Commit Graph

443 Commits

Author SHA1 Message Date
Joe Previte 1134780b8b
refactor: make wsProxy async 2021-06-08 14:33:14 -07:00
Joe Previte 91303d4e40
refactor: make ensureAuthenticated async 2021-06-08 14:33:14 -07:00
Joe Previte 0cdbd33b46
refactor: make authenticated async everywhere
Since this checks if they are authenticated using the hash/password and it's
async, we need to update authenticated to be async, which means we have to
update it everywhere it's used.
2021-06-08 14:33:14 -07:00
Joe Previte fcc3f0d951
refactor: update login logic with new async hashing
This adds the proper await logic for the hashing of passwords.
2021-06-08 14:33:13 -07:00
Joe Previte 70197bb2a5
refactor: use argon2 instead of bcrypt
This uses argon2 instead of bcrypt.

Note: this means the hash functions are now async which means we have to
refactor a lot of other code around auth.
2021-06-08 14:33:13 -07:00
Joe Previte aaf044728f
refactor: add functions to check hash password 2021-06-08 14:33:12 -07:00
Joe Previte cac667317e
refactor: use bcrypt in hash function 2021-06-08 14:33:11 -07:00
Joe Previte 46fe77d464
chore: update CHANGELOG 2021-05-13 12:10:22 -07:00
Joe Previte d7f1415290
refactor: use paths.runtime in socket proxyPipe 2021-05-13 12:10:21 -07:00
Joe Previte a57ee69822
feat: add runtime to getEnvPaths 2021-05-13 12:10:21 -07:00
Asher a882be5748
Refactor integration tests to use main entry point 2021-05-05 12:24:41 -05:00
Asher 20e70cfa05
Remove try from main
All it does is log and exit which is what the caller will be doing on an
error anyway (see entry).
2021-05-05 12:24:36 -05:00
Asher c96fb65308
Split some entry methods into main
This is so they can be unit tested.
2021-05-05 12:24:35 -05:00
Asher 083400b50a
Add flag to enable permessage-deflate 2021-05-05 12:24:34 -05:00
Asher 92bf2c9760
Add dev mode constant 2021-05-05 10:16:01 -05:00
Asher a48ac5080b
Share common util code with VS Code
This lets us re-use the normalized base path so when we expire/clear the
cookie we use the same base path.
2021-05-04 13:29:40 -05:00
Asher 49c26f70f7
Add logout route 2021-05-04 13:29:39 -05:00
Asher e7a527514a
Add authed context key 2021-05-03 15:00:54 -05:00
Joe Previte cb65590b98
refactor: move tmpdir into src/node/constants 2021-04-23 14:35:32 -07:00
Asher b9c80b8520
Merge pull request #3178 from code-asher/connections
Minor connections refactor
2021-04-21 12:22:45 -05:00
Asher f0bafa387f
Move connection logic into connection class
- Moved everything I could into the class itself.
- Improve the logging situation a bit.
- Switch some trace logs to debug.
- Get debug port from message arguments.
2021-04-21 11:48:45 -05:00
Joe Previte f80d5c3764
refactor: rateLimiter.canTry logic to check >= 1 2021-04-19 13:14:19 -07:00
Joe Previte 7a5042176e
fix: update logic for removing token from limiter 2021-04-19 11:12:43 -07:00
Joe Previte a3f18d6158
refactor: change limiter.Try() to .removeToken() 2021-04-19 10:57:50 -07:00
Joe Previte d8e45057c7
refactor: update rateLimiter to check try
This changes adds a new method called `.canTry` to the rate limiter to check if
there are tokens remaining in the bucket.

It also adds suggestions from @oxy to make sure the user can brute force past
the rate limiter.
2021-04-19 10:40:59 -07:00
Joe Previte 08521077f0
refactor(login): move rate limiter after successful login
Before, we weren't checking if a login was successful before counting it
against the rate limiter.

With this change, we only count unsuccessful logins against the rate limiter.

We did this because this was a bug but also because it caused problems with our
e2e tests hitting the rate limit.
2021-04-19 10:40:59 -07:00
Joe Previte 4683d8a077
fix: update comment and export rateLimiter 2021-04-19 10:40:58 -07:00
Asher 101c2a01f1
Fix tsc watch restarting when it shouldn't
It seems reaching into lib/vscode for the types caused tsc to establish
watches that caused it to restart over and over while vscode was
building.

The strategy used here is to symlink it instead which is the same thing
we do for the proxy agent.
2021-04-01 10:58:56 -05:00
Joe Previte df6bfbbeaf
feat: bump ts-node to 9.1.1 2021-03-30 16:46:49 -07:00
Joe Previte e4db80667e
refactor: use stdio correctly in wrapper 2021-03-29 14:05:59 -07:00
Asher 18ace7b906
Don't send permessage-deflate header if not supported (#2993) 2021-03-29 12:59:36 -05:00
Joe Previte b04104cafe
Merge branch 'main' into jsjoeio/upgrade-vscode-1.54 2021-03-22 10:43:39 -07:00
dependabot[bot] a8e2ede4f5
chore(deps): bump js-yaml from 3.14.0 to 4.0.0 (#2920)
* chore(deps): bump js-yaml from 3.14.0 to 4.0.0

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.0 to 4.0.0.
- [Release notes](https://github.com/nodeca/js-yaml/releases)
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.14.0...4.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

* fix(src/node): replace yaml.safeLoad with load

Also update @types/yaml to ^4.0.0.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Akash Satheesan <akash@coder.com>
2021-03-18 16:30:10 -05:00
Joe Previte 071c8e15fc
Merge branch 'main' into jsjoeio/upgrade-vscode-1.54 2021-03-17 13:51:27 -07:00
repo-ranger[bot] 45a1713767
Merge pull request #2906 from bpmct/rename-cloud
rename references of "coder could"
2021-03-17 18:28:14 +00:00
Ben Potter a097713829
remove references of coder could 2021-03-16 22:59:30 -04:00
Joe Previte 0c2708302d
refactor: remove --home flag/feature
We are removing this because it was removed upstream in PR~115599.
2021-03-16 14:25:28 -07:00
Asher 964ebe8d0a
Replace fs-extra with fs.promises
Remove the Mac directory copy instead of refactoring it since we've had
this for a long time now and I think it's safe to assume that users
running code-server on Mac don't have the old directory anymore.
2021-03-16 12:51:08 -05:00
Asher 5a1f62a8fb
Support permessage-deflate web socket extension (#2846) 2021-03-10 13:14:24 -06:00
Asher 4d3d1b844d
Handle permessage-deflate on sockets
With this the extension host is working again.
2021-03-02 17:18:49 -06:00
Joe Previte b02d2fb3cc
feat: add cookie utils for e2e tests 2021-02-22 13:41:10 -07:00
Asher 2d8b785fb8
Fix health socket not getting client messages
Forgot to resume. Went ahead and did the same for the test plugin
although it only sends messages and doesn't receive any.
2021-02-16 15:01:46 -06:00
Asher 3fc556d4d5
Delegate authentication to plugins
Unfortunately since plugins can now override the root this is necessary
or just can't log in.
2021-02-12 16:50:23 -06:00
Asher 0abbc9789e
Allow plugins to register at the root
Unfortunately we have existing plugins with routes there which we cannot
move.
2021-02-12 15:19:26 -06:00
Asher 619934dc29
Authenticate plugin routes (#2720) 2021-02-12 14:56:39 -06:00
Justin Poehnelt 97c1399401
feat: use compression in express server (#2680) 2021-02-12 14:27:33 -06:00
Asher 8344e2062a
Merge pull request #2622 from cdr/plugin-additions 2021-02-10 16:45:00 -06:00
Asher e4e0ac43b0
Don't load plugins in tests
This can affect the test behavior and results.
2021-02-09 15:39:57 -06:00
Asher e098df0766
Fix code-server module not being provided in Jest 2021-02-09 15:23:08 -06:00
Asher 2879bd4c22
Add type alias for required modules 2021-02-09 13:09:41 -06:00