feat: mandatory password change on login + UI fixes

2019-08-24 22:19:35 -04:00
parent 38008f0460
commit d3e693ab46
40 changed files with 1468 additions and 1064 deletions
--- a/client/graph/admin/site/site-mutation-save-config.gql
+++ b/client/graph/admin/site/site-mutation-save-config.gql
@@ -11,6 +11,12 @@ mutation (
  $featurePageRatings: Boolean!
  $featurePageComments: Boolean!
  $featurePersonalWikis: Boolean!
+  $securityIframe: Boolean!
+  $securityReferrerPolicy: Boolean!
+  $securityHSTS: Boolean!
+  $securityHSTSDuration: Int!
+  $securityCSP: Boolean!
+  $securityCSPDirectives: String!
 ) {
  site {
    updateConfig(
@@ -25,7 +31,13 @@ mutation (
      logoIsSquare: $logoIsSquare,
      featurePageRatings: $featurePageRatings,
      featurePageComments: $featurePageComments,
-      featurePersonalWikis: $featurePersonalWikis
+      featurePersonalWikis: $featurePersonalWikis,
+      securityIframe: $securityIframe,
+      securityReferrerPolicy: $securityReferrerPolicy,
+      securityHSTS: $securityHSTS,
+      securityHSTSDuration: $securityHSTSDuration,
+      securityCSP: $securityCSP,
+      securityCSPDirectives: $securityCSPDirectives
    ) {
      responseResult {
        succeeded
--- a/client/graph/admin/site/site-query-config.gql
+++ b/client/graph/admin/site/site-query-config.gql
@@ -13,6 +13,12 @@
      featurePageRatings
      featurePageComments
      featurePersonalWikis
+      securityIframe
+      securityReferrerPolicy
+      securityHSTS
+      securityHSTSDuration
+      securityCSP
+      securityCSPDirectives
    }
  }
 }
--- a/client/graph/admin/users/users-query-single.gql
+++ b/client/graph/admin/users/users-query-single.gql
@@ -10,6 +10,8 @@ query ($id: Int!) {
      jobTitle
      timezone
      isSystem
+      isActive
+      isVerified
      createdAt
      updatedAt
      groups {
--- a/client/graph/login/login-mutation-changepassword.gql
+++ b/client/graph/login/login-mutation-changepassword.gql
@@ -0,0 +1,13 @@
+mutation($continuationToken: String!, $newPassword: String!) {
+  authentication {
+    loginChangePassword(continuationToken: $continuationToken, newPassword: $newPassword) {
+      responseResult {
+        succeeded
+        errorCode
+        slug
+        message
+      }
+      jwt
+    }
+  }
+}
--- a/client/graph/login/login-mutation-login.gql
+++ b/client/graph/login/login-mutation-login.gql
@@ -8,8 +8,9 @@ mutation($username: String!, $password: String!, $strategy: String!) {
        message
      }
      jwt
-      tfaRequired
-      tfaLoginToken
+      mustChangePwd
+      mustProvideTFA
+      continuationToken
    }
  }
 }
--- a/client/graph/login/login-mutation-tfa.gql
+++ b/client/graph/login/login-mutation-tfa.gql
@@ -1,12 +1,13 @@
-mutation($loginToken: String!, $securityCode: String!) {
+mutation($continuationToken: String!, $securityCode: String!) {
  authentication {
-    loginTFA(loginToken: $loginToken, securityCode: $securityCode) {
+    loginTFA(continuationToken: $continuationToken, securityCode: $securityCode) {
      responseResult {
        succeeded
        errorCode
        slug
        message
      }
+      jwt
    }
  }
 }