Commit Graph

17 Commits

Author SHA1 Message Date
Hoan Luu Huu 3121c2a197 fix hosted app, register by email (#196)
* fix hosted app, register by email

* update mailgun configuration

* update payment method when update card

* fix

* fix

* fix

* change free plan settings

* fix forgot password

* fix forgot password

* fix

* fix
2023-07-30 22:35:38 -04:00
Paulo Telles aadb0b15f2 change response text to avoid reveal user's data (#161)
* change response text to avoid reveal user's data

* include log into forgot password

---------

Co-authored-by: p.souza <p.souza@cognigy.com>
2023-05-04 08:39:04 -04:00
EgleH b2dce18c7a Limit access to resources according to user scoped Account or SP (#140)
* limit access to resources according to user scope

* fix error change

* speech credentials validation

* fix speech credentials validation

* fix the issues that didnt allow tests to pass

* speech credential validation

* retrieve speech cred list

* fixt speech credential test valodation

* check scope of smpp-gateways

* check scope of smpp-gateways

* testing time

* /signin for hosted system needs to return scope in jwt

* fix user delete route and adjust tests

* get refactor

---------

Co-authored-by: eglehelms <e.helms@cognigy.com>
Co-authored-by: Dave Horton <daveh@beachdognet.com>
Co-authored-by: Guilherme Rauen <g.rauen@cognigy.com>
2023-04-05 14:20:51 -04:00
Markus Frindt 97b17d9e1d Improved invalidation of JWT in redis (#139)
* Improved invalidation of JWT in redis

* use jwt as default value in generateRedisKey

* import logger in app.js

---------

Co-authored-by: Markus Frindt <m.frindt@cognigy.com>
2023-03-31 16:19:34 -04:00
EgleH 27cb7c471a Add passwordSettings validation (#136)
* add password Settings validation

* fix test failing because of pass validation

---------

Co-authored-by: eglehelms <e.helms@cognigy.com>
2023-03-29 08:54:05 -04:00
Dave Horton c4cc6c51ee eliminate parsing of jwt to support either jwt or api key (#124)
* eliminate parsing of jwt to support either jwt or api key

* fixes for preventing non-authorized changes to users

* update to AWS v3 api
2023-03-14 18:54:56 -04:00
Dave Horton 3d86292a90 prevent updates to users that would move them to a different account … (#122)
* prevent updates to users that would move them to a different account or service provider, or make them admin users

* bugfix: when updating account as admin user, verify the account sid

* validate account sid when SP user tries to update
2023-03-08 11:38:49 -05:00
EgleH d4f2be3dc1 Add check for users to delete function (#104)
* add check for users to delete function

* fix typo

* fix active admin check

---------

Co-authored-by: eglehelms <e.helms@cognigy.com>
2023-02-08 07:16:29 -05:00
EgleH f2c2623b28 Speech should always be attached to an SP (#98)
* user will always be attached to SP, thus always provide SP sid

* add another fallback for service_provider_sid

* fix the email and username check in user creation that was crashing the server

* not allow same names for shared and account carriers

Co-authored-by: eglehelms <e.helms@cognigy.com>
2023-01-26 07:53:29 -05:00
EgleH 6c494786c8 add check to not allow the same password to be user as new (#97)
Co-authored-by: eglehelms <e.helms@cognigy.com>
2023-01-23 07:59:33 -05:00
EgleH 274377960e Allow falsy values for force_change and Is_active in PUT user call (#95)
* allow falsy values

* apply review comments

Co-authored-by: eglehelms <e.helms@cognigy.com>
2023-01-19 10:39:57 -05:00
Dave Horton e42634d726 error case: creating user with duplicate email, return json with msg for toast 2022-12-26 13:19:24 -06:00
Dave Horton 317a094b3e return account name and sp name in getUsers (#87) 2022-12-19 15:05:35 -05:00
EgleH dd2176bf89 feature/user-api-calls (#80)
* initial changes for jwt auth

* return permissions as an array of string

* basic GET, POST, DELETE user api calls

* add permission checks

* hide hashed_password

* cleanup

* add check if admin user is active

* return account and serviceProvider sid un user object

* add more values to user PUT

* logout user after self delete, fix scope assignment

* add admin scope user tests

* fix test case and align jwt and api key data model in req.user

* fixes for ibm speech

* add limits license_count and voice_call_minutes

* update limits enum again

* rebase to main

* allow predefined carriers and speech credentials for Account user

* reverse the hasAccountPermissions changes

* SpeechCredentials permissions

* fix /Users/me api non-saas jambonz

Co-authored-by: Dave Horton <daveh@beachdognet.com>
Co-authored-by: eglehelms <e.helms@cognigy.com>
2022-12-10 09:12:05 -05:00
Dave Horton 1b67d5f89d Feature/add users api (#77)
* initial changes for jwt auth

* return permissions as an array of string

* Add JWT expiration environment variable (#74)

* allow fromHost in createCall REST API

* add JWT_EXPIRES_IN=<mins> env variable, 60 mins by default

* add jwt expiration in register.js and signin.js

* fix tests - add permissions and scope to encoded obj in jwt

Co-authored-by: Dave Horton <daveh@beachdognet.com>
Co-authored-by: eglehelms <e.helms@cognigy.com>

* return only the jwt-token in the api response

* update swagger.yaml

* add /users api

* apply review comments

* add users test case

* added User model

* bugfix: admin user should be able to create a carrier for a service provider

Co-authored-by: EgleH <egle.helms@gmail.com>
Co-authored-by: eglehelms <e.helms@cognigy.com>
2022-11-07 13:47:18 -05:00
Dave Horton ed51d8b13f merge of features from hosted branch (#7)
major merge of features from the hosted branch that was created temporarily during the initial launch of jambonz.org
2021-06-17 15:56:21 -04:00
Dave Horton 61a5ce2672 added basic login support for admin user 2020-04-01 16:27:18 -04:00