## Description
This PR adds recaptcha on login form. One can add any one of three
recaptcha vendor -
1. Google Recaptcha -
https://developers.google.com/recaptcha/docs/v3#programmatically_invoke_the_challenge
2. HCaptcha -
https://docs.hcaptcha.com/invisible#programmatically-invoke-the-challenge
3. Turnstile -
https://developers.cloudflare.com/turnstile/get-started/client-side-rendering/#execution-modes
### Issue
- #3546
### Environment variables -
1. `CAPTCHA_DRIVER` - `google-recaptcha` | `hcaptcha` | `turnstile`
2. `CAPTCHA_SITE_KEY` - site key
3. `CAPTCHA_SECRET_KEY` - secret key
### Engineering choices
1. If some of the above env variable provided, then, backend generates
an error -
<img width="990" alt="image"
src="https://github.com/twentyhq/twenty/assets/60139930/9fb00fab-9261-4ff3-b23e-2c2e06f1bf89">
Please note that login/signup form will keep working as expected.
2. I'm using a Captcha guard that intercepts the request. If
"captchaToken" is present in the body and all env is set, then, the
captcha token is verified by backend through the service.
3. One can use this guard on any resolver to protect it by the captcha.
4. On frontend, two hooks `useGenerateCaptchaToken` and
`useInsertCaptchaScript` is created. `useInsertCaptchaScript` adds the
respective captcha JS script on frontend. `useGenerateCaptchaToken`
returns a function that one can use to trigger captcha token generation
programatically. This allows one to generate token keeping recaptcha
invisible.
### Note
This PR contains some changes in unrelated files like indentation,
spacing, inverted comma etc. I ran "yarn nx fmt:fix twenty-front" and
"yarn nx lint twenty-front -- --fix".
### Screenshots
<img width="869" alt="image"
src="https://github.com/twentyhq/twenty/assets/60139930/a75f5677-9b66-47f7-9730-4ec916073f8c">
---------
Co-authored-by: Félix Malfait <felix.malfait@gmail.com>
Co-authored-by: Charles Bochet <charles@twenty.com>
# This PR
- Moves dev and ci scripts to the `project.json` file in the
twenty-front package
- Adds a project.json file in the root of the project with the main
start command that start both twenty-server and twenty-front
applications concurrently
- Updates the script command of the root project with the start:prod
command (replacing the start command which will be used in dev with the
help of nx)
- Add a start:prod command in the twenty-front app, replacing the start
command (now used for dev purpose)
Issue ref #4645
@charlesBochet @FelixMalfait please let me know how can I improve it
---------
Co-authored-by: Thaïs Guigon <guigon.thais@gmail.com>
In the previous PR #4912 it seems that I forgot to pass the environment
on the backend.
Here is a quick fix!
I also added some "doc" in the the .env.example
Having 2 different dev setups caused confusion, let's remove the Docker
local setup and recommend people install yarn locally.
Also simplified some docs by merging pages together, the recommend
self-hosting option is now the docker-compose / to adapt the
docker-compose.
* feat: add one liner
* fix: interactive issue & add support for both linux & mac
* feat: move quick start documentation
* feat: catch errors
* feat: check if directory exists
* feat: default to yes for prompt
* feat: open in browser
* fix: format
* feat: do not expose STORAGE_LOCAL_PATH env but handle the case where it would be set
* fix: db reset command wasn't working out of the box
* Update install.sh
Co-authored-by: Darek Desu <4459421+darekdesu@users.noreply.github.com>
* feat: harden the whole UX with one-liner
* fix: small logical order adjustment
* Update packages/twenty-docs/docs/start/self-hosting/docker-compose.mdx
---------
Co-authored-by: Darek Desu <4459421+darekdesu@users.noreply.github.com>
Co-authored-by: Félix Malfait <felix.malfait@gmail.com>
* feat: merge front and server dockerfiles and optimize build
* fix: update image label
* fix: bring back support for REACT_APP_SERVER_BASE_URL injection at runtime
* fix: remove old entries & add nx cache in dockerignore
* feat: generate frontend config at runtime using Nest
* fix: format and filename
* feat: use the EnvironmentService and leave default blank
* feat: add support for DB migrations
* update example docker-compose to bitnami postgres path
* leave a note that Postgres needs configuration
* Revert example docker-compose
* Edit text
---------
Co-authored-by: Félix Malfait <felix.malfait@gmail.com>
* Added info about reverse-proxy and SERVER_URL to docs
* Fixed comments
* Fix lint
---------
Co-authored-by: Maciej Siwek <maciej.siwek@resly.se>
Co-authored-by: Lucas Bordeau <bordeau.lucas@gmail.com>
* calendar module
* wip
* creating a folder for common files between calendar and messages
* wip
* wip
* wip
* wip
* update calendar search filter
* wip
* working on full sync service
* reorganizing folders
* adding repositories
* fix typo
* working on full-sync service
* Add calendarQueue to MessageQueue enum and update dependencies
* start transaction
* wip
* add save and update functions for event
* wip
* save events
* improving step by step
* add calendar scope
* fix nest modules imports
* renaming
* create calendar channel
* create job for google calendar full-sync
* call GoogleCalendarFullSyncJob after connected account creation
* ask for scope conditionnally
* fixes
* create channels conditionnally
* fix
* fixes
* fix FK bug
* filter out canceled events
* create save and update functions for calendarEventAttendee repository
* saving messageParticipants is working
* save calendarEventAttendees is working
* add calendarEvent cleaner
* calendar event cleaner is working
* working on updating attendees
* wip
* reintroducing google-gmail endpoint to ensure smooth deploy
* modify callbackURL
* modify front url
* changes to be able to merge
* put back feature flag
* fixes after PR comments
* add feature flag check
* remove unused modules
* separate delete connected account associated job data in two jobs
* fix error
* rename calendar_v3 as calendarV3
* Update packages/twenty-server/src/workspace/calendar-and-messaging/utils/valueStringForBatchRawQuery.util.ts
Co-authored-by: Jérémy M <jeremy.magrin@gmail.com>
* improve readability
* renaming to remove plural
* renaming to remove plural
* don't throw if no connected account is found
* use calendar queue
* modify usage of HttpService in fetch-by-batch
* modify valuesStringForBatchRawQuery to improve api and return flattened values
* fix auth module feature flag import
* fix getFlattenedValuesAndValuesStringForBatchRawQuery
---------
Co-authored-by: Jérémy M <jeremy.magrin@gmail.com>
* Update .env.example
this .env file will now work with the docker-compose example provided.
* Update .env.example
* Update doc and reset env example
---------
Co-authored-by: Thomas Trompette <thomast@twenty.com>
* Add rate limiting in the server using built in Nest.js capability
* Generatekey based on ip address when an http request is sent
* Update env var types to number for ttl and limit
* Remove unused env variables
* Use getRequest utility function
* fix: remove dist from path
* fix: adding .env variables
* fix: remove unused functions
* feat: throttler plugin
* Fix according to review
---------
Co-authored-by: Jérémy Magrin <jeremy.magrin@gmail.com>
Co-authored-by: Charles Bochet <charles@twenty.com>
* feat(signup): allow to block signup
* feat(signup): update environment variable documentation
* test: update auth service tests
* feat(signup): prevent user from reaching out the sign up page
* Fix lint
* Fixes
---------
Co-authored-by: Charles Bochet <charles@twenty.com>
