GDPR and auth tests #43

patte · 2018-05-16T18:12:04Z

consents for signin

graphiql

newUser on UnauthorizedSession

updateNewsletterSettings

graphiql

grant and revoke consents

… created

…ts user

…r subscriptions

…maybe because gdpr is based on totp not master)

…rs in bulk

tpreusse · 2018-05-18T23:11:45Z

servers/republik/graphql/resolvers/_mutations/updateNewsletterSubscription.js

  } = args

+  // email might be base64u
+  const email = _email && base64u.match(_email)


nope, always decoded on the client

…rSubscription

…rHasPledgeOrMembership

patte and others added 22 commits May 16, 2018 20:10

feat(consent): require consent to ENFORCE_POLICIES before a user gets…

dac3950

… created

feat(consent): save consent, cleanup naming, translations

ae1a59c

fix(consent): remove TOS from env example

e7c0852

feat(consent): updateNewsletterSubscriptions with hmac'ed email upser…

c422ced

…ts user

fix(newsletters): remove unused status from updateNewsletterSubscription

1d2cb94

fix(newsletters): don't auto-interest PROJECTR, don't loose newslette…

2c734da

…r subscriptions

fix(consent): normalize graphql schema

3f1921e

feat(auth): newUser on UnauthorizedSession

195af06

fix(travis): temp. add gdpr branch to travis (somehow doesn't build, …

82b0315

…maybe because gdpr is based on totp not master)

feat(newsletters): updateMailchimp script updates mailchimp subscribe…

671d748

…rs in bulk

feat(consent): add subscribe url in updateMailchimp script

407f9b1

fix(auth): Encode email in email token challenge in base64 and url-safe

8867073

fix(consent): make ip column optional in db

8ae3d43

feat(consent): add consents to submitPledge, honour in reclaimPledge

d6aabd9

Merge branch 'gdpr' of github.com:orbiting/backends into gdpr

4864f8e

test(auth): Fix passed payload to a series of 2FA tests

8772b96

fix(reclaimPledge): better error message if pledgeUser is verified

8687446

Merge branch 'gdpr' of github.com:orbiting/backends into gdpr

8bec57b

feat(auth): expose phrase on Session

4ae5946

feat(auth): supply consents on signIn mutation

5251bee

fix(newsletters): remove obsolete fixMailchimp script

9c41fa4

test(auth): Add initial series of 2fa authorizeSession tests

471ab9c

patrickvenetz force-pushed the gdpr branch from 784920c to 471ab9c Compare May 18, 2018 17:17

tpreusse mentioned this pull request May 18, 2018

Auth API & GDPR Updates orbiting/republik-frontend#107

Merged

patte and others added 6 commits May 18, 2018 21:40

fix(submitPledge): use transaction for consents actions

256eb98

Merge branch 'gdpr' of github.com:orbiting/backends into gdpr

f5f0a34

feat(republik): add script reconstructConsents

aa175c1

test(auth): Test checks if first sign in attempt can be claimed

57665ff

test(auth): Test checks if 2 factors need to be present to authorize

a9350f6

fix(auth): better translations

7a02ded

patrickvenetz and others added 10 commits May 18, 2018 23:31

test(auth): Rename to clearify

8d487ad

test(auth): Test if multiple 2fa challenge starts still succeed

e102532

fix(consents): honour frontend hmac format

5c57d91

Merge branch 'gdpr' of github.com:orbiting/backends into gdpr

9c604b3

test(auth): Update to __tests__/auth to restore previous sigature

aa00e9c

fix(consents): limit consents on updateNewsletterSubscription

bbd127a

Merge branch 'gdpr' of github.com:orbiting/backends into gdpr

59da23a

test(auth): Sign out to prevent session spilling into other tests

b5294c3

feat(consent): GRANT and REVOKE consents in an immutable fashion

64b0d63

Merge branch 'gdpr' of github.com:orbiting/backends into gdpr

88f8db9

patte changed the title ~~wip: gdpr~~ GDPR and auth tests May 18, 2018

tpreusse reviewed May 18, 2018

View reviewed changes

fix(republik): remove unnecessary base64u.decode from updateNewslette…

b2ed978

…rSubscription

patte temporarily deployed to republik-api-staging May 18, 2018 23:49 Inactive

patte temporarily deployed to republik-publikator-api-stage May 19, 2018 01:05 Inactive

fix(consent): normalize pledge detection, only set SUB_URL if not use…

cb12d0a

…rHasPledgeOrMembership

patte temporarily deployed to republik-api-staging May 19, 2018 01:18 Inactive

patte added 2 commits May 19, 2018 03:53

fix(newsletters): missing await

e8f5a58

fix(auth): newUser no user or user but not verified

fc0de81

patte temporarily deployed to republik-api-staging May 19, 2018 01:56 Inactive

fix(republik): enforceSubscriptions on reclaimPledge

da22c9e

patte had a problem deploying to republik-api-staging May 19, 2018 02:10 Failure

patte temporarily deployed to republik-api-staging May 19, 2018 02:13 Inactive

patte merged commit 1af4fdd into totp May 19, 2018

patte deleted the gdpr branch May 19, 2018 02:32

patte mentioned this pull request May 24, 2018

switch monthly -> yearly results in unsubscribe newsletters #27

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

GDPR and auth tests #43

GDPR and auth tests #43

Uh oh!

patte commented May 16, 2018 •

edited

Loading

Uh oh!

tpreusse May 18, 2018

Uh oh!

Uh oh!

GDPR and auth tests #43

GDPR and auth tests #43

Uh oh!

Conversation

patte commented May 16, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

consents for signin

newUser on UnauthorizedSession

updateNewsletterSettings

grant and revoke consents

Uh oh!

tpreusse May 18, 2018

Choose a reason for hiding this comment

Uh oh!

Uh oh!

patte commented May 16, 2018 •

edited

Loading