gristlabs_grist-core

Commit Graph

Author	SHA1	Message	Date
George Gevoian	f74002fe32	(core) Handle old Grist sessions in MFAConfig Summary: Grist sessions created pre-MFA do not store access or refresh tokens, which means that MFA status from Cognito can't be loaded without requiring re-authentication. MFAConfig handles this by requiring security verification as usual, and checking if it needs to reload MFA status on success. If it does, it'll close the 2FA setup dialog and reload, which should show the correct 2FA configuration status and buttons. Test Plan: Updated existing tests. Reviewers: paulfitz Reviewed By: paulfitz Differential Revision: https://phab.getgrist.com/D3231	3 years ago
George Gevoian	3289fe330f	(core) Update aws-sdk Summary: Bumps aws-sdk to the latest version of v2. Updates CognitoClient to use fake AWS credentials with service provider. While none of our calls currently require real credentials, we still need to send fake credentials with certain calls, such as AssociateSoftwareToken, to avoid getting errors back from AWS about missing credentials. Fixes some CSS and alignment issues with the authentication method tile buttons in MFAConfig. Test Plan: Existing Cognito tests. Manually tested login and 2FA setup still work. Reviewers: dsagal Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3228	3 years ago
George Gevoian	db7d1802ce	(core) Clarify phone message only supports U.S. numbers Summary: Adds a mention of phone message (SMS) verification currently only supporting U.S. phone numbers, and updates CognitoClient to return an error when a non-U.S. number is submitted to register_sms/. Test Plan: Server test. Reviewers: alexmojaki Reviewed By: alexmojaki Differential Revision: https://phab.getgrist.com/D3227	3 years ago
George Gevoian	0d005eb78d	(core) Enable MFA configuration (and add SMS) Summary: Enables configuration of multi-factor authentication from the account page (for users who sign in with email/password), and adds SMS as an authentication method. Test Plan: Project, browser and server tests. Reviewers: paulfitz Reviewed By: paulfitz Differential Revision: https://phab.getgrist.com/D3215	3 years ago
George Gevoian	ba6ecc5e9e	(core) Move user profile to new page and begin MFA work Summary: The user profile dialog is now a separate page, in preparation for upcoming work to enable MFA. This commit also contains some MFA changes, but the UI is currently disabled and the implementation is limited to software tokens (TOTP) only. Test Plan: Updated browser tests for new profile page. Tests for MFAConfig and CognitoClient will be added in a later diff, once the UI is enabled. Reviewers: paulfitz Reviewed By: paulfitz Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3199	3 years ago

5 Commits (dbde9e459cbaa15e6f829840b10b10ff16c6d39f)