Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-17 00:40:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
LibreChat/api/server/middleware
History
Marco Beretta 5452d4c20c
🔒 feat: password reset disable option; fix: account email error message (#2327) 
* feat: password reset  disable option; fix: account email leak

* fix(LoginSpec): typo

* test: fixed LoginForm test

* fix: disable password reset when undefined

* refactor: use a helper function

* fix: tests

* feat: Remove unused error message in password reset process

* chore: Update password reset email message

* refactor: only allow password reset if explicitly allowed

* feat: Add password reset email service configuration check

The code changes in `checks.js` add a new function `checkPasswordReset()` that checks if the email service is configured when password reset is enabled. If the email service is not configured, a warning message is logged. This change ensures secure password reset functionality by prompting the user to configure the email service.

Co-authored-by: Berry-13 <root@Berry>
Co-authored-by: Danny Avila <messagedaniel@protonmail.com>
Co-authored-by: Danny Avila <danny@librechat.ai>

* chore: remove import order rules

* refactor: simplify password reset logic and align against Observable Response Discrepancy

* chore: make password reset warning more prominent

* chore(AuthService): better logging for password resets, refactor requestPasswordReset to use req object, fix sendEmail error when email config is not present

* refactor: fix styling of password reset email message

* chore: add missing type for passwordResetEnabled, TStartupConfig

* fix(LoginForm): prevent login form flickering

* fix(ci): Update login form to use mocked startupConfig for rendering correctly

* refactor: Improve password reset UI, applies DRY

* chore: Add logging to password reset validation middleware

* chore(CONTRIBUTING): Update import order conventions

---------

Co-authored-by: Danny Avila <danny@librechat.ai>
Co-authored-by: Berry-13 <root@Berry>
Co-authored-by: Danny Avila <messagedaniel@protonmail.com>
2024-06-06 11:39:36 -04:00
..
assistants 🤖 feat: Private Assistants (#2881) 2024-05-28 08:27:45 -04:00
speech 🔉 feat: TTS/STT rate limiters (#2925) 2024-05-30 18:39:21 -04:00
abortControllers.js feat(GPT/Anthropic): Continue Regenerating & Generation Buttons (#808) 2023-08-17 12:50:05 -04:00
abortMiddleware.js 🤖 feat: OpenAI Assistants v2 (initial support) (#2781) 2024-05-19 12:56:55 -04:00
abortRun.js 🚀 refactor: Enhance Custom Endpoints, Message Logic, and Payload Handling (#2895) 2024-05-28 14:52:12 -04:00
buildEndpointOption.js 🤖 feat: OpenAI Assistants v2 (initial support) (#2781) 2024-05-19 12:56:55 -04:00
canDeleteAccount.js 🚫👤feat: delete user from UI (#1526) 2024-06-05 19:35:12 -04:00
checkBan.js ⏯️ fix(tts): Resolve Voice Selection and Manual Playback Issues (#2845) 2024-05-23 16:27:36 -04:00
checkDomainAllowed.js 🛂 feat(oauth): add domain restriction on social login (#2512) 2024-04-24 12:14:27 -04:00
concurrentLimiter.js feat(api): initial Redis support; fix(SearchBar): proper debounce (#1039) 2023-10-11 17:05:47 -04:00
denyRequest.js feat: Assistants API, General File Support, Side Panel, File Explorer (#1696) 2024-02-13 20:42:27 -05:00
enforceModelSpec.js 👮 fix(enforceModelSpec): handle nested objects (#2681) 2024-05-12 18:20:53 -04:00
enforceModelSpec.spec.js 👮 fix(enforceModelSpec): handle nested objects (#2681) 2024-05-12 18:20:53 -04:00
importLimiters.js 📥 feat: Import Conversations from LibreChat, ChatGPT, Chatbot UI (#2355) 2024-05-02 02:48:26 -04:00
index.js 🔒 feat: password reset disable option; fix: account email error message (#2327) 2024-06-06 11:39:36 -04:00
loginLimiter.js feat: Message Rate Limiters, Violation Logging, & Ban System 🔨 (#903) 2023-09-13 10:57:07 -04:00
messageLimiters.js feat: Message Rate Limiters, Violation Logging, & Ban System 🔨 (#903) 2023-09-13 10:57:07 -04:00
moderateText.js 🧑‍💻 refactor: Display Client-facing Errors (#2476) 2024-04-21 08:31:54 -04:00
noIndex.js 🚫🔍 feat: disallow search indexing (#1409) 2023-12-29 20:42:04 -05:00
registerLimiter.js feat: Message Rate Limiters, Violation Logging, & Ban System 🔨 (#903) 2023-09-13 10:57:07 -04:00
requireJwtAuth.js feat(GPT/Anthropic): Continue Regenerating & Generation Buttons (#808) 2023-08-17 12:50:05 -04:00
requireLdapAuth.js 🔒 feature(auth): LDAP Authentication (#2859) 2024-05-29 17:46:20 -04:00
requireLocalAuth.js feat(GPT/Anthropic): Continue Regenerating & Generation Buttons (#808) 2023-08-17 12:50:05 -04:00
setHeaders.js feat(GPT/Anthropic): Continue Regenerating & Generation Buttons (#808) 2023-08-17 12:50:05 -04:00
uaParser.js feat: Message Rate Limiters, Violation Logging, & Ban System 🔨 (#903) 2023-09-13 10:57:07 -04:00
uploadLimiters.js 🛡️ feat: Model Validation Middleware (#1841) 2024-02-19 22:47:39 -05:00
validateEndpoint.js 💫 feat: Config File & Custom Endpoints (#1474) 2024-01-03 09:22:48 -05:00
validateImageRequest.js 🔓 refactor: Make Image URL Security Optional (#2415) 2024-04-14 19:34:13 -04:00
validateMessageReq.js feat: Edit AI Messages, Edit Messages in Place (#825) 2023-08-22 18:44:59 -04:00
validateModel.js 🤖 feat(Anthropic): Claude 3 & Vision Support (#1984) 2024-03-06 00:04:52 -05:00
validatePasswordReset.js 🔒 feat: password reset disable option; fix: account email error message (#2327) 2024-06-06 11:39:36 -04:00
validateRegistration.js 🔒 feat: password reset disable option; fix: account email error message (#2327) 2024-06-06 11:39:36 -04:00