa
2022-11-04 19:41:54 +00:00
Lizzy Thomson
23917e51f2 satellite: invalid coupon code returns 400 status code
fixes: https://github.com/storj/storj/issues/4782

Change-Id: Idcc00202ed91a10c280f706e14d4901bf2f61541
2022-10-31 13:43:09 -06:00
Egon Elbre
aeb645d32b all: replace deprecated ioutil
Change-Id: I60b0bbf5b68b066e2d44b8b99438594d600a3c2d
2022-10-31 15:50:41 +00:00
Wilfred Asomani
2dc2669e22 console/abTesting: add support for AB testing
This change adds support for AB testing using flagship.io

Change-Id: I3e12f5d6cd7248d69adc2c684e4bcff2aadda1df
2022-10-27 10:57:12 +00:00
Vitalii
149b59069f satellite/{web, console}: removed old object flow
Removed old flow along with a feature flag

Issue:
https://github.com/storj/storj/issues/5166

Change-Id: I85cfabbf94e910c9d5efb01ef850f6b888a13f71
2022-10-20 16:27:50 +03:00
Yaroslav Vorobiov
e014e88cc7 satellite/payments: remove Deposit from Tokens interface
Change-Id: Ie04c35410baf8bf2c74cca0b7df1236a80f00e1b
2022-10-17 13:32:06 +02:00
Cameron
98fed4bc30 {satellite/console,web/satellite}: get project salt from satellite
Add getSalt to projects api. Add action, GET_SALT, on Store
Projects module to make the api request and return the salt
string everywhere in the web app that generates an access grant.
The Wasm code which is used to create the access grant has been
changed to decode the salt as a base64 encoded string. The names
of the function calls in the changed Wasm code have also been
changed to ensure that access grant creation fails if JS access
grant worker code and Wasm code are not the same version.

https://github.com/storj/storj-private/issues/64

Change-Id: Ia2bc4cbadad84b066ca1882b042a3f0bb13c783a
2022-10-12 19:06:27 +00:00
Yaroslav Vorobiov
5cfd64579e private/blockchain: fix Hex to add 0x prefix
Change-Id: I47da9cea160fe9bbdf452956836e3d4b5b44646f
2022-10-11 19:15:24 +00:00
Egon Elbre
ff22fc7ddd all: fix deprecated ioutil commands
Change-Id: I59db35116ec7215a1b8e2ae7dbd319fa099adfac
2022-10-11 15:27:29 +00:00
Wilfred Asomani
903ea38c86 web/satellite: increment login failed_login_count in sql
This change increments users' failed_login_count in the database layer to avoid potential data race.
It also updates the login_lockout_expiration as well in one operation.

see: https://github.com/storj/storj/issues/4986

Change-Id: I74624f1bee31667b269cb205d74d16e79daabcb6
2022-10-07 16:46:29 +00:00
Cameron
d8fb082f89 satellite/console: create project salt endpoint on satellite web server
Introduces a new endpoint on the satellite web server to get the
project's salt. The endpoint utilizes a new console service method
GetSalt which in turn calls the project DB GetSalt method if the
user is authorized. It returns the project salt bytes as a base64
encoded string in the response.

Change-Id: Ia13b5a4b8580e7bdad0dbb98014a276b1c74b46d
2022-09-27 12:19:28 +00:00
Cameron
41c2bca096 satellite/{console,metainfo,satellitedb}: add projectdb method GetSalt
Add new project db method, GetSalt, to get project salt. If salt
column is empty, return the sha-256 hash of the project ID. This
new method is used in metainfo endpoint ProjectInfo to return the
project salt to the client. This is backwards compatible because
the salt column is not populated yet. The updated endpoint will
do the same thing as the current endpoint.

Change-Id: I7eba376c865e10995a5a916302feca7cd7c7efa2
2022-09-26 13:12:21 +00:00
dlamarmorgan
3c4b2cb09a satellite/console/service.go: return billing balance as USD value
Return the balance as currency object with a value and currency. The values are returned in USDollarsMicro (6 digits after the decimal).

Change-Id: I88c87faf3311b72dedd293d4e754c2fd5c03c128
2022-09-23 09:35:26 -07:00
Jeremy Wharton
b7ae52fb35 web/satellite: add captcha verification to forgot password form
This change adds the option of requiring users to pass a captcha
verification before password recovery emails can be sent to them.
The captcha for the Forgot Password form shares a configuration with
the one for the login form.

Change-Id: I27fdb4ed42cd9da1b4b8b1e80357892dc4091765
2022-09-22 15:20:04 +00:00
Mya
6d017a1a92 satellite/oidc: include nodeURL in oidc configuration
By including NodeURL in the OIDC well-known configuration, we're
able to discover the NodeURL for a given HTTP address without
any client side assumptions or needing to make a drpc to discover
this. Instead, it's included in a call that is already made by an
OIDC/OAuth enabled client.

Change-Id: If00f31665ca69b1f522e26fec825b29ad03fe7f9
2022-09-13 13:46:30 +00:00
Jeremy Wharton
92d81db183 satellite/console,web/satellite: limit new password length to 128
This change implements a requirement that all new passwords must be
no longer than 128 characters.

Change-Id: I7a8f23c87190d465eed59b3e0627ccd32d465bb9
2022-09-08 13:29:47 +00:00
Yaroslav Vorobiov
ad7c5b1483 satellite/payments/monetary: remove pkg and all its references
Remove pkg satellite/payments/monetary as it moved to storj.io/common.
Update all code pkg references from monetary to common/currency.

Change-Id: If2519f4c80cf315a9299e6521a6b9bbc6c399156
2022-09-07 12:58:00 +00:00
Egon Elbre
794a4cc365 private/apigen: make code compile with 1.16
Our Test Versions still requires 1.16 to be compatible with our oldest
uplink versions. These changes make the code compile with 1.16.

Also, it makes go generate work in private/apigen/example.

Change-Id: Ib2f7493941a16f361328fe01d2be293f26123719
2022-09-02 16:34:46 +03:00
Egon Elbre
1343528a43 satellite/console/.../consoleapi/gen: ensure go generate works
Currently the paths were set relative to the root of the module,
however the code did not ensure that we are running relative to the
module directory.

Also, ensure typescript output corresponds to our styling.

Change-Id: I2b3cbd4ea8f2615e35c7b58c6fb8851669c47885
2022-09-02 16:34:46 +03:00
Jeremy Wharton
1613d37466 satellite/console: add endpoints for listing and revoking api keys
This change adds the following endpoints:
- projects/apikeys/{id}: returns a paged list of API keys for the
	project specified by the given ID
- apikeys/delete/{id}: deletes the API key specified by the given ID

Additionally, the API Go code generator has been given the ability to
process unsigned integer parameters.

Change-Id: I5ff24e012da24a3f06bea1ebb62bae6ff62f951a
2022-09-01 14:24:00 -05:00
dlamarmorgan
335e11dacd satellitedb: add token balance to API endpoint
Add the users current wallet balance to the endpoints for claiming and listing storjscan wallets. Also prevent a user with a claimed wallet address from claiming a new wallet.

Change-Id: I0dbf1303699f924d05c8c52359038dc5ef6c42a1
2022-08-31 22:55:16 +00:00
Vitalii
d585f2550d web/satellite: share bucket feature
Implemented share bucket feature.
Refactored share object modal a bit (has to be refactored entirely).

Issue:
https://github.com/storj/storj/issues/4945

Change-Id: Icefd4bfe3eef9173ae824eea44d30450acde8044
2022-08-29 18:41:06 +03:00
Jeremy Wharton
3f26cc599f satellite/console,web/satellite: invalidate sessions after inactivity
Sessions now expire after a much shorter amount of time, requiring
clients to issue API requests for session extension. This is handled
behind the scenes as the user interacts with the page, but once session
expiration is imminent, a modal appears which informs the user of his
inactivity and presents him with the choice of loging out or preserving
his session.

Change-Id: I68008d45859c814a835d65d882ad5ad2199d618e
2022-08-23 15:51:05 +00:00
Wilfred Asomani
a4192acabb console/satellite: track signup captcha scores
This change tracks signup captcha scores in the signup_captcha column in the users table.
It slightly modifies the captcha verify method to return both the score and success.

see: https://github.com/storj/storj/issues/5067

Change-Id: I7b3993e44958cfcf179806c7df19d6887fe3eda9
2022-08-23 10:13:49 +00:00
Yaroslav Vorobiov
9c77c762cb satellite/payments/storjscan: change USD currency to USDollarsMicro
Changes all usd amounts to use monetary.USDollarsMicro to have better prescision.

Change-Id: I391e2680f7fa11a0493e5af77488acff6dbf4999
2022-08-19 16:05:17 +00:00
JT Olio
e0d3e48b66 satellite/consoleweb: monitor visits without blowing up influx namespace
Change-Id: I43de5409e66b9ef34b6c35f211b9a252d3cc3caa
2022-08-18 17:48:28 +00:00
Cameron
fa23e55654 {private,satellite}: add Typescript generation to REST API generation
github issue: https://github.com/storj/storj/issues/4984

Change-Id: Id3473a6642f7a4af80edda25a6242559efaf69e9
2022-08-18 16:37:48 +00:00
Ivan Fraixedes
7299e9f92e
satellite/console: Add missing monkit calls
Add monkit monitoring calls to a couple of the service's methods because
they were missed.

Change-Id: I327a79634b7cdcaeb0e2701a737bb714a6478c4a
2022-08-16 13:20:18 +02:00
Jeremy Wharton
1f0638719e private/apigen,cmd/apigentest: add tests for generated API code
This change implements a unit test for ensuring proper
processing of requests and responses by generated API code.
Additionally, this change requires API handlers to explicitly receive
Monkit scopes rather than assuming that `mon` will always exist in the
generated API code's namespace.

Change-Id: Iea56f139f9dad0050b7d09ea765189280c3466f2
2022-08-15 16:48:41 +00:00
Vitalii
0ec28ca623 web/satellite: add token funds modal
Created new modal which shows user their native STORJ token wallet address.
There are QR and copy buttons.
It will be used only in new billing screen.

Change-Id: Icef3c8668c548b779c07fe2b85eb5761cd1221a3
2022-08-15 14:17:30 +03:00
wilfredasomani
cff8158054 satellite/console: add audit logs for failed logins
This change adds login failure logs for specific userID/email.

see: https://github.com/storj/storj/issues/4987

Change-Id: I58529145d7bd65abe47e002f34ec88018f641268
2022-08-11 12:11:21 +00:00
Ivan Fraixedes
b398035053 satellite/console/consoleweb: Log trace reqs with INFO
Change from DEBUG level to INFO level the logs that the trace request
middleware logs because it looks that we don't log in DEBUG level in
production Satellite API pods.

For making that assumption I searched in the last 7 days logs collected
by Google Logging service for all the Satellite API pods in US1 and it
didn't show any line.

Change-Id: I620009d70d59df46d524c8cee93851bd13eceeee
2022-08-09 14:01:00 +00:00
Yaroslav Vorobiov
eca1689f17 satellite/console: add wallet payments API
Extends satelling console billing API with method to
retrieve payments for a particular wallet.

Change-Id: I2e82793c715db9353427e0a287baac57bf6a0f43
2022-08-09 14:53:54 +02:00
prerna-parashar
e8b716f97b
satellite/analytics: Added track calls for user behavioral events (#5009)
satellite/analytics: Added Access Grant page analytics events
2022-08-08 11:17:35 -07:00
Jeremy Wharton
731fecd96f private/apigen: rework request parameter handling
- Previously unused struct Endpoint.Request now defines the form
	of the request body.
- Path parameters (e.g. "id" in "/delete/{id}") are defined in
	the Endpoint.PathParams field.
- Endpoint.Params has been renamed to Endpoint.QueryParams to
	eliminate confusion.

Change-Id: Ifef51ca2f362c33086f0e43e936d50b0fdd18aa1
2022-08-08 15:41:24 +00:00
kimbotsao
3afd7bcc8b satellite/console: Reset passwords invalidates all current user sessions.
Logs out all current user sessions when a password is changed through both the
forgot password and change password methods.

Change-Id: Iaf9b4969aa45441591524906af326b9dec17939f
2022-08-08 14:49:51 +00:00
Moby von Briesen
3f6bf64af9 satellite/console: Default NewProjectDashboard to "true"
We have enabled the new project dashboard in production. Change the
default to true so that we do not need an explicit configuration in
prod.

Change-Id: I0f93773965283e7b0682f6586685224281cbf78c
2022-08-06 01:00:31 +00:00
Márton Elek
1be5277c2a satellite/consoleweb: fix flaky TestAuth tests
We had a lot of flaky test failures from TestAuth. The error message (WHICH IS NOT VISIBLE IN JEKNINS, only in tests.json):

```
FAIL: TestAuth_Register_NameSpecialChars/Postgres (1.04s)
panic: runtime error: index out of range [0] with length 0 [recovered]
	panic: runtime error: index out of range [0] with length 0

goroutine 3473 [running]:

testing.tRunner.func1.2({0x235fe40, 0xc000fe6a08})
	/usr/local/go/src/testing/testing.go:1209 +0x36c
testing.tRunner.func1()
	/usr/local/go/src/testing/testing.go:1212 +0x3b6
panic({0x235fe40, 0xc000fe6a08})
	/usr/local/go/src/runtime/panic.go:1047 +0x266
storj.io/storj/satellite/console/consoleweb/consoleapi_test.TestAuth_Register_NameSpecialChars.func1(0xc001a281a0, 0x289d650, 0xc001a30000)
	/var/lib/jenkins/workspace/storj-gerrit-verify/satellite/console/consoleweb/consoleapi/auth_test.go:773 +0x785
storj.io/storj/private/testplanet.Run.func1.1({0x289c770, 0xc0001b8008})
	/var/lib/jenkins/workspace/storj-gerrit-verify/private/testplanet/run.go:67 +0x732
storj.io/storj/private/testmonkit.RunWith({0x289c770, 0xc0001b8008}, {0x28d89b0, 0xc001a281a0}, {0x1, {0x0, 0x0}, {0x0, 0x0, 0x0}}, ...)
```

The root cause:

testplanet uses a simulated mail sender which clicks to all the registration links by default (async).

These tests creat links and check the unverified users, but without enough luck the mail sender may already clicks to the link which makes the user verified.

Change-Id: I17cd6bf4ae3e7adc223ec693976bb609370f0c44
2022-08-04 19:06:07 +00:00
Vitalii
d76acda27e satellite/{web, console}: removed account locked statuses
Removed all the account locked messages.
Removed toast notification for login screen.
Updated wrong login credentials message.

Issues:
https://github.com/storj/storj/issues/4910
https://github.com/storj/storj/issues/4953

Change-Id: I1ac0ce16d3c1317204c28a509c21ebf3686a145e
2022-08-04 16:19:23 +00:00
Vitalii
ec72adb2a6 satellite/console: send email when user's account gets locked
We send an email when user's account gets locked.

Issue: https://github.com/storj/storj/issues/4967

Change-Id: I68beceda0ac09128755c0333dfa014bd5a186317
2022-08-04 10:39:20 +00:00
Vitalii
f562277344 satellite/{web,console}: added string length limits for signup partner and promo params
Added string length limits for registration partner and promo params.
Limitation added both on client and server sides.

Issue: https://github.com/storj/storj-private/issues/44

Change-Id: Ifae04caad1775e0a8ca72ae7f9abcf0ea5fb564b
2022-08-04 07:40:33 +00:00
Vitalii
ad37ea4518 satellite/{web, console}: login captcha implemented
Implemented Recaptcha and Hcaptcha for login screen.
Slightly refactored registration page implementation.
Made 2 different login/registration captcha configs on server side to easily swap between captchas independently.

Issue: https://github.com/storj/storj/issues/4982

Change-Id: I362bd5db2d59010e90a22301893bc3e1d860293a
2022-08-03 23:02:27 +00:00
dlamarmorgan
92be1d878f satellite/payments/stripecoinpayments: storjscan invoice generation
Add line item with unclaimed Storjscan wallet balance during invoice generation.

Change-Id: I018bfa01abfcf7bfdffba0c5a1350a69188f63d5
2022-08-03 13:24:26 -07:00
Jeremy Wharton
5f6892f95c satellite/console/consoleweb: early rejection in auth middleware
This change makes the authentication middleware reject any requests
that are not properly authenticated to prevent them from being
passed into endpoint-specific handlers.

Change-Id: I1f6b74f68fc7354e47fb825a128bad968129f420
2022-08-03 18:52:51 +00:00
Moby von Briesen
78fa0c11a3 satellite/analytics: Add user agent to TrackCreateUser
Send UserAgent (as "signup_partner") to Segment and Hubspot.

Change-Id: I3313eb902e87b429e7fa8e18afd397a63a3ed07d
2022-07-29 17:27:24 -04:00