diff --git a/changelog.md b/changelog.md index eb269b6b..3cec1eed 100644 --- a/changelog.md +++ b/changelog.md @@ -5,6 +5,8 @@ Changelog ------------------- * Stricter validation on the 'Create App Client Form.' +* Looks for database in 'public' searchPath in Postgres. (@Zen-cronic) +* Fix internal error on user/id route in Postgres. (@Zen-cronic) 0.26.2 (2024-08-30) diff --git a/package-lock.json b/package-lock.json index 1796c783..07e6a917 100644 --- a/package-lock.json +++ b/package-lock.json @@ -32,9 +32,9 @@ "eff-diceware-passphrase": "^3.0.0", "geoip-lite": "^1.0.10", "handlebars": "^4.7.7", - "jose": "^5.1.0", + "jose": "^5.9.2", "knex": "^3.0.1", - "mysql2": "^3.10.2", + "mysql2": "^3.11.2", "nodemailer": "^6.9.15", "otplib": "^12.0.1", "pg": "^8.7.1", @@ -3870,9 +3870,9 @@ } }, "node_modules/jose": { - "version": "5.8.0", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.8.0.tgz", - "integrity": "sha512-E7CqYpL/t7MMnfGnK/eg416OsFCVUrU/Y3Vwe7QjKhu/BkS1Ms455+2xsqZQVN57/U2MHMBvEb5SrmAZWAIntA==", + "version": "5.9.2", + "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.2.tgz", + "integrity": "sha512-ILI2xx/I57b20sd7rHZvgiiQrmp2mcotwsAH+5ajbpFQbrYVQdNHYlQhoA5cFb78CgtBOxtC05TeA+mcgkuCqQ==", "license": "MIT", "funding": { "url": "https://github.com/sponsors/panva" @@ -4173,13 +4173,19 @@ "get-func-name": "^2.0.1" } }, - "node_modules/lru-cache": { - "version": "8.0.5", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-8.0.5.tgz", - "integrity": "sha512-MhWWlVnuab1RG5/zMRRcVGXZLCXrZTgfwMikgzCegsPnG62yDQo5JnqKkrK4jO5iKqDAZGItAqN5CtKBCBWRUA==", - "license": "ISC", + "node_modules/lru.min": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/lru.min/-/lru.min-1.1.1.tgz", + "integrity": "sha512-FbAj6lXil6t8z4z3j0E5mfRlPzxkySotzUHwRXjlpRh10vc6AI6WN62ehZj82VG7M20rqogJ0GLwar2Xa05a8Q==", + "license": "MIT", "engines": { - "node": ">=16.14" + "bun": ">=1.0.0", + "deno": ">=1.30.0", + "node": ">=8.0.0" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/wellwelwel" } }, "node_modules/make-dir": { @@ -4582,9 +4588,9 @@ } }, "node_modules/mysql2": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/mysql2/-/mysql2-3.11.0.tgz", - "integrity": "sha512-J9phbsXGvTOcRVPR95YedzVSxJecpW5A5+cQ57rhHIFXteTP10HCs+VBjS7DHIKfEaI1zQ5tlVrquCd64A6YvA==", + "version": "3.11.2", + "resolved": "https://registry.npmjs.org/mysql2/-/mysql2-3.11.2.tgz", + "integrity": "sha512-3jhjAk4NHs3rcKjOiFTqmU76kdib/KDOC+lshrYa76QWkcfF1GbYGK4d5PqPljVmIAc0ChozCRmeYIlNp5bz5w==", "license": "MIT", "dependencies": { "aws-ssl-profiles": "^1.1.1", @@ -4592,7 +4598,7 @@ "generate-function": "^2.3.1", "iconv-lite": "^0.6.3", "long": "^5.2.1", - "lru-cache": "^8.0.0", + "lru.min": "^1.0.0", "named-placeholders": "^1.1.3", "seq-queue": "^0.0.5", "sqlstring": "^2.3.2" diff --git a/package.json b/package.json index 66458555..5819b946 100644 --- a/package.json +++ b/package.json @@ -69,9 +69,9 @@ "eff-diceware-passphrase": "^3.0.0", "geoip-lite": "^1.0.10", "handlebars": "^4.7.7", - "jose": "^5.1.0", + "jose": "^5.9.2", "knex": "^3.0.1", - "mysql2": "^3.10.2", + "mysql2": "^3.11.2", "nodemailer": "^6.9.15", "otplib": "^12.0.1", "pg": "^8.7.1", diff --git a/src/changepassword/controller.ts b/src/changepassword/controller.ts index 1744b727..b8d80b3c 100644 --- a/src/changepassword/controller.ts +++ b/src/changepassword/controller.ts @@ -10,9 +10,9 @@ class ChangePasswordController extends Controller { async get(ctx: Context) { + const csrfToken = await ctx.getCsrf(); ctx.response.type = 'text/html'; - ctx.response.body = changePasswordForm(ctx.query.msg, ctx.query.error); - + ctx.response.body = changePasswordForm(ctx.query.msg, ctx.query.error, csrfToken); } async post(ctx: Context) { diff --git a/src/changepassword/formats/html.ts b/src/changepassword/formats/html.ts index 25f4a98f..1a475dfd 100644 --- a/src/changepassword/formats/html.ts +++ b/src/changepassword/formats/html.ts @@ -1,12 +1,13 @@ import { render } from '../../templates.js'; -export function changePasswordForm(msg: string, error: string) { +export function changePasswordForm(msg: string, error: string, csrfToken: string) { return render('changepassword', { title: 'Change Password', msg: msg, error: error, action: '/change-password', + csrfToken: csrfToken, }); } diff --git a/src/database.ts b/src/database.ts index ab8ee100..1b627c99 100644 --- a/src/database.ts +++ b/src/database.ts @@ -132,6 +132,7 @@ export function getSettings(): Knex.Config { searchPath = [ connection.user as string, connection.database as string, + 'public', ]; break; case 'mysql' : diff --git a/src/principal-identity/service.ts b/src/principal-identity/service.ts index 9aa0b176..e54f78dc 100644 --- a/src/principal-identity/service.ts +++ b/src/principal-identity/service.ts @@ -124,9 +124,9 @@ function recordToModel(principal: Principal, record: PrincipalIdentitiesRecord): externalId: record.external_id, label: record.label, isPrimary: !!record.is_primary, - verifiedAt: record.verified_at ? new Date(record.verified_at) : null, - createdAt: new Date(record.created_at), - modifiedAt: new Date(record.modified_at), + verifiedAt: record.verified_at ? new Date(+record.verified_at) : null, + createdAt: new Date(+record.created_at), + modifiedAt: new Date(+record.modified_at), }; } diff --git a/src/principal/service.ts b/src/principal/service.ts index bc9c9cfa..eaa8be6f 100644 --- a/src/principal/service.ts +++ b/src/principal/service.ts @@ -411,8 +411,8 @@ function recordToModel(user: PrincipalsRecord): Principal { href: `/${userTypeIntToUserType(user.type)}/${user.external_id}`, externalId: user.external_id, nickname: user.nickname!, - createdAt: new Date(user.created_at), - modifiedAt: new Date(user.modified_at), + createdAt: new Date(+user.created_at), + modifiedAt: new Date(+user.modified_at), type: userTypeIntToUserType(user.type), active: !!user.active, system: !!user.system, diff --git a/templates/changepassword.hbs b/templates/changepassword.hbs index d80c710e..d0e97e00 100644 --- a/templates/changepassword.hbs +++ b/templates/changepassword.hbs @@ -26,6 +26,8 @@

Cancel

+ + {{#each hiddenFields}} {{/each}}