* Add Discord Provider Prototype
* Add Discord Logo
* Add Plugin to Plugin Manager
* fixed discord auth support and added icon
* add csv role verification
* grab discord server icon and test server id and roles
* subdomain derived from server name
* use discord server specific nickname if available
* Cleanup and comment
* move discord api types to dev deps
* cleanup of server vs default params
* remove commented out lines
* revert envv.development
* revert in vscode
* update yarn lock
* add gif support for discord server icon
* add comment with docs link
* add env section for discord
* fix errors and clarify env
* add new cannot use without
* fix suggestions
* Separate environment configs
* wip
* wip
* test
* plugins
* test
* test
* .sequelizerc, unfortunately can't go through /utils/environment due to not supporting TS
* docker-compose -> docker compose
* fix: .local wipes .development
* Add custom validation message for invalid SECRET_KEY (often confused)
* feat: Put request rate limit at application server
This PR contains implementation for a blanket rate limiter at
application server level. Currently the allowed throughput is set high
only to be changed later as per the actual data gathered.
* Simplify implementation
1. Remove shutdown handler to purge rate limiter keys
2. Have separate keys for default and custom(route-based) rate limiters
3. Do not kill default rate limiter because it is not needed anymore due
to (2) above
* Set 60s as default for rate limiting window
* Fix env types
Fixes#3412
Previously the only way to restrict the domains for a Team were with the ALLOWED_DOMAINS environment variable for self hosted instances.
This PR migrates this to be a database backed setting on the Team object. This is done through the creation of a TeamDomain model that is associated with the Team and contains the domain name
This settings is updated on the Security Tab. Here domains can be added or removed from the Team.
On the server side, we take the code paths that previously were using ALLOWED_DOMAINS and switched them to use the Team allowed domains instead
* feat: Normalize logging
* Remove scattered console.error + Sentry.captureException
* Remove mention of debug
* cleanup dev output
* Edge cases, docs
* Refactor: Move logger, metrics, sentry under 'logging' folder.
Trying to reduce the amount of things under generic 'utils'
* cleanup, last few console calls
Updated the description of the SECRET_KEY variable in the .env.sample
file to clarify that the key needs to be 32 bytes long and hex-encoded.
The previous description of "32 character hexadecimal" was confusing
as it left open the possibility of a hex-encoded 16-byte key.
* fix: Add application/octet-stream as a valid mimetype for docx uploads
* fix: Include application/octet-stream in frontend filter
fix: Add file size and file type guards
* Validate .docx extension in files with application/octet-stream mimetype
* refactor: Move MAXIMUM_IMPORT_SIZE to an optional environment config
fix: Add file size check on server too
Co-authored-by: Saumya Pandey <sp160899@gmail.com>
* fix: Enforce single team when self hosting
* test: positive case
* refactor
* fix: Visible error message on login screen for max teams scenario
* Update Notices.js
* lint
