Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Cleanup CSRF Token Handling #123

Merged
merged 3 commits into from
Feb 16, 2024
Merged

Cleanup CSRF Token Handling #123

merged 3 commits into from
Feb 16, 2024

Conversation

nilsstreedain
Copy link
Member

@nilsstreedain nilsstreedain commented Feb 9, 2024

Adjusted auth.js to use cookies to get the XSRF token, rather than HTTPS headers. This may be readjusted in the future, but resolves unexpected behavior with XSRF tokens returning incorrectly. Closes #122

Changes:

  • Cleanup/Comment auth.js
  • Restructure auth.js to use exclusively cookies, rather than storing token in cookie but selectively returning in header
  • Adjust tests to reflect change from header to cookies
  • Fix broken test incorrectly giving a valid token when testing for invalid token

@nilsstreedain nilsstreedain requested a review from a team February 9, 2024 08:32
@nilsstreedain nilsstreedain added bug Something isn't working security Investigating or resolving a potential security issue labels Feb 9, 2024
@nilsstreedain nilsstreedain linked an issue Feb 9, 2024 that may be closed by this pull request
server/lib/auth.js Outdated Show resolved Hide resolved
server/lib/auth.js Outdated Show resolved Hide resolved
server/lib/auth.js Outdated Show resolved Hide resolved
Copy link
Member

@Justin-Fernbaugh Justin-Fernbaugh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM make sure its on latest before merging

@Justin-Fernbaugh Justin-Fernbaugh added this pull request to the merge queue Feb 16, 2024
Merged via the queue into dev with commit 1ddf3a7 Feb 16, 2024
2 checks passed
@Justin-Fernbaugh Justin-Fernbaugh deleted the cleanup-xsrf branch February 16, 2024 20:11
@nilsstreedain nilsstreedain mentioned this pull request Feb 17, 2024
nilsstreedain added a commit that referenced this pull request Mar 15, 2024
* Update GitHub Actions for Merge Queue (#79)

* Update codeql.yml

* Update codeql.yml

* Cleanup Client/Server Setup Documentation and Process (#113)

* Rename .env.example to .env

* Update and rename .env.example to .env

* Update .env

* Update README.md

* Update .env

* Update README.md

* Update and rename .env to .env.example

Set log level to debug and renamed to .env.example

* Rename .env to .env.example

* Update README.md

* Update README.md

* Update README.md

* Cleanup CSRF Token Handling (#123)

* Cleaned up auth.js, need to fix tests

* Adjusted tests for auth.js and fixed broken test

* Adjusted code based on comments

---------

Co-authored-by: sirtinyhead <sirtinyhead@gmail.com>

* force a refresh after usr clicks log out (#127)

* fix small DOM bug (#142)

* Bump bcrypt from 5.1.0 to 5.1.1 in /server (#88)

Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases)
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md)
- [Commits](kelektiv/node.bcrypt.js@v5.1.0...v5.1.1)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Optimized csrf validation to only search database for session using current user (#149)

* Move Project Documentation to GitHub Wiki (#150)

* Moved API Doc to GitHub Wiki

* Move prd.md to GitHub Wiki

* Move sda.md to GitHub Wiki

* Move sdp.md to GitHub Wiki

* Update README.md

* Bump mysql2 from 2.3.3 to 3.7.0 in /server (#107)

Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.7.0.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v2.3.3...v3.7.0)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump sequelize from 6.35.0 to 6.37.1 in /server (#133)

Bumps [sequelize](https://github.com/sequelize/sequelize) from 6.35.0 to 6.37.1.
- [Release notes](https://github.com/sequelize/sequelize/releases)
- [Commits](sequelize/sequelize@v6.35.0...v6.37.1)

---
updated-dependencies:
- dependency-name: sequelize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump nodemon from 2.0.20 to 3.1.0 in /server (#137)

Bumps [nodemon](https://github.com/remy/nodemon) from 2.0.20 to 3.1.0.
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](remy/nodemon@v2.0.20...v3.1.0)

---
updated-dependencies:
- dependency-name: nodemon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump mysql2 from 2.3.3 to 3.9.2 in /server (#144)

Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.9.2.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v2.3.3...v3.9.2)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump caniuse-lite from 1.0.30001565 to 1.0.30001596 in /server (#151)

Bumps [caniuse-lite](https://github.com/browserslist/caniuse-lite) from 1.0.30001565 to 1.0.30001596.
- [Commits](browserslist/caniuse-lite@1.0.30001565...1.0.30001596)

---
updated-dependencies:
- dependency-name: caniuse-lite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump es5-ext from 0.10.62 to 0.10.64 in /server (#139)

Bumps [es5-ext](https://github.com/medikoo/es5-ext) from 0.10.62 to 0.10.64.
- [Release notes](https://github.com/medikoo/es5-ext/releases)
- [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md)
- [Commits](medikoo/es5-ext@v0.10.62...v0.10.64)

---
updated-dependencies:
- dependency-name: es5-ext
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump follow-redirects from 1.15.2 to 1.15.4 in /client (#101)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.2 to 1.15.4.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.4)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump react-calendar from 4.6.1 to 4.8.0 in /client (#106)

Bumps [react-calendar](https://github.com/wojtekmaj/react-calendar/tree/HEAD/packages/react-calendar) from 4.6.1 to 4.8.0.
- [Release notes](https://github.com/wojtekmaj/react-calendar/releases)
- [Commits](https://github.com/wojtekmaj/react-calendar/commits/v4.8.0/packages/react-calendar)

---
updated-dependencies:
- dependency-name: react-calendar
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump latest-version from 6.0.0 to 9.0.0 in /client (#146)

Bumps [latest-version](https://github.com/sindresorhus/latest-version) from 6.0.0 to 9.0.0.
- [Release notes](https://github.com/sindresorhus/latest-version/releases)
- [Commits](sindresorhus/latest-version@v6.0.0...v9.0.0)

---
updated-dependencies:
- dependency-name: latest-version
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump react-router-dom from 6.3.0 to 6.22.2 in /client (#145)

Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.3.0 to 6.22.2.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.2/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-bootstrap from 2.2.2 to 2.10.1 in /client (#126)

Bumps [react-bootstrap](https://github.com/react-bootstrap/react-bootstrap) from 2.2.2 to 2.10.1.
- [Release notes](https://github.com/react-bootstrap/react-bootstrap/releases)
- [Changelog](https://github.com/react-bootstrap/react-bootstrap/blob/master/CHANGELOG.md)
- [Commits](react-bootstrap/react-bootstrap@v2.2.2...v2.10.1)

---
updated-dependencies:
- dependency-name: react-bootstrap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump ip from 1.1.5 to 1.1.9 in /client (#135)

Bumps [ip](https://github.com/indutny/node-ip) from 1.1.5 to 1.1.9.
- [Commits](indutny/node-ip@v1.1.5...v1.1.9)

---
updated-dependencies:
- dependency-name: ip
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump bootstrap from 5.1.3 to 5.3.3 in /client (#138)

Bumps [bootstrap](https://github.com/twbs/bootstrap) from 5.1.3 to 5.3.3.
- [Release notes](https://github.com/twbs/bootstrap/releases)
- [Commits](twbs/bootstrap@v5.1.3...v5.3.3)

---
updated-dependencies:
- dependency-name: bootstrap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* added semicolons and a small change to a route (#154)

* Redesign react (#140)

* updated navBar and cleaned related code

* redesigned login page TODO: comments

* added comments that seem neccesary

* Changed routing to always allow logged in users to get back to courses page, including nav buttons at the top of all pages

* added 1 image from /public

* Added UI images from client/public/

* Redid # page

* updated # navbar and left side text

* enabled navigation between home, #, and login, set up # to handle isTeacher

* changes app.js to be consistent with current version after changes

* added arrow-left-solid.svg

* Update Homepage and Remove Old Pages/Components (#155)

* Cleaned up Home.js to eb more applicable to the project this year

* Removed old pages/components

* Teacher student prem (#134)

* reject teacher from joinig own course + add is teacher checkbox

* serve two different interfaces based on premissions

* modify tests to pass with isTeacher

* Update users.js

Fix indentation inconsistency

* remove comment in seeder

---------

Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* CSS cleanup and merged CSS files for redesign/refactoring (#166)

* Updated top navbar so that users not logged in can access every page

* Removed empty app.css

* Cleanup old components.css file before rewrite

* Initial cleanup of pages.css

* Initial login CSS cleanup

* Removed unused/legacy CSS selectors

* Combined styles for refactor

* Additional cleanup and fixed # slider

* Combine login/# styles

* Combine unessesary margin/padding in CSS

* Fixed #41

---------

Co-authored-by: sirtinyhead <sirtinyhead@gmail.com>

* Reduce dependencies (#167)

* Removed frontend dependancies with no references. Tested locally

* Removed backend dependancies with no references. Tested locally

---------

Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com>

* Bump @mui/material from 5.14.18 to 5.15.13 in /client (#168)

Bumps [@mui/material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-material) from 5.14.18 to 5.15.13.
- [Release notes](https://github.com/mui/material-ui/releases)
- [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-material)

---
updated-dependencies:
- dependency-name: "@mui/material"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-loader-spinner from 5.4.5 to 6.1.6 in /client (#163)

Bumps [react-loader-spinner](https://github.com/mhnpd/react-loader-spinner) from 5.4.5 to 6.1.6.
- [Release notes](https://github.com/mhnpd/react-loader-spinner/releases)
- [Commits](mhnpd/react-loader-spinner@v5.4.5...v6.1.6)

---
updated-dependencies:
- dependency-name: react-loader-spinner
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump dotenv from 16.3.1 to 16.4.5 in /server (#160)

Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.3.1 to 16.4.5.
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.3.1...v16.4.5)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump winston from 3.11.0 to 3.12.0 in /server (#159)

Bumps [winston](https://github.com/winstonjs/winston) from 3.11.0 to 3.12.0.
- [Release notes](https://github.com/winstonjs/winston/releases)
- [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md)
- [Commits](winstonjs/winston@v3.11.0...v3.12.0)

---
updated-dependencies:
- dependency-name: winston
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump moment from 2.29.4 to 2.30.1 in /server (#156)

Bumps [moment](https://github.com/moment/moment) from 2.29.4 to 2.30.1.
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](moment/moment@2.29.4...2.30.1)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump winston-daily-rotate-file from 4.7.1 to 5.0.0 in /server (#158)

Bumps [winston-daily-rotate-file](https://github.com/winstonjs/winston-daily-rotate-file) from 4.7.1 to 5.0.0.
- [Release notes](https://github.com/winstonjs/winston-daily-rotate-file/releases)
- [Changelog](https://github.com/winstonjs/winston-daily-rotate-file/blob/master/CHANGELOG.md)
- [Commits](winstonjs/winston-daily-rotate-file@v4.7.1...v5.0.0)

---
updated-dependencies:
- dependency-name: winston-daily-rotate-file
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @trycourier/courier from 5.7.0 to 6.1.0 in /server (#157)

Bumps [@trycourier/courier](https://github.com/trycourier/courier-node) from 5.7.0 to 6.1.0.
- [Release notes](https://github.com/trycourier/courier-node/releases)
- [Changelog](https://github.com/trycourier/courier-node/blob/master/CHANGELOG.md)
- [Commits](trycourier/courier-node@v5.7.0...v6.1.0)

---
updated-dependencies:
- dependency-name: "@trycourier/courier"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependabot.yml (#177)

Update dependabot assignees for new repo path

* Update CODEOWNERS (#176)

Update repo code owners for new path

* Bump axios from 1.6.2 to 1.6.7 in /client (#175)

Bumps [axios](https://github.com/axios/axios) from 1.6.2 to 1.6.7.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.2...v1.6.7)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @mui/icons-material from 5.14.19 to 5.15.13 in /client (#174)

Bumps [@mui/icons-material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-icons-material) from 5.14.19 to 5.15.13.
- [Release notes](https://github.com/mui/material-ui/releases)
- [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-icons-material)

---
updated-dependencies:
- dependency-name: "@mui/icons-material"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update readme paths (#178)

* Update README.md

* Update README.md

* Bump react and react-dom in /client (#173)

Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together.

Updates `react` from 17.0.2 to 18.2.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react)

Updates `react-dom` from 17.0.2 to 18.2.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react-dom)

---
updated-dependencies:
- dependency-name: react
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: react-dom
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump redux from 4.2.1 to 5.0.1 in /client (#172)

Bumps [redux](https://github.com/reduxjs/redux) from 4.2.1 to 5.0.1.
- [Release notes](https://github.com/reduxjs/redux/releases)
- [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md)
- [Commits](reduxjs/redux@v4.2.1...v5.0.1)

---
updated-dependencies:
- dependency-name: redux
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump supertest from 6.3.3 to 6.3.4 in /server (#171)

Bumps [supertest](https://github.com/ladjs/supertest) from 6.3.3 to 6.3.4.
- [Release notes](https://github.com/ladjs/supertest/releases)
- [Commits](ladjs/supertest@v6.3.3...v6.3.4)

---
updated-dependencies:
- dependency-name: supertest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-router-dom from 6.22.2 to 6.22.3 in /client (#170)

Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.22.2 to 6.22.3.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.3/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump express from 4.18.2 to 4.18.3 in /server (#169)

Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.18.3.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.18.3)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: sirtinyhead <sirtinyhead@gmail.com>
Co-authored-by: karinocheretny <102639509+karinocheretny@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Justin <40401142+Justin-Fernbaugh@users.noreply.github.com>
Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com>
karinocheretny added a commit that referenced this pull request May 27, 2024
* Update GitHub Actions for Merge Queue (#79)

* Update codeql.yml

* Update codeql.yml

* Cleanup Client/Server Setup Documentation and Process (#113)

* Rename .env.example to .env

* Update and rename .env.example to .env

* Update .env

* Update README.md

* Update .env

* Update README.md

* Update and rename .env to .env.example

Set log level to debug and renamed to .env.example

* Rename .env to .env.example

* Update README.md

* Update README.md

* Update README.md

* Cleanup CSRF Token Handling (#123)

* Cleaned up auth.js, need to fix tests

* Adjusted tests for auth.js and fixed broken test

* Adjusted code based on comments

---------

Co-authored-by: sirtinyhead <sirtinyhead@gmail.com>

* force a refresh after usr clicks log out (#127)

* fix small DOM bug (#142)

* Bump bcrypt from 5.1.0 to 5.1.1 in /server (#88)

Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases)
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md)
- [Commits](kelektiv/node.bcrypt.js@v5.1.0...v5.1.1)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Optimized csrf validation to only search database for session using current user (#149)

* Move Project Documentation to GitHub Wiki (#150)

* Moved API Doc to GitHub Wiki

* Move prd.md to GitHub Wiki

* Move sda.md to GitHub Wiki

* Move sdp.md to GitHub Wiki

* Update README.md

* Bump mysql2 from 2.3.3 to 3.7.0 in /server (#107)

Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.7.0.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v2.3.3...v3.7.0)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump sequelize from 6.35.0 to 6.37.1 in /server (#133)

Bumps [sequelize](https://github.com/sequelize/sequelize) from 6.35.0 to 6.37.1.
- [Release notes](https://github.com/sequelize/sequelize/releases)
- [Commits](sequelize/sequelize@v6.35.0...v6.37.1)

---
updated-dependencies:
- dependency-name: sequelize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump nodemon from 2.0.20 to 3.1.0 in /server (#137)

Bumps [nodemon](https://github.com/remy/nodemon) from 2.0.20 to 3.1.0.
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](remy/nodemon@v2.0.20...v3.1.0)

---
updated-dependencies:
- dependency-name: nodemon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump mysql2 from 2.3.3 to 3.9.2 in /server (#144)

Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.9.2.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v2.3.3...v3.9.2)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump caniuse-lite from 1.0.30001565 to 1.0.30001596 in /server (#151)

Bumps [caniuse-lite](https://github.com/browserslist/caniuse-lite) from 1.0.30001565 to 1.0.30001596.
- [Commits](browserslist/caniuse-lite@1.0.30001565...1.0.30001596)

---
updated-dependencies:
- dependency-name: caniuse-lite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump es5-ext from 0.10.62 to 0.10.64 in /server (#139)

Bumps [es5-ext](https://github.com/medikoo/es5-ext) from 0.10.62 to 0.10.64.
- [Release notes](https://github.com/medikoo/es5-ext/releases)
- [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md)
- [Commits](medikoo/es5-ext@v0.10.62...v0.10.64)

---
updated-dependencies:
- dependency-name: es5-ext
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump follow-redirects from 1.15.2 to 1.15.4 in /client (#101)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.2 to 1.15.4.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.4)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump react-calendar from 4.6.1 to 4.8.0 in /client (#106)

Bumps [react-calendar](https://github.com/wojtekmaj/react-calendar/tree/HEAD/packages/react-calendar) from 4.6.1 to 4.8.0.
- [Release notes](https://github.com/wojtekmaj/react-calendar/releases)
- [Commits](https://github.com/wojtekmaj/react-calendar/commits/v4.8.0/packages/react-calendar)

---
updated-dependencies:
- dependency-name: react-calendar
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump latest-version from 6.0.0 to 9.0.0 in /client (#146)

Bumps [latest-version](https://github.com/sindresorhus/latest-version) from 6.0.0 to 9.0.0.
- [Release notes](https://github.com/sindresorhus/latest-version/releases)
- [Commits](sindresorhus/latest-version@v6.0.0...v9.0.0)

---
updated-dependencies:
- dependency-name: latest-version
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump react-router-dom from 6.3.0 to 6.22.2 in /client (#145)

Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.3.0 to 6.22.2.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.2/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-bootstrap from 2.2.2 to 2.10.1 in /client (#126)

Bumps [react-bootstrap](https://github.com/react-bootstrap/react-bootstrap) from 2.2.2 to 2.10.1.
- [Release notes](https://github.com/react-bootstrap/react-bootstrap/releases)
- [Changelog](https://github.com/react-bootstrap/react-bootstrap/blob/master/CHANGELOG.md)
- [Commits](react-bootstrap/react-bootstrap@v2.2.2...v2.10.1)

---
updated-dependencies:
- dependency-name: react-bootstrap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump ip from 1.1.5 to 1.1.9 in /client (#135)

Bumps [ip](https://github.com/indutny/node-ip) from 1.1.5 to 1.1.9.
- [Commits](indutny/node-ip@v1.1.5...v1.1.9)

---
updated-dependencies:
- dependency-name: ip
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* Bump bootstrap from 5.1.3 to 5.3.3 in /client (#138)

Bumps [bootstrap](https://github.com/twbs/bootstrap) from 5.1.3 to 5.3.3.
- [Release notes](https://github.com/twbs/bootstrap/releases)
- [Commits](twbs/bootstrap@v5.1.3...v5.3.3)

---
updated-dependencies:
- dependency-name: bootstrap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* added semicolons and a small change to a route (#154)

* Redesign react (#140)

* updated navBar and cleaned related code

* redesigned login page TODO: comments

* added comments that seem neccesary

* Changed routing to always allow logged in users to get back to courses page, including nav buttons at the top of all pages

* added 1 image from /public

* Added UI images from client/public/

* Redid # page

* updated # navbar and left side text

* enabled navigation between home, #, and login, set up # to handle isTeacher

* changes app.js to be consistent with current version after changes

* added arrow-left-solid.svg

* Update Homepage and Remove Old Pages/Components (#155)

* Cleaned up Home.js to eb more applicable to the project this year

* Removed old pages/components

* Teacher student prem (#134)

* reject teacher from joinig own course + add is teacher checkbox

* serve two different interfaces based on premissions

* modify tests to pass with isTeacher

* Update users.js

Fix indentation inconsistency

* remove comment in seeder

---------

Co-authored-by: Nils Streedain <tannins_berets_0@icloud.com>

* CSS cleanup and merged CSS files for redesign/refactoring (#166)

* Updated top navbar so that users not logged in can access every page

* Removed empty app.css

* Cleanup old components.css file before rewrite

* Initial cleanup of pages.css

* Initial login CSS cleanup

* Removed unused/legacy CSS selectors

* Combined styles for refactor

* Additional cleanup and fixed # slider

* Combine login/# styles

* Combine unessesary margin/padding in CSS

* Fixed #41

---------

Co-authored-by: sirtinyhead <sirtinyhead@gmail.com>

* Reduce dependencies (#167)

* Removed frontend dependancies with no references. Tested locally

* Removed backend dependancies with no references. Tested locally

---------

Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com>

* Bump @mui/material from 5.14.18 to 5.15.13 in /client (#168)

Bumps [@mui/material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-material) from 5.14.18 to 5.15.13.
- [Release notes](https://github.com/mui/material-ui/releases)
- [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-material)

---
updated-dependencies:
- dependency-name: "@mui/material"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-loader-spinner from 5.4.5 to 6.1.6 in /client (#163)

Bumps [react-loader-spinner](https://github.com/mhnpd/react-loader-spinner) from 5.4.5 to 6.1.6.
- [Release notes](https://github.com/mhnpd/react-loader-spinner/releases)
- [Commits](mhnpd/react-loader-spinner@v5.4.5...v6.1.6)

---
updated-dependencies:
- dependency-name: react-loader-spinner
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump dotenv from 16.3.1 to 16.4.5 in /server (#160)

Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.3.1 to 16.4.5.
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.3.1...v16.4.5)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump winston from 3.11.0 to 3.12.0 in /server (#159)

Bumps [winston](https://github.com/winstonjs/winston) from 3.11.0 to 3.12.0.
- [Release notes](https://github.com/winstonjs/winston/releases)
- [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md)
- [Commits](winstonjs/winston@v3.11.0...v3.12.0)

---
updated-dependencies:
- dependency-name: winston
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump moment from 2.29.4 to 2.30.1 in /server (#156)

Bumps [moment](https://github.com/moment/moment) from 2.29.4 to 2.30.1.
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](moment/moment@2.29.4...2.30.1)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump winston-daily-rotate-file from 4.7.1 to 5.0.0 in /server (#158)

Bumps [winston-daily-rotate-file](https://github.com/winstonjs/winston-daily-rotate-file) from 4.7.1 to 5.0.0.
- [Release notes](https://github.com/winstonjs/winston-daily-rotate-file/releases)
- [Changelog](https://github.com/winstonjs/winston-daily-rotate-file/blob/master/CHANGELOG.md)
- [Commits](winstonjs/winston-daily-rotate-file@v4.7.1...v5.0.0)

---
updated-dependencies:
- dependency-name: winston-daily-rotate-file
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @trycourier/courier from 5.7.0 to 6.1.0 in /server (#157)

Bumps [@trycourier/courier](https://github.com/trycourier/courier-node) from 5.7.0 to 6.1.0.
- [Release notes](https://github.com/trycourier/courier-node/releases)
- [Changelog](https://github.com/trycourier/courier-node/blob/master/CHANGELOG.md)
- [Commits](trycourier/courier-node@v5.7.0...v6.1.0)

---
updated-dependencies:
- dependency-name: "@trycourier/courier"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependabot.yml (#177)

Update dependabot assignees for new repo path

* Update CODEOWNERS (#176)

Update repo code owners for new path

* Bump axios from 1.6.2 to 1.6.7 in /client (#175)

Bumps [axios](https://github.com/axios/axios) from 1.6.2 to 1.6.7.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.2...v1.6.7)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @mui/icons-material from 5.14.19 to 5.15.13 in /client (#174)

Bumps [@mui/icons-material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-icons-material) from 5.14.19 to 5.15.13.
- [Release notes](https://github.com/mui/material-ui/releases)
- [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui/material-ui/commits/v5.15.13/packages/mui-icons-material)

---
updated-dependencies:
- dependency-name: "@mui/icons-material"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update readme paths (#178)

* Update README.md

* Update README.md

* Bump react and react-dom in /client (#173)

Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together.

Updates `react` from 17.0.2 to 18.2.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react)

Updates `react-dom` from 17.0.2 to 18.2.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react-dom)

---
updated-dependencies:
- dependency-name: react
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: react-dom
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump redux from 4.2.1 to 5.0.1 in /client (#172)

Bumps [redux](https://github.com/reduxjs/redux) from 4.2.1 to 5.0.1.
- [Release notes](https://github.com/reduxjs/redux/releases)
- [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md)
- [Commits](reduxjs/redux@v4.2.1...v5.0.1)

---
updated-dependencies:
- dependency-name: redux
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump supertest from 6.3.3 to 6.3.4 in /server (#171)

Bumps [supertest](https://github.com/ladjs/supertest) from 6.3.3 to 6.3.4.
- [Release notes](https://github.com/ladjs/supertest/releases)
- [Commits](ladjs/supertest@v6.3.3...v6.3.4)

---
updated-dependencies:
- dependency-name: supertest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-router-dom from 6.22.2 to 6.22.3 in /client (#170)

Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.22.2 to 6.22.3.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.22.3/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump express from 4.18.2 to 4.18.3 in /server (#169)

Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.18.3.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.18.3)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: sirtinyhead <sirtinyhead@gmail.com>
Co-authored-by: karinocheretny <102639509+karinocheretny@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Justin <40401142+Justin-Fernbaugh@users.noreply.github.com>
Co-authored-by: Elijah Durbin <89661058+Durbin-Elijah@users.noreply.github.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
bug Something isn't working security Investigating or resolving a potential security issue
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Null CSRF tokens
3 participants