## Description
This PR adds recaptcha on login form. One can add any one of three
recaptcha vendor -
1. Google Recaptcha -
https://developers.google.com/recaptcha/docs/v3#programmatically_invoke_the_challenge
2. HCaptcha -
https://docs.hcaptcha.com/invisible#programmatically-invoke-the-challenge
3. Turnstile -
https://developers.cloudflare.com/turnstile/get-started/client-side-rendering/#execution-modes
### Issue
- #3546
### Environment variables -
1. `CAPTCHA_DRIVER` - `google-recaptcha` | `hcaptcha` | `turnstile`
2. `CAPTCHA_SITE_KEY` - site key
3. `CAPTCHA_SECRET_KEY` - secret key
### Engineering choices
1. If some of the above env variable provided, then, backend generates
an error -
<img width="990" alt="image"
src="https://github.com/twentyhq/twenty/assets/60139930/9fb00fab-9261-4ff3-b23e-2c2e06f1bf89">
Please note that login/signup form will keep working as expected.
2. I'm using a Captcha guard that intercepts the request. If
"captchaToken" is present in the body and all env is set, then, the
captcha token is verified by backend through the service.
3. One can use this guard on any resolver to protect it by the captcha.
4. On frontend, two hooks `useGenerateCaptchaToken` and
`useInsertCaptchaScript` is created. `useInsertCaptchaScript` adds the
respective captcha JS script on frontend. `useGenerateCaptchaToken`
returns a function that one can use to trigger captcha token generation
programatically. This allows one to generate token keeping recaptcha
invisible.
### Note
This PR contains some changes in unrelated files like indentation,
spacing, inverted comma etc. I ran "yarn nx fmt:fix twenty-front" and
"yarn nx lint twenty-front -- --fix".
### Screenshots
<img width="869" alt="image"
src="https://github.com/twentyhq/twenty/assets/60139930/a75f5677-9b66-47f7-9730-4ec916073f8c">
---------
Co-authored-by: Félix Malfait <felix.malfait@gmail.com>
Co-authored-by: Charles Bochet <charles@twenty.com>
Previously we had to create a separate API key to give access to chrome
extension so we can make calls to the DB. This PR includes logic to
initiate a oauth flow with PKCE method which redirects to the
`Authorise` screen to give access to server tokens.
Implemented in this PR-
1. make `redirectUrl` a non-nullable parameter
2. Add `NODE_ENV` to environment variable service
3. new env variable `CHROME_EXTENSION_REDIRECT_URL` on server side
4. strict checks for redirectUrl
5. try catch blocks on utils db query methods
6. refactor Apollo Client to handle `unauthorized` condition
7. input field to enter server url (for self-hosting)
8. state to show user if its already connected
9. show error if oauth flow is cancelled by user
Follow up PR -
Renew token logic
---------
Co-authored-by: Félix Malfait <felix@twenty.com>
In the previous PR #4912 it seems that I forgot to pass the environment
on the backend.
Here is a quick fix!
I also added some "doc" in the the .env.example
* calendar module
* wip
* creating a folder for common files between calendar and messages
* wip
* wip
* wip
* wip
* update calendar search filter
* wip
* working on full sync service
* reorganizing folders
* adding repositories
* fix typo
* working on full-sync service
* Add calendarQueue to MessageQueue enum and update dependencies
* start transaction
* wip
* add save and update functions for event
* wip
* save events
* improving step by step
* add calendar scope
* fix nest modules imports
* renaming
* create calendar channel
* create job for google calendar full-sync
* call GoogleCalendarFullSyncJob after connected account creation
* ask for scope conditionnally
* fixes
* create channels conditionnally
* fix
* fixes
* fix FK bug
* filter out canceled events
* create save and update functions for calendarEventAttendee repository
* saving messageParticipants is working
* save calendarEventAttendees is working
* add calendarEvent cleaner
* calendar event cleaner is working
* working on updating attendees
* wip
* reintroducing google-gmail endpoint to ensure smooth deploy
* modify callbackURL
* modify front url
* changes to be able to merge
* put back feature flag
* fixes after PR comments
* add feature flag check
* remove unused modules
* separate delete connected account associated job data in two jobs
* fix error
* rename calendar_v3 as calendarV3
* Update packages/twenty-server/src/workspace/calendar-and-messaging/utils/valueStringForBatchRawQuery.util.ts
Co-authored-by: Jérémy M <jeremy.magrin@gmail.com>
* improve readability
* renaming to remove plural
* renaming to remove plural
* don't throw if no connected account is found
* use calendar queue
* modify usage of HttpService in fetch-by-batch
* modify valuesStringForBatchRawQuery to improve api and return flattened values
* fix auth module feature flag import
* fix getFlattenedValuesAndValuesStringForBatchRawQuery
---------
Co-authored-by: Jérémy M <jeremy.magrin@gmail.com>
* Update .env.example
this .env file will now work with the docker-compose example provided.
* Update .env.example
* Update doc and reset env example
---------
Co-authored-by: Thomas Trompette <thomast@twenty.com>
* Add rate limiting in the server using built in Nest.js capability
* Generatekey based on ip address when an http request is sent
* Update env var types to number for ttl and limit
* Remove unused env variables
* Use getRequest utility function
* fix: remove dist from path
* fix: adding .env variables
* fix: remove unused functions
* feat: throttler plugin
* Fix according to review
---------
Co-authored-by: Jérémy Magrin <jeremy.magrin@gmail.com>
Co-authored-by: Charles Bochet <charles@twenty.com>
* feat(signup): allow to block signup
* feat(signup): update environment variable documentation
* test: update auth service tests
* feat(signup): prevent user from reaching out the sign up page
* Fix lint
* Fixes
---------
Co-authored-by: Charles Bochet <charles@twenty.com>
* feat: redirect to Plan Required page if subscription status is not active
Closes#2934
* feat: navigate to Plan Required in PageChangeEffect
* feat: add Twenty logo to Plan Required modal
* test: add Storybook story
* Fix lint
---------
Co-authored-by: Charles Bochet <charles@twenty.com>
