Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(clerk-js,localizations,shared,types): Prompt user to reset pwned… #3075

Merged
merged 1 commit into from
Apr 1, 2024
Merged

feat(clerk-js,localizations,shared,types): Prompt user to reset pwned… #3075

merged 1 commit into from
Apr 1, 2024

Conversation

yourtallness
Copy link
Member

@yourtallness yourtallness commented Mar 31, 2024
edited
Loading

… password at sign-in

If admin has enabled password_settings.enforce_on_sign_in and HIBP is enabled, then a password could potentially be detected as pwned at a subsequent sign-in.

The API will respond with error code form_password_pwned, in which case we will show a corresponding error and show the alternative method list, prompting them to reset their password.

Back-port of #3034

Description

Checklist

  • npm test runs as expected.
  • npm run build runs as expected.
  • (If applicable) JSDoc comments have been added or updated for any package exports
  • (If applicable) Documentation has been updated

Type of change

  • 🐛 Bug fix
  • 🌟 New feature
  • 🔨 Breaking change
  • 📖 Refactoring / dependency upgrade / documentation
  • other:

@yourtallness yourtallness requested a review from a team as a code owner March 31, 2024 19:54
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Mar 31, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 65dbf19

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 14 packages
Name Type
@clerk/localizations Minor
@clerk/clerk-js Minor
@clerk/shared Minor
@clerk/types Minor
@clerk/chrome-extension Patch
@clerk/clerk-expo Patch
@clerk/backend Patch
@clerk/fastify Patch
@clerk/nextjs Patch
@clerk/clerk-react Patch
@clerk/remix Patch
@clerk/clerk-sdk-node Patch
gatsby-plugin-clerk Patch
@clerk/themes Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@yourtallness yourtallness marked this pull request as draft March 31, 2024 19:54
@yourtallness yourtallness force-pushed the yourtallness/hibp_on_sign_in_v4 branch 2 times, most recently from 7d6e4bd to d01a5d9 Compare April 1, 2024 10:01
@yourtallness yourtallness force-pushed the yourtallness/hibp_on_sign_in_v4 branch from d01a5d9 to 65dbf19 Compare April 1, 2024 10:11
@yourtallness yourtallness marked this pull request as ready for review April 1, 2024 10:17
panteliselef
panteliselef approved these changes Apr 1, 2024
View reviewed changes
Copy link
Member

@panteliselef panteliselef left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, could you update the description and mention which PR this is a backport of ?

@yourtallness
Copy link
Member Author

lgtm, could you update the description and mention which PR this is a backport of ?

Done

@yourtallness yourtallness merged commit b472643 into release/v4 Apr 1, 2024
6 checks passed
@yourtallness yourtallness deleted the yourtallness/hibp_on_sign_in_v4 branch April 1, 2024 10:45
@clerk-cookie clerk-cookie mentioned this pull request Mar 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@panteliselef panteliselef panteliselef approved these changes

Assignees
No one assigned
Labels
clerk-js localizations types
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@yourtallness @panteliselef @clerk-cookie