-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Cleanup CSRF Token Handling #123
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nilsstreedain
added
bug
Something isn't working
security
Investigating or resolving a potential security issue
labels
Feb 9, 2024
Closed
Justin-Fernbaugh
requested changes
Feb 9, 2024
Justin-Fernbaugh
approved these changes
Feb 16, 2024
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM make sure its on latest before merging
Closed
nilsstreedain
added this to the Implement Individual Features for Future Integration milestone
Mar 6, 2024
nilsstreedain
added a commit
that referenced
this pull request
Mar 15, 2024
* Update GitHub Actions for Merge Queue (#79) * Update codeql.yml * Update codeql.yml * Cleanup Client/Server Setup Documentation and Process (#113) * Rename .env.example to .env * Update and rename .env.example to .env * Update .env * Update README.md * Update .env * Update README.md * Update and rename .env to .env.example Set log level to debug and renamed to .env.example * Rename .env to .env.example * Update README.md * Update README.md * Update README.md * Cleanup CSRF Token Handling (#123) * Cleaned up auth.js, need to fix tests * Adjusted tests for auth.js and fixed broken test * Adjusted code based on comments --------- Co-authored-by: sirtinyhead <sirtinyhead@gmail.com> * force a refresh after usr clicks log out (#127) * fix small DOM bug (#142) * Bump bcrypt from 5.1.0 to 5.1.1 in /server (#88) Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases) - [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md) - [Commits](kelektiv/node.bcrypt.js@v5.1.0...v5.1.1) --- updated-dependencies: - dependency-name: bcrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Optimized csrf validation to only search database for session using current user (#149) * Move Project Documentation to GitHub Wiki (#150) * Moved API Doc to GitHub Wiki * Move prd.md to GitHub Wiki * Move sda.md to GitHub Wiki * Move sdp.md to GitHub Wiki * Update README.md * Bump mysql2 from 2.3.3 to 3.7.0 in /server (#107) Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.7.0. - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.3.3...v3.7.0) --- updated-dependencies: - dependency-name: mysql2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump sequelize from 6.35.0 to 6.37.1 in /server (#133) Bumps [sequelize](https://github.com/sequelize/sequelize) from 6.35.0 to 6.37.1. - [Release notes](https://github.com/sequelize/sequelize/releases) - [Commits](sequelize/sequelize@v6.35.0...v6.37.1) --- updated-dependencies: - dependency-name: sequelize dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump nodemon from 2.0.20 to 3.1.0 in /server (#137) Bumps [nodemon](https://github.com/remy/nodemon) from 2.0.20 to 3.1.0. - [Release notes](https://github.com/remy/nodemon/releases) - [Commits](remy/nodemon@v2.0.20...v3.1.0) --- updated-dependencies: - dependency-name: nodemon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump mysql2 from 2.3.3 to 3.9.2 in /server (#144) Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.9.2. - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.3.3...v3.9.2) --- updated-dependencies: - dependency-name: mysql2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump caniuse-lite from 1.0.30001565 to 1.0.30001596 in /server (#151) Bumps [caniuse-lite](https://github.com/browserslist/caniuse-lite) from 1.0.30001565 to 1.0.30001596. - [Commits](browserslist/caniuse-lite@1.0.30001565...1.0.30001596) --- updated-dependencies: - dependency-name: caniuse-lite dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump es5-ext from 0.10.62 to 0.10.64 in /server (#139) Bumps [es5-ext](https://github.com/medikoo/es5-ext) from 0.10.62 to 0.10.64. - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.62...v0.10.64) --- updated-dependencies: - dependency-name: es5-ext dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump follow-redirects from 1.15.2 to 1.15.4 in /client (#101) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.2 to 1.15.4. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.4) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump react-calendar from 4.6.1 to 4.8.0 in /client (#106) Bumps [react-calendar](https://github.com/wojtekmaj/react-calendar/tree/HEAD/packages/react-calendar) from 4.6.1 to 4.8.0. - [Release notes](https://github.com/wojtekmaj/react-calendar/releases) - [Commits](https://github.com/wojtekmaj/react-calendar/commits/v4.8.0/packages/react-calendar) --- updated-dependencies: - dependency-name: react-calendar dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump latest-version from 6.0.0 to 9.0.0 in /client (#146) Bumps [latest-version](https://github.com/sindresorhus/latest-version) from 6.0.0 to 9.0.0. - [Release notes](https://github.com/sindresorhus/latest-version/releases) - [Commits](sindresorhus/latest-version@v6.0.0...v9.0.0) --- updated-dependencies: - dependency-name: latest-version dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump react-router-dom from 6.3.0 to 6.22.2 in /client (#145) Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.3.0 to 6.22.2. - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.2/packages/react-router-dom) --- updated-dependencies: - dependency-name: react-router-dom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump react-bootstrap from 2.2.2 to 2.10.1 in /client (#126) Bumps [react-bootstrap](https://github.com/react-bootstrap/react-bootstrap) from 2.2.2 to 2.10.1. - [Release notes](https://github.com/react-bootstrap/react-bootstrap/releases) - [Changelog](https://github.com/react-bootstrap/react-bootstrap/blob/master/CHANGELOG.md) - [Commits](react-bootstrap/react-bootstrap@v2.2.2...v2.10.1) --- updated-dependencies: - dependency-name: react-bootstrap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ip from 1.1.5 to 1.1.9 in /client (#135) Bumps [ip](https://github.com/indutny/node-ip) from 1.1.5 to 1.1.9. - [Commits](indutny/node-ip@v1.1.5...v1.1.9) --- updated-dependencies: - dependency-name: ip dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump bootstrap from 5.1.3 to 5.3.3 in /client (#138) Bumps [bootstrap](https://github.com/twbs/bootstrap) from 5.1.3 to 5.3.3. - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v5.1.3...v5.3.3) --- updated-dependencies: - dependency-name: bootstrap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * added semicolons and a small change to a route (#154) * Redesign react (#140) * updated navBar and cleaned related code * redesigned login page TODO: comments * added comments that seem neccesary * Changed routing to always allow logged in users to get back to courses page, including nav buttons at the top of all pages * added 1 image from /public * Added UI images from client/public/ * Redid # page * updated # navbar and left side text * enabled navigation between home, #, and login, set up # to handle isTeacher * changes app.js to be consistent with current version after changes * added arrow-left-solid.svg * Update Homepage and Remove Old Pages/Components (#155) * Cleaned up Home.js to eb more applicable to the project this year * Removed old pages/components * Teacher student prem (#134) * reject teacher from joinig own course + add is teacher checkbox * serve two different interfaces based on premissions * modify tests to pass with isTeacher * Update users.js Fix indentation inconsistency * remove comment in seeder --------- Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * CSS cleanup and merged CSS files for redesign/refactoring (#166) * Updated top navbar so that users not logged in can access every page * Removed empty app.css * Cleanup old components.css file before rewrite * Initial cleanup of pages.css * Initial login CSS cleanup * Removed unused/legacy CSS selectors * Combined styles for refactor * Additional cleanup and fixed # slider * Combine login/# styles * Combine unessesary margin/padding in CSS * Fixed #41 --------- Co-authored-by: sirtinyhead <sirtinyhead@gmail.com> * Reduce dependencies (#167) * Removed frontend dependancies with no references. Tested locally * Removed backend dependancies with no references. Tested locally --------- Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com> * Bump @mui/material from 5.14.18 to 5.15.13 in /client (#168) Bumps [@mui/material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-material) from 5.14.18 to 5.15.13. - [Release notes](https://github.com/mui/material-ui/releases) - [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md) - [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-material) --- updated-dependencies: - dependency-name: "@mui/material" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump react-loader-spinner from 5.4.5 to 6.1.6 in /client (#163) Bumps [react-loader-spinner](https://github.com/mhnpd/react-loader-spinner) from 5.4.5 to 6.1.6. - [Release notes](https://github.com/mhnpd/react-loader-spinner/releases) - [Commits](mhnpd/react-loader-spinner@v5.4.5...v6.1.6) --- updated-dependencies: - dependency-name: react-loader-spinner dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dotenv from 16.3.1 to 16.4.5 in /server (#160) Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.3.1 to 16.4.5. - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v16.3.1...v16.4.5) --- updated-dependencies: - dependency-name: dotenv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump winston from 3.11.0 to 3.12.0 in /server (#159) Bumps [winston](https://github.com/winstonjs/winston) from 3.11.0 to 3.12.0. - [Release notes](https://github.com/winstonjs/winston/releases) - [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md) - [Commits](winstonjs/winston@v3.11.0...v3.12.0) --- updated-dependencies: - dependency-name: winston dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump moment from 2.29.4 to 2.30.1 in /server (#156) Bumps [moment](https://github.com/moment/moment) from 2.29.4 to 2.30.1. - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.4...2.30.1) --- updated-dependencies: - dependency-name: moment dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump winston-daily-rotate-file from 4.7.1 to 5.0.0 in /server (#158) Bumps [winston-daily-rotate-file](https://github.com/winstonjs/winston-daily-rotate-file) from 4.7.1 to 5.0.0. - [Release notes](https://github.com/winstonjs/winston-daily-rotate-file/releases) - [Changelog](https://github.com/winstonjs/winston-daily-rotate-file/blob/master/CHANGELOG.md) - [Commits](winstonjs/winston-daily-rotate-file@v4.7.1...v5.0.0) --- updated-dependencies: - dependency-name: winston-daily-rotate-file dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @trycourier/courier from 5.7.0 to 6.1.0 in /server (#157) Bumps [@trycourier/courier](https://github.com/trycourier/courier-node) from 5.7.0 to 6.1.0. - [Release notes](https://github.com/trycourier/courier-node/releases) - [Changelog](https://github.com/trycourier/courier-node/blob/master/CHANGELOG.md) - [Commits](trycourier/courier-node@v5.7.0...v6.1.0) --- updated-dependencies: - dependency-name: "@trycourier/courier" dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml (#177) Update dependabot assignees for new repo path * Update CODEOWNERS (#176) Update repo code owners for new path * Bump axios from 1.6.2 to 1.6.7 in /client (#175) Bumps [axios](https://github.com/axios/axios) from 1.6.2 to 1.6.7. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.6.2...v1.6.7) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @mui/icons-material from 5.14.19 to 5.15.13 in /client (#174) Bumps [@mui/icons-material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-icons-material) from 5.14.19 to 5.15.13. - [Release notes](https://github.com/mui/material-ui/releases) - [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md) - [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-icons-material) --- updated-dependencies: - dependency-name: "@mui/icons-material" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update readme paths (#178) * Update README.md * Update README.md * Bump react and react-dom in /client (#173) Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together. Updates `react` from 17.0.2 to 18.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react) Updates `react-dom` from 17.0.2 to 18.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react-dom) --- updated-dependencies: - dependency-name: react dependency-type: direct:production update-type: version-update:semver-major - dependency-name: react-dom dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redux from 4.2.1 to 5.0.1 in /client (#172) Bumps [redux](https://github.com/reduxjs/redux) from 4.2.1 to 5.0.1. - [Release notes](https://github.com/reduxjs/redux/releases) - [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md) - [Commits](reduxjs/redux@v4.2.1...v5.0.1) --- updated-dependencies: - dependency-name: redux dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump supertest from 6.3.3 to 6.3.4 in /server (#171) Bumps [supertest](https://github.com/ladjs/supertest) from 6.3.3 to 6.3.4. - [Release notes](https://github.com/ladjs/supertest/releases) - [Commits](ladjs/supertest@v6.3.3...v6.3.4) --- updated-dependencies: - dependency-name: supertest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump react-router-dom from 6.22.2 to 6.22.3 in /client (#170) Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.22.2 to 6.22.3. - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.3/packages/react-router-dom) --- updated-dependencies: - dependency-name: react-router-dom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump express from 4.18.2 to 4.18.3 in /server (#169) Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.18.3. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.18.3) --- updated-dependencies: - dependency-name: express dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: sirtinyhead <sirtinyhead@gmail.com> Co-authored-by: karinocheretny <102639509+karinocheretny@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Justin <40401142+Justin-Fernbaugh@users.noreply.github.com> Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com>
karinocheretny
added a commit
that referenced
this pull request
May 27, 2024
* Update GitHub Actions for Merge Queue (#79) * Update codeql.yml * Update codeql.yml * Cleanup Client/Server Setup Documentation and Process (#113) * Rename .env.example to .env * Update and rename .env.example to .env * Update .env * Update README.md * Update .env * Update README.md * Update and rename .env to .env.example Set log level to debug and renamed to .env.example * Rename .env to .env.example * Update README.md * Update README.md * Update README.md * Cleanup CSRF Token Handling (#123) * Cleaned up auth.js, need to fix tests * Adjusted tests for auth.js and fixed broken test * Adjusted code based on comments --------- Co-authored-by: sirtinyhead <sirtinyhead@gmail.com> * force a refresh after usr clicks log out (#127) * fix small DOM bug (#142) * Bump bcrypt from 5.1.0 to 5.1.1 in /server (#88) Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases) - [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md) - [Commits](kelektiv/node.bcrypt.js@v5.1.0...v5.1.1) --- updated-dependencies: - dependency-name: bcrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Optimized csrf validation to only search database for session using current user (#149) * Move Project Documentation to GitHub Wiki (#150) * Moved API Doc to GitHub Wiki * Move prd.md to GitHub Wiki * Move sda.md to GitHub Wiki * Move sdp.md to GitHub Wiki * Update README.md * Bump mysql2 from 2.3.3 to 3.7.0 in /server (#107) Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.7.0. - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.3.3...v3.7.0) --- updated-dependencies: - dependency-name: mysql2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump sequelize from 6.35.0 to 6.37.1 in /server (#133) Bumps [sequelize](https://github.com/sequelize/sequelize) from 6.35.0 to 6.37.1. - [Release notes](https://github.com/sequelize/sequelize/releases) - [Commits](sequelize/sequelize@v6.35.0...v6.37.1) --- updated-dependencies: - dependency-name: sequelize dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump nodemon from 2.0.20 to 3.1.0 in /server (#137) Bumps [nodemon](https://github.com/remy/nodemon) from 2.0.20 to 3.1.0. - [Release notes](https://github.com/remy/nodemon/releases) - [Commits](remy/nodemon@v2.0.20...v3.1.0) --- updated-dependencies: - dependency-name: nodemon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump mysql2 from 2.3.3 to 3.9.2 in /server (#144) Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.9.2. - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.3.3...v3.9.2) --- updated-dependencies: - dependency-name: mysql2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump caniuse-lite from 1.0.30001565 to 1.0.30001596 in /server (#151) Bumps [caniuse-lite](https://github.com/browserslist/caniuse-lite) from 1.0.30001565 to 1.0.30001596. - [Commits](browserslist/caniuse-lite@1.0.30001565...1.0.30001596) --- updated-dependencies: - dependency-name: caniuse-lite dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump es5-ext from 0.10.62 to 0.10.64 in /server (#139) Bumps [es5-ext](https://github.com/medikoo/es5-ext) from 0.10.62 to 0.10.64. - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.62...v0.10.64) --- updated-dependencies: - dependency-name: es5-ext dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump follow-redirects from 1.15.2 to 1.15.4 in /client (#101) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.2 to 1.15.4. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.4) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump react-calendar from 4.6.1 to 4.8.0 in /client (#106) Bumps [react-calendar](https://github.com/wojtekmaj/react-calendar/tree/HEAD/packages/react-calendar) from 4.6.1 to 4.8.0. - [Release notes](https://github.com/wojtekmaj/react-calendar/releases) - [Commits](https://github.com/wojtekmaj/react-calendar/commits/v4.8.0/packages/react-calendar) --- updated-dependencies: - dependency-name: react-calendar dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump latest-version from 6.0.0 to 9.0.0 in /client (#146) Bumps [latest-version](https://github.com/sindresorhus/latest-version) from 6.0.0 to 9.0.0. - [Release notes](https://github.com/sindresorhus/latest-version/releases) - [Commits](sindresorhus/latest-version@v6.0.0...v9.0.0) --- updated-dependencies: - dependency-name: latest-version dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump react-router-dom from 6.3.0 to 6.22.2 in /client (#145) Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.3.0 to 6.22.2. - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.2/packages/react-router-dom) --- updated-dependencies: - dependency-name: react-router-dom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump react-bootstrap from 2.2.2 to 2.10.1 in /client (#126) Bumps [react-bootstrap](https://github.com/react-bootstrap/react-bootstrap) from 2.2.2 to 2.10.1. - [Release notes](https://github.com/react-bootstrap/react-bootstrap/releases) - [Changelog](https://github.com/react-bootstrap/react-bootstrap/blob/master/CHANGELOG.md) - [Commits](react-bootstrap/react-bootstrap@v2.2.2...v2.10.1) --- updated-dependencies: - dependency-name: react-bootstrap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ip from 1.1.5 to 1.1.9 in /client (#135) Bumps [ip](https://github.com/indutny/node-ip) from 1.1.5 to 1.1.9. - [Commits](indutny/node-ip@v1.1.5...v1.1.9) --- updated-dependencies: - dependency-name: ip dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * Bump bootstrap from 5.1.3 to 5.3.3 in /client (#138) Bumps [bootstrap](https://github.com/twbs/bootstrap) from 5.1.3 to 5.3.3. - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v5.1.3...v5.3.3) --- updated-dependencies: - dependency-name: bootstrap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * added semicolons and a small change to a route (#154) * Redesign react (#140) * updated navBar and cleaned related code * redesigned login page TODO: comments * added comments that seem neccesary * Changed routing to always allow logged in users to get back to courses page, including nav buttons at the top of all pages * added 1 image from /public * Added UI images from client/public/ * Redid # page * updated # navbar and left side text * enabled navigation between home, #, and login, set up # to handle isTeacher * changes app.js to be consistent with current version after changes * added arrow-left-solid.svg * Update Homepage and Remove Old Pages/Components (#155) * Cleaned up Home.js to eb more applicable to the project this year * Removed old pages/components * Teacher student prem (#134) * reject teacher from joinig own course + add is teacher checkbox * serve two different interfaces based on premissions * modify tests to pass with isTeacher * Update users.js Fix indentation inconsistency * remove comment in seeder --------- Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com> * CSS cleanup and merged CSS files for redesign/refactoring (#166) * Updated top navbar so that users not logged in can access every page * Removed empty app.css * Cleanup old components.css file before rewrite * Initial cleanup of pages.css * Initial login CSS cleanup * Removed unused/legacy CSS selectors * Combined styles for refactor * Additional cleanup and fixed # slider * Combine login/# styles * Combine unessesary margin/padding in CSS * Fixed #41 --------- Co-authored-by: sirtinyhead <sirtinyhead@gmail.com> * Reduce dependencies (#167) * Removed frontend dependancies with no references. Tested locally * Removed backend dependancies with no references. Tested locally --------- Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com> * Bump @mui/material from 5.14.18 to 5.15.13 in /client (#168) Bumps [@mui/material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-material) from 5.14.18 to 5.15.13. - [Release notes](https://github.com/mui/material-ui/releases) - [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md) - [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-material) --- updated-dependencies: - dependency-name: "@mui/material" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump react-loader-spinner from 5.4.5 to 6.1.6 in /client (#163) Bumps [react-loader-spinner](https://github.com/mhnpd/react-loader-spinner) from 5.4.5 to 6.1.6. - [Release notes](https://github.com/mhnpd/react-loader-spinner/releases) - [Commits](mhnpd/react-loader-spinner@v5.4.5...v6.1.6) --- updated-dependencies: - dependency-name: react-loader-spinner dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dotenv from 16.3.1 to 16.4.5 in /server (#160) Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.3.1 to 16.4.5. - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v16.3.1...v16.4.5) --- updated-dependencies: - dependency-name: dotenv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump winston from 3.11.0 to 3.12.0 in /server (#159) Bumps [winston](https://github.com/winstonjs/winston) from 3.11.0 to 3.12.0. - [Release notes](https://github.com/winstonjs/winston/releases) - [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md) - [Commits](winstonjs/winston@v3.11.0...v3.12.0) --- updated-dependencies: - dependency-name: winston dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump moment from 2.29.4 to 2.30.1 in /server (#156) Bumps [moment](https://github.com/moment/moment) from 2.29.4 to 2.30.1. - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.4...2.30.1) --- updated-dependencies: - dependency-name: moment dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump winston-daily-rotate-file from 4.7.1 to 5.0.0 in /server (#158) Bumps [winston-daily-rotate-file](https://github.com/winstonjs/winston-daily-rotate-file) from 4.7.1 to 5.0.0. - [Release notes](https://github.com/winstonjs/winston-daily-rotate-file/releases) - [Changelog](https://github.com/winstonjs/winston-daily-rotate-file/blob/master/CHANGELOG.md) - [Commits](winstonjs/winston-daily-rotate-file@v4.7.1...v5.0.0) --- updated-dependencies: - dependency-name: winston-daily-rotate-file dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @trycourier/courier from 5.7.0 to 6.1.0 in /server (#157) Bumps [@trycourier/courier](https://github.com/trycourier/courier-node) from 5.7.0 to 6.1.0. - [Release notes](https://github.com/trycourier/courier-node/releases) - [Changelog](https://github.com/trycourier/courier-node/blob/master/CHANGELOG.md) - [Commits](trycourier/courier-node@v5.7.0...v6.1.0) --- updated-dependencies: - dependency-name: "@trycourier/courier" dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml (#177) Update dependabot assignees for new repo path * Update CODEOWNERS (#176) Update repo code owners for new path * Bump axios from 1.6.2 to 1.6.7 in /client (#175) Bumps [axios](https://github.com/axios/axios) from 1.6.2 to 1.6.7. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.6.2...v1.6.7) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @mui/icons-material from 5.14.19 to 5.15.13 in /client (#174) Bumps [@mui/icons-material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-icons-material) from 5.14.19 to 5.15.13. - [Release notes](https://github.com/mui/material-ui/releases) - [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md) - [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-icons-material) --- updated-dependencies: - dependency-name: "@mui/icons-material" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update readme paths (#178) * Update README.md * Update README.md * Bump react and react-dom in /client (#173) Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together. Updates `react` from 17.0.2 to 18.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react) Updates `react-dom` from 17.0.2 to 18.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react-dom) --- updated-dependencies: - dependency-name: react dependency-type: direct:production update-type: version-update:semver-major - dependency-name: react-dom dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redux from 4.2.1 to 5.0.1 in /client (#172) Bumps [redux](https://github.com/reduxjs/redux) from 4.2.1 to 5.0.1. - [Release notes](https://github.com/reduxjs/redux/releases) - [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md) - [Commits](reduxjs/redux@v4.2.1...v5.0.1) --- updated-dependencies: - dependency-name: redux dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump supertest from 6.3.3 to 6.3.4 in /server (#171) Bumps [supertest](https://github.com/ladjs/supertest) from 6.3.3 to 6.3.4. - [Release notes](https://github.com/ladjs/supertest/releases) - [Commits](ladjs/supertest@v6.3.3...v6.3.4) --- updated-dependencies: - dependency-name: supertest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump react-router-dom from 6.22.2 to 6.22.3 in /client (#170) Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.22.2 to 6.22.3. - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.3/packages/react-router-dom) --- updated-dependencies: - dependency-name: react-router-dom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump express from 4.18.2 to 4.18.3 in /server (#169) Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.18.3. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.18.3) --- updated-dependencies: - dependency-name: express dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: sirtinyhead <sirtinyhead@gmail.com> Co-authored-by: karinocheretny <102639509+karinocheretny@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Justin <40401142+Justin-Fernbaugh@users.noreply.github.com> Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com>
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adjusted auth.js to use cookies to get the XSRF token, rather than HTTPS headers. This may be readjusted in the future, but resolves unexpected behavior with XSRF tokens returning incorrectly. Closes #122
Changes: