Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Require mfa code to change email #10354

Merged
merged 2 commits into from
Aug 15, 2024
Merged

Conversation

tomi
Copy link
Contributor

@tomi tomi commented Aug 12, 2024

Summary

Continuation of #10345.

Require MFA code when changing email address if MFA is enabled.

Kapture.2024-08-12.at.14.54.35.mp4

Related Linear tickets, Github issues, and Community forum posts

SEC-67

Review / Merge checklist

  • PR title and summary are descriptive. (conventions)
  • Docs updated or follow-up ticket created.
  • Tests included.
  • PR Labeled with release/backport (if the PR is an urgent fix that needs to be backported)

@n8n-assistant n8n-assistant bot added core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team ui Enhancement in /editor-ui or /design-system labels Aug 12, 2024
@tomi tomi force-pushed the fix-require-mfa-code-for-disabling-mfa branch 4 times, most recently from d8f198c to d92431f Compare August 13, 2024 12:23
Base automatically changed from fix-require-mfa-code-for-disabling-mfa to master August 13, 2024 12:56
Continuation of #10345.

Require MFA code when changing email address if MFA is enabled.
@tomi tomi force-pushed the fix-require-mfa-code-to-change-email branch from bd2fccd to ccc3050 Compare August 14, 2024 06:31
@@ -7,8 +7,10 @@ export interface MfaModalClosedEventPayload {
}

export interface MfaModalEvents {
/** Command to request closing of the modal */
close: MfaModalClosedEventPayload | undefined;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this instead be close: MfaModalClosedEventPayload, and mfaCode instead be ?: string ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wanted to make a clear distinction between when the value is coming from the MFA modal and when from the "plumbing" (i.e. the Modal base). undefined means the user closed the modal (handled by Modal), a value means PromptMfaCodeModal closed the modal.

Copy link

cypress bot commented Aug 14, 2024



Test summary

401 0 0 0Flakiness 0


Run details

Project n8n
Status Passed
Commit 84142ec
Started Aug 14, 2024 2:43 PM
Ended Aug 14, 2024 2:48 PM
Duration 04:48 💡
OS Linux Debian -
Browser Electron 118

View run in Cypress Cloud ➡️


This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Cloud

Copy link
Contributor

✅ All Cypress E2E specs passed

@tomi tomi merged commit 39c8e50 into master Aug 15, 2024
30 checks passed
@tomi tomi deleted the fix-require-mfa-code-to-change-email branch August 15, 2024 07:36
MiloradFilipovic added a commit that referenced this pull request Aug 15, 2024
* master: (22 commits)
  refactor(editor): Type node view event bus (no-changelog) (#10396)
  refactor: Update to license SDK v2.13.1 to address dependency updates (#10422)
  refactor(core): Simplify Redis client types (no-changelog) (#10397)
  fix: Project Viewer always seeing a connection error when testing credentials (#10417)
  fix(editor): Fix incorrect node type version selection on new canvas (no-changelog) (#10412)
  fix(core): Fix payload property in `workflow-post-execute` event (#10413)
  fix: Require mfa code to change email (#10354)
  ci: Remove hard-coded package version in unit tests (no-changelog) (#10414)
  refactor(editor): Remove deleted event name from UI (#10402)
  🚀 Release 1.55.0 (#10411)
  fix: Add better error handling for chat errors (#10408)
  ci: Trigger Docker releases on tag creation instead of release publishing (no-changelog) (#10409)
  fix(AI Agent Node): Fix issues with some tools not populating (#10406)
  feat(AI Transform Node): Telemetry (no-changelog) (#10398)
  feat(AI Transform Node): New node (#10405)
  feat: Add Ask assistant behind feature flag (#9995)
  refactor(editor): Use form event bus everywhere (no-changelog) (#10394)
  fix: Remove node AI Transform node (no-changelog) (#10400)
  fix(editor): Remove `@n8n/permissions` from `n8n-workflow` (no-changelog) (#10399)
  refactor(core): Make new configs consistent (no-changelog) (#10393)
  ...
netroy added a commit to netroy/n8n that referenced this pull request Aug 21, 2024
#
[1.56.0](https://github.com/netroy/n8n/compare/[email protected]@1.56.0)
(2024-08-20)


### Bug Fixes

* Better errors in Switch, If and Filter nodes
([n8n-io#10457](https://github.com/netroy/n8n/issues/10457))
([aea82cb](aea82cb))
* **core:** Fix payload property in `workflow-post-execute` event
([n8n-io#10413](https://github.com/netroy/n8n/issues/10413))
([d98e29e](d98e29e))
* **core:** Fix XSS validation and separate URL validation
([n8n-io#10424](https://github.com/netroy/n8n/issues/10424))
([91467ab](91467ab))
* **core:** Use explicit types in configs to ensure valid decorator
metadata ([n8n-io#10433](https://github.com/netroy/n8n/issues/10433))
([2043daa](2043daa))
* **editor:** Add workflow scopes when initializing workflow
([n8n-io#10455](https://github.com/netroy/n8n/issues/10455))
([b857c2c](b857c2c))
* **editor:** Buffer json chunks in stream response
([n8n-io#10439](https://github.com/netroy/n8n/issues/10439))
([37797f3](37797f3))
* **editor:** Fix flaky mapping tests
([n8n-io#10453](https://github.com/netroy/n8n/issues/10453))
([fc6d413](fc6d413))
* **editor:** Highlight matching type in filter component
([n8n-io#10425](https://github.com/netroy/n8n/issues/10425))
([6bca879](6bca879))
* **editor:** Show item count in output panel schema view
([n8n-io#10426](https://github.com/netroy/n8n/issues/10426))
([4dee7cc](4dee7cc))
* **editor:** Truncate long data pill labels in schema view
([n8n-io#10427](https://github.com/netroy/n8n/issues/10427))
([1bf2f4f](1bf2f4f))
* Filter component - improve errors
([n8n-io#10456](https://github.com/netroy/n8n/issues/10456))
([61ac0c7](61ac0c7))
* **Google Sheets Node:** Better error when column to match on is empty
([n8n-io#10442](https://github.com/netroy/n8n/issues/10442))
([ce46bf5](ce46bf5))
* **Google Sheets Node:** Update name and hint for useAppend option
([n8n-io#10443](https://github.com/netroy/n8n/issues/10443))
([c5a0c04](c5a0c04))
* **Google Sheets Node:** Update to returnAllMatches option
([n8n-io#10440](https://github.com/netroy/n8n/issues/10440))
([f7fb02e](f7fb02e))
* **Invoice Ninja Node:** Fix payment types
([n8n-io#10462](https://github.com/netroy/n8n/issues/10462))
([129245d](129245d))
* **n8n Form Trigger Node:** Show basic authentication modal on wrong
credentials ([n8n-io#10423](https://github.com/netroy/n8n/issues/10423))
([0dc3e99](0dc3e99))
* **OpenAI Node:** Throw node operations error in case of openAi client
error ([n8n-io#10448](https://github.com/netroy/n8n/issues/10448))
([0d3ed46](0d3ed46))
* Project Viewer always seeing a connection error when testing
credentials ([n8n-io#10417](https://github.com/netroy/n8n/issues/10417))
([613cdd2](613cdd2))
* Remove unimplemented Postgres credentials options
([n8n-io#10461](https://github.com/netroy/n8n/issues/10461))
([17ac784](17ac784))
* Require mfa code to change email
([n8n-io#10354](https://github.com/netroy/n8n/issues/10354))
([39c8e50](39c8e50))
* **Respond to Webhook Node:** Fix issue preventing the chat trigger
from working ([n8n-io#9886](https://github.com/netroy/n8n/issues/9886))
([9d6ad88](9d6ad88))
* Show input names when node has multiple inputs
([n8n-io#10434](https://github.com/netroy/n8n/issues/10434))
([973956c](973956c))


### Features

* **core:** Support bidirectional communication between specific mains
and specific workers
([n8n-io#10377](https://github.com/netroy/n8n/issues/10377))
([d0fc9de](d0fc9de))
* **Facebook Graph API Node:** Update node to support API v18 - v20
([n8n-io#10419](https://github.com/netroy/n8n/issues/10419))
([e7ee10f](e7ee10f))

Co-authored-by: netroy <[email protected]>
@github-actions github-actions bot mentioned this pull request Aug 21, 2024
@janober
Copy link
Member

janober commented Aug 21, 2024

Got released with [email protected]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team Released ui Enhancement in /editor-ui or /design-system
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants