OCram85/code-server
Archived
1
0
Fork 0
Code Pull Requests 2 Activity
3,437 Commits 15 Branches 149 Tags
6c8261a1617782dae82e5139a3694bbbef869e15
Commit Graph

696 Commits

Author SHA1 Message Date
Joe Previte
923761cd78 refactor: password logic in http w/ isCookieValid 2021-06-08 14:33:16 -07:00
Joe Previte
6020480b30 feat: add isCookieValid function and tests 2021-06-08 14:33:16 -07:00
Joe Previte
409b473c82 refactor: rewrite password logic at /login 2021-06-08 14:33:15 -07:00
Joe Previte
a14ea39c4a feat: add handlePasswordValidation + tests 2021-06-08 14:33:15 -07:00
Joe Previte
7ff4117531 feat: add getPasswordMethod & test for it 2021-06-08 14:33:15 -07:00
Joe Previte
ffa5c16e51 feat: update cli and test for hashed-password 2021-06-08 14:33:15 -07:00
Joe Previte
1134780b8b refactor: make wsProxy async 2021-06-08 14:33:14 -07:00
Joe Previte
91303d4e40 refactor: make ensureAuthenticated async 2021-06-08 14:33:14 -07:00
Joe Previte
0cdbd33b46 refactor: make authenticated async everywhere 
Since this checks if they are authenticated using the hash/password and it's
async, we need to update authenticated to be async, which means we have to
update it everywhere it's used.
 2021-06-08 14:33:14 -07:00
Joe Previte
fcc3f0d951 refactor: update login logic with new async hashing 
This adds the proper await logic for the hashing of passwords.
 2021-06-08 14:33:13 -07:00
Joe Previte
70197bb2a5 refactor: use argon2 instead of bcrypt 
This uses argon2 instead of bcrypt.

Note: this means the hash functions are now async which means we have to
refactor a lot of other code around auth.
 2021-06-08 14:33:13 -07:00
Joe Previte
aaf044728f refactor: add functions to check hash password 2021-06-08 14:33:12 -07:00
Joe Previte
cac667317e refactor: use bcrypt in hash function 2021-06-08 14:33:11 -07:00
Joe Previte
46fe77d464 chore: update CHANGELOG 2021-05-13 12:10:22 -07:00
Joe Previte
d7f1415290 refactor: use paths.runtime in socket proxyPipe 2021-05-13 12:10:21 -07:00
Joe Previte
a57ee69822 feat: add runtime to getEnvPaths 2021-05-13 12:10:21 -07:00
Asher
a882be5748 Refactor integration tests to use main entry point 2021-05-05 12:24:41 -05:00
Asher
20e70cfa05 Remove try from main 
All it does is log and exit which is what the caller will be doing on an
error anyway (see entry).
 2021-05-05 12:24:36 -05:00
Asher
c96fb65308 Split some entry methods into main 
This is so they can be unit tested.
 2021-05-05 12:24:35 -05:00
Asher
083400b50a Add flag to enable permessage-deflate 2021-05-05 12:24:34 -05:00
Asher
92bf2c9760 Add dev mode constant 2021-05-05 10:16:01 -05:00
Asher
8b2c78c4a4 Re-enable update tests 2021-05-04 13:29:42 -05:00
Asher
10babb4a0c Replace console with logger in sw register 2021-05-04 13:29:41 -05:00
Asher
a48ac5080b Share common util code with VS Code 
This lets us re-use the normalized base path so when we expire/clear the
cookie we use the same base path.
 2021-05-04 13:29:40 -05:00
Asher
49c26f70f7 Add logout route 2021-05-04 13:29:39 -05:00
Asher
e7a527514a Add authed context key 2021-05-03 15:00:54 -05:00
Joe Previte
07d682392e Merge pull request #3169 from cdr/jsjoeio/add-terminal-e2e-test 
feat(testing): add e2e tests for code-server and terminal
 2021-04-26 15:16:06 -07:00
Joe Previte
83746c8a1f refactor: remove null check in register.ts options.base 
Inside registerServiceWorker, we were originally using the nullash coalescing
operator to check if options.base was null or undefined. However, I realized
this check is not necessary.

If you look at getOptions' return value, we return an object with a key "base"
which is of type "string". We get that value by calling resolveBase which always
returns a string.

As a result, we didn't need to check if options.base was null or undefined
because it never can be.
 2021-04-23 17:09:03 -07:00
Joe Previte
cb65590b98 refactor: move tmpdir into src/node/constants 2021-04-23 14:35:32 -07:00
Asher
b9c80b8520 Merge pull request #3178 from code-asher/connections 
Minor connections refactor
 2021-04-21 12:22:45 -05:00
Asher
f0bafa387f Move connection logic into connection class 
- Moved everything I could into the class itself.
- Improve the logging situation a bit.
- Switch some trace logs to debug.
- Get debug port from message arguments.
 2021-04-21 11:48:45 -05:00
Joe Previte
f80d5c3764 refactor: rateLimiter.canTry logic to check >= 1 2021-04-19 13:14:19 -07:00
Joe Previte
7a5042176e fix: update logic for removing token from limiter 2021-04-19 11:12:43 -07:00
Joe Previte
a3f18d6158 refactor: change limiter.Try() to .removeToken() 2021-04-19 10:57:50 -07:00
Joe Previte
d8e45057c7 refactor: update rateLimiter to check try 
This changes adds a new method called `.canTry` to the rate limiter to check if
there are tokens remaining in the bucket.

It also adds suggestions from @oxy to make sure the user can brute force past
the rate limiter.
 2021-04-19 10:40:59 -07:00
Joe Previte
08521077f0 refactor(login): move rate limiter after successful login 
Before, we weren't checking if a login was successful before counting it
against the rate limiter.

With this change, we only count unsuccessful logins against the rate limiter.

We did this because this was a bug but also because it caused problems with our
e2e tests hitting the rate limit.
 2021-04-19 10:40:59 -07:00
Joe Previte
4683d8a077 fix: update comment and export rateLimiter 2021-04-19 10:40:58 -07:00
Asher
101c2a01f1 Fix tsc watch restarting when it shouldn't 
It seems reaching into lib/vscode for the types caused tsc to establish
watches that caused it to restart over and over while vscode was
building.

The strategy used here is to symlink it instead which is the same thing
we do for the proxy agent.
 2021-04-01 10:58:56 -05:00
Joe Previte
df6bfbbeaf feat: bump ts-node to 9.1.1 2021-03-30 16:46:49 -07:00
Joe Previte
e4db80667e refactor: use stdio correctly in wrapper 2021-03-29 14:05:59 -07:00
Asher
18ace7b906 Don't send permessage-deflate header if not supported (#2993) 2021-03-29 12:59:36 -05:00
Joe Previte
b04104cafe Merge branch 'main' into jsjoeio/upgrade-vscode-1.54 2021-03-22 10:43:39 -07:00
dependabot[bot]
a8e2ede4f5 chore(deps): bump js-yaml from 3.14.0 to 4.0.0 (#2920) 
* chore(deps): bump js-yaml from 3.14.0 to 4.0.0

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.0 to 4.0.0.
- [Release notes](https://github.com/nodeca/js-yaml/releases)
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.14.0...4.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

* fix(src/node): replace yaml.safeLoad with load

Also update @types/yaml to ^4.0.0.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Akash Satheesan <akash@coder.com>
 2021-03-18 16:30:10 -05:00
Joe Previte
071c8e15fc Merge branch 'main' into jsjoeio/upgrade-vscode-1.54 2021-03-17 13:51:27 -07:00
repo-ranger[bot]
45a1713767 Merge pull request #2906 from bpmct/rename-cloud 
rename references of "coder could"
 2021-03-17 18:28:14 +00:00
Ben Potter
a097713829 remove references of coder could 2021-03-16 22:59:30 -04:00
Joe Previte
0c2708302d refactor: remove --home flag/feature 
We are removing this because it was removed upstream in PR~115599.
 2021-03-16 14:25:28 -07:00
Asher
964ebe8d0a Replace fs-extra with fs.promises 
Remove the Mac directory copy instead of refactoring it since we've had
this for a long time now and I think it's safe to assume that users
running code-server on Mac don't have the old directory anymore.
 2021-03-16 12:51:08 -05:00
Asher
5a1f62a8fb Support permessage-deflate web socket extension (#2846) 2021-03-10 13:14:24 -06:00
Joe Previte
f21433a130 Merge pull request #2823 from cdr/vapurrmaid/rm-updatecss 
chore: Remove pages/update.css
 2021-03-05 14:04:33 -07:00