Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(core): Require mfa code to disable mfa #10345

Merged
merged 1 commit into from
Aug 13, 2024
Merged

fix(core): Require mfa code to disable mfa #10345

merged 1 commit into from
Aug 13, 2024

Conversation

tomi
Copy link
Contributor

@tomi tomi commented Aug 9, 2024
edited
Loading

Summary

Continuation of #10341

Also enables rate limiting for the /mfa/disable endpoint.

For the FE:

  • adds a typed event emitter
  • a mechanism to use Modal event emitter to provide data back from the modal
Kapture.2024-08-09.at.18.20.05.mp4

Related Linear tickets, Github issues, and Community forum posts

SEC-67

Review / Merge checklist

  • PR title and summary are descriptive. (conventions)
  • Docs updated or follow-up ticket created.
  • Tests included.
  • PR Labeled with release/backport (if the PR is an urgent fix that needs to be backported)

@n8n-assistant n8n-assistant bot added core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team ui Enhancement in /editor-ui or /design-system labels Aug 9, 2024
alexgrozav
alexgrozav requested changes Aug 12, 2024
View reviewed changes
Copy link
Contributor

@alexgrozav alexgrozav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! I think we should merge the two event bus creator functions though.

packages/design-system/src/utils/typed-event-bus.ts Outdated Show resolved Hide resolved
packages/editor-ui/src/components/Modal.vue Outdated Show resolved Hide resolved
@tomi tomi requested a review from alexgrozav August 12, 2024 11:48
tomi added a commit that referenced this pull request Aug 12, 2024
@tomi
fix: Require mfa code to change email
defaef9 
Continuation of #10345.

Require MFA code when changing email address if MFA is enabled.
@tomi tomi mentioned this pull request Aug 12, 2024
Merged
4 tasks
alexgrozav
alexgrozav previously approved these changes Aug 12, 2024
View reviewed changes
@cypress Cypress
Copy link

cypress bot commented Aug 12, 2024
edited
Loading


Test summary

397 0 0 0Flakiness 1

Run details
Project n8n
Status Passed
Commit d92431f
Started Aug 13, 2024 12:41 PM
Ended Aug 13, 2024 12:46 PM
Duration 04:44 💡
OS Linux Debian -
Browser Electron 118

View run in Cypress Cloud ➡️

Flakiness

e2e/30-editor-after-route-changes.cy.ts Flakiness
1 Editor actions should work > after switching between Editor and Executions

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Cloud

@github-actions GitHub Actions
Copy link
Contributor

✅ All Cypress E2E specs passed

Base automatically changed from fix-require-mfa-code-for-password-change to master August 12, 2024 14:08
@tomi tomi dismissed alexgrozav’s stale review August 12, 2024 14:08

The base branch was changed.

@tomi tomi force-pushed the fix-require-mfa-code-for-disabling-mfa branch from c4cd440 to d59b08d Compare August 12, 2024 14:09
@tomi tomi requested a review from alexgrozav August 12, 2024 14:09
@tomi tomi mentioned this pull request Aug 13, 2024
Merged
4 tasks
@tomi tomi force-pushed the fix-require-mfa-code-for-disabling-mfa branch from d59b08d to df13a4f Compare August 13, 2024 07:18
@tomi tomi changed the base branch from master to add-typed-event-bus August 13, 2024 07:18
@tomi tomi force-pushed the fix-require-mfa-code-for-disabling-mfa branch from df13a4f to d8f198c Compare August 13, 2024 07:19
@tomi
Copy link
Contributor Author

tomi commented Aug 13, 2024

Rebased on top of #10367. Once that is merged we can merge this one as well

netroy
netroy reviewed Aug 13, 2024
View reviewed changes
Copy link
Member

@netroy netroy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. will approve after #10367 is merged

Base automatically changed from add-typed-event-bus to master August 13, 2024 12:11
@tomi
fix: Require mfa code to disable mfa
d92431f 
Continuation of #10341

Also enables rate limiting for the `/mfa/disable` endpoint.

For the FE:
- adds a typed event emitter
- a mechanism to use Modal event emitter to provide data back from the modal
@tomi tomi force-pushed the fix-require-mfa-code-for-disabling-mfa branch from d8f198c to d92431f Compare August 13, 2024 12:23
@tomi tomi requested a review from netroy August 13, 2024 12:24
@github-actions GitHub Actions
Copy link
Contributor

✅ All Cypress E2E specs passed

@tomi tomi merged commit 3384f52 into master Aug 13, 2024
27 checks passed
@tomi tomi deleted the fix-require-mfa-code-for-disabling-mfa branch August 13, 2024 12:56
tomi added a commit that referenced this pull request Aug 14, 2024
@tomi
fix: Require mfa code to change email
ccc3050 
Continuation of #10345.

Require MFA code when changing email address if MFA is enabled.
MiloradFilipovic added a commit that referenced this pull request Aug 14, 2024
@MiloradFilipovic
Merge branch 'master' into ADO-2365-update-design-system
c65ffd9 
* master: (98 commits)
  feat(core): Allow overriding npm registry for community packages (#10325)
  feat(core): Upgrade DB drivers (no-changelog) (#10370)
  fix(editor): Fix bug causing workflow debugging to not work in new canvas (no-changelog) (#10384)
  fix: Fix issue with some errors not being handled correctly (no-changelog) (#10371)
  fix(core): Filter out prototype and constructor lookups in expressions (#10382)
  fix(editor): Connect up new project viewer role to the FE (#9913)
  refactor(core): Move queue recovery to scaling service (no-changelog) (#10368)
  fix(core): Account for owner when filtering by project ID in `GET /workflows` in Public API (#10379)
  fix(editor): Fix rendering of SVG icons in public chat on iOS (#10381)
  fix: Require mfa code to disable mfa (#10345)
  ci: Disable turbo cache when running tests for coverage collection (no-changelog) (#10380)
  refactor(editor): Add typed event bus (no-changelog) (#10367)
  refactor(core): Remove unused constants in Redis channels (no-changelog) (#10369)
  fix(editor): Revert change that hid swagger docs in the ui (#10350)
  fix(Okta Node): Add missing codex file (no-changelog) (#10372)
  fix(core): Fix worker shutdown errors when active executions (#10353)
  refactor(core): Rename ActiveWebhooks to LiveWebhooks (no-changelog) (#10355)
  fix(n8n Form Trigger Node): Fix issue preventing v1 node from working (#10364)
  feat(editor): Upgrade markdown-it to address AIKIDO-2024-10034 (no-changelog) (#10358)
  ci: Upgrade axios to address CVE-2024-39338 (no-changelog) (#10365)
  ...

# Conflicts:
#	packages/design-system/package.json
@github-actions github-actions bot mentioned this pull request Aug 14, 2024
Merged
@netroy netroy changed the title fix: Require mfa code to disable mfa fix(core): Require mfa code to disable mfa Aug 14, 2024
@janober
Copy link
Member

janober commented Aug 15, 2024

Got released with n8n@1.55.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@netroy netroy netroy approved these changes

@alexgrozav alexgrozav Awaiting requested review from alexgrozav

Assignees
No one assigned
Labels
core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team Released ui Enhancement in /editor-ui or /design-system
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tomi @janober @netroy @alexgrozav