1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-28 00:06:53 +01:00
Commit Graph

40 Commits

Author SHA1 Message Date
Ivar Conradi Østhus
34a7c2b244 fix: default maxAge for session set to two days
Unleash will now extend the session once every hour as long as
the user keeps the browser tab open within two days.
2020-10-02 16:34:16 +02:00
Ivar Conradi Østhus
51f26be759 fix: add secureHeaders option for HSTS 2020-10-01 21:47:40 +02:00
Ivar Conradi Østhus
2ce9b4e0c3 fix: Add option via env for ADMIN_AUTHENTICATION
closes #626
2020-09-25 21:35:34 +02:00
Ivar Conradi Østhus
a870c12138 fix: add optional helmet security headers
Allow users to enable the helmet middleware to enable
security headers by default.

https://github.com/helmetjs/helmet
2020-09-01 21:21:26 +02:00
Ivar Conradi Østhus
1bb0d03855
fix: version should be part of ui-config (#616) 2020-08-03 13:34:10 +02:00
Ivar Conradi Østhus
58f36d03ea fix: add keepAliveTimeout option 2020-07-13 21:40:22 +02:00
Jakob Heuser
d2a3e72bd8
Feat: Adds server.create() (#606) 2020-06-17 08:03:02 +02:00
Hendy Irawan
1e9db236c4
fix: Support proper SSL settings using DATABASE_SSL (#585)
As described in https://node-postgres.com/features/ssl , `ssl` is an object which will be passed to Node TLS socket.
Also:

```
(node:1) DeprecationWarning: Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify `rejectUnauthorized: true` to require a valid CA or `rejectUnauthorized: false` to explicitly opt out of MITM protection.
```

This change makes it possible to configure accepted SSL CA certificate, or to accept self-signed certificate.
2020-04-18 16:29:05 +02:00
Ivar Conradi Østhus
d01c9d2dac
fix: use airbnb lint rules directly (#583)
This drops usage of finn-eslint rules as they are no
longer maintained.
2020-04-14 22:29:11 +02:00
Jessica Schalz
e42b0c7801
feat: Update "enableLegacyRoutes" to false (#580)
Defining "enableLegacyRoutes" as "true" is less secure than setting it to "false" by default, according to the documentation in "Securing Unleash" (https://unleash.github.io/docs/securing_unleash).
2020-04-13 22:43:14 +02:00
Ivar Conradi Østhus
b912768923
feat: move secrets to settings (#577)
* feat: move secrets to settings

* feat: Add better support for detailed db options.

Added db field in options to allow better control of
db-options. Especially important to allow special chars
in database password which might lead to an invaid url
when defined as a database-url.

* fix: integrate logger with knex logger

* fix: remove secret option from all examples

* fix: more options.js unit tests

* fix: added settings-store e2e tests
2020-04-13 22:38:46 +02:00
Tim Peeters
ee0941a405 Fix typo environment variable instead of environemnt variable. (#537) 2020-02-20 08:34:32 +01:00
Shobhit Khandelwal
80a4d41f0f fix: Add option to disable database migrations #526 (#527)
Closes #526
2020-02-20 08:34:31 +01:00
Ivar Conradi Østhus
c9c26e249c fix: Add admin api for context-field definitions 2020-02-20 08:34:30 +01:00
Ran Magen
79741f78e5 fix: Add DATABASE_URL_FILE for loading a db url from a file (#455) 2020-02-20 08:34:26 +01:00
ivaosthu
8ce662e8a9 chore: Make options more testable 2020-02-20 08:34:25 +01:00
ivaosthu
70911e4013 chore: use undefined instead of null 2020-02-20 08:34:25 +01:00
Thinh Tran
484b10029d feat: Separate DATABASE_URL to multiple DATABASE_* variable (#437)
* Support construct database by multiple env variable
* fix typo for test
* Add small change for passord and support ssl
* consider ssl should be true always
2020-02-20 08:34:24 +01:00
ivaosthu
ccaab0c47b fix: LogProvider as option injected to unleash.
Instead of instructing users to do static calls
in to Unleash, she should instead be allwed to
specify the log provider as an option to Unleash.

This commit introduces the "getLogger" option,
a function responsible for creating a logger.
2020-02-20 08:34:24 +01:00
ivaosthu
ccce6056dd Fix: Add support for IPC connections.
Read this for more details:
https://nodejs.org/api/net.html#net_identifying_paths_for_ipc_connections
2020-02-20 08:34:23 +01:00
Benjamin Ludewig
9065c5ee88 feat: Added import & export through stateService #395 2020-02-20 08:34:22 +01:00
ivaosthu
bb396b6c62 feat: Add customizable ui config 2020-02-20 08:34:22 +01:00
ivaosthu
c25e994322 fix: Update variant protocol 2020-02-20 08:34:20 +01:00
Juan Hoyos
3623052c36 feat: Added feature toggle variants 2020-02-20 08:34:20 +01:00
ivaosthu
81c33312a2 fix: Critical bugfix 'databaseSchema' not defaulting to 'public' 2020-02-20 08:34:19 +01:00
ivaosthu
8b9f9dbd2c fix: Database migrator does use the databaseSchema option
closes #387
2020-02-20 08:34:19 +01:00
Benjamin Ludewig
abe4f8cf16 Use full name instead of perms, 403 error message now includes expected permission 2020-02-20 08:34:19 +01:00
Ivar Conradi Østhus
e0f2866be6 Use HTTP_HOST env variable as default host address 2020-02-20 08:34:10 +01:00
Ivar Conradi Østhus
4f808f13eb feat(bind): Added option to bind to http address.
Closes #318
2020-02-20 08:34:10 +01:00
ivaosthu
f4feab89f3 Implement authentication support for Unleash UI.
Closes: #261, #233, #232, #231
2020-02-20 08:34:06 +01:00
ivaosthu
37f9ed9570 Implement cookie-session support.
Sessions will be required to solve admin-auth.

I also refactored a few middlewares into seperate
files to make the code easier to read.

closes #262
2020-02-20 08:34:04 +01:00
Ivar
6bc23f04da Added option to disable legacy routes. Closes #244 2020-02-20 08:33:46 +01:00
sveisvei
375a8b1d4f Prettier/lint 2020-02-20 08:30:50 +01:00
sveisvei
1d3faca238 fix lint 2020-02-20 08:30:45 +01:00
sveisvei
f425597640 fix lint 2020-02-20 08:30:41 +01:00
ivaosthu
d4d63af2b0 Option to disable request logging.
Because all request details are available via
prometheus there is no need to also log all requests.

This solves #164 but we should still replace log4j with something else.
2020-02-20 08:30:41 +01:00
ivaosthu
7057d11553 replace commander with yargs 2020-02-20 08:30:41 +01:00
ivaosthu
35ad3aa072 cleanup bin 2020-02-20 08:30:40 +01:00
ivaosthu
f7a89b8223 more tests 2020-02-20 08:30:40 +01:00
ivaosthu
b8014fdddf Server Metrics with Prometheus
Implementation use internal eventBus to enable loose counting in the app.

read more at https://prometheus.io/

Closes #98
2020-02-20 08:30:40 +01:00