Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Que chille #121

Merged
merged 119 commits into from
Sep 22, 2024
Merged

Que chille #121

merged 119 commits into from
Sep 22, 2024

Conversation

TobiasMaciel
Copy link
Contributor

No description provided.

carlosferreyra and others added 30 commits August 25, 2024 18:27
@carlosferreyra
chore: Update Dockerfile to create volume mount point with read/write…
12288d4 
… access
@carlosferreyra
refactor: Add Excel file validation endpoint to ExcelViewSet
6f9176f
@carlosferreyra
refactor: Update Excel file validation logic and add JSON output
f941b29
@carlosferreyra
refactor: Update Excel file validation logic and add JSON output
4ab6558
@facundomelgarejo
feat: subpage ficha alumno
0209e50
@carlosferreyra
feat: Add @react-oauth/google package for Google OAuth2 login
6cbdc5b
@carlosferreyra
Merge branch 'dev' of https://github.com/Seminario-Integrador-2024/Ge…
bf3ee5f 
…stionTUP into dev
@carlosferreyra
feat: Add primary key to dni field in Alumno model
a17cbdb
@carlosferreyra
Add unique constraint for MateriaAlumno model on id_materia, id_alumn…
fdc0458 
…o, and anio fields
@facundomelgarejo
feat: connect back list alumnos
8d6ac25
@samuop
Merge branch 'TUP-24-Carga-de-documento-de-Sysacad-y-mostrar-los-mens…
603f0a1 
…ajes-de-error' into dev
@samuop
Merge branch 'dev' of https://github.com/Seminario-Integrador-2024/Ge…
e44a6a2 
…stionTUP into dev
@TobiasMaciel
feat: Se agrega el endpoint de los alumnos por materias
61ca7db
@facundomelgarejo
fix: mod table alumnos
49144fd
@carlosferreyra
refactor: Update Excel file validation logic and add JSON output
a533446
@samuop
Merge branch 'dev' of https://github.com/Seminario-Integrador-2024/Ge…
87fbd2e 
…stionTUP into dev
@carlosferreyra
refactor: Update root redirect URL to "api/swagger-ui/"
69fcb52
@carlosferreyra
Merge branch 'dev' into TUP-25-Procesamiento-de-documento-Sysacad
ae66550
@yoelmarain
feat: Add Excel file upload functionality to Sysacad page
13ac3b0
@yoelmarain
feat: Detalles
8341a97
@carlosferreyra
refactor: Update Excel file validation logic and add JSON output
b06e1ca
@carlosferreyra
refactor: Improve Excel file validation logic and add JSON output
13acdce
@carlosferreyra
refactor: Fix duplicate data insertion in load_excel function
eab82a3
@ulisespallares888
Campo cuil agregado a alumnos
e0bbfb7
@ulisespallares888
Campo cuil agregado a alumnos (#98)
eb27ba1
@facundomelgarejo
feat: create FichaAlumno, update routes and subpages
c3b5d4d
@facundomelgarejo
feat: connect endpoint alumnos/dni
23701f9
@facundomelgarejo
feat: connect endpoint alumnos/dni
158ed06
@yoelmarain
feat: Improve file upload functionality and error handling in Sysacad…
67f8c1c 
… page
@carlosferreyra
refactor: Remove alumno id field, alter alumno dni and legajo fields
8f89693 
This commit removes the "id" field from the Alumno model and alters the "dni" and "legajo" fields. The "id" field is no longer needed as it is automatically generated by Django. The "dni" field is now set as the primary key, and the "legajo" field is set as unique. These changes improve the data structure and integrity of the Alumno model.
yoelmarain and others added 26 commits September 10, 2024 10:52
@yoelmarain
feat: Update InformarPago component to handle file attachment and for…
2396834 
…m validation
@facundomelgarejo
Feat: Redireccionamiento ficha alumno
1273baa
@samuop
desconexion con el backend
b2d01fe
feat: Pagina de compromiso de pago
763885a
@MirandaAriano
feat: Pagina de compromiso de pago (#115)
026b6ad
@yoelmarain
Tup 56 pagina informar pago (#116)
32003de
@facundomelgarejo
fix: login conectado con nuevo back
dfa3701
@facundomelgarejo
fix: context nuevo back
2da436b
@facundomelgarejo
feat: Se agrego la tabla de estado cuenta en la Ficha Alumno
257e53d
@facundomelgarejo
fix: format
ee4b79e
@facundomelgarejo
fix: eliminacion importaciones sin usar
4ed00da
@facundomelgarejo
Merge remote-tracking branch 'origin/dev' into TUP-47-Crear-Ficha-de-…
82e76fe 
…Alumno
@facundomelgarejo
Tup 47 crear ficha de alumno (#119)
29c0464
fix: cambie de lugar "CompromisoDePago"
8b19da6
@MirandaAriano
fix: cambie de lugar "CompromisoDePago" (#120)
03351a4
@samuop
Merge branch 'dev' into TUP-63-Pagina-darse-de-baja
40095fe
@samuop
decodificando errores
38eea9f
@samuop
.
442fb6f
@samuop
Fix Excel
2bff2c4
@samuop
utimo FIX
4cc13d7
@samuop
Arreglos estéticos
be3582a
@TobiasMaciel
fix
9a431db
@TobiasMaciel
Merge branch 'dev' of https://github.com/Seminario-Integrador-2024/Ge…
9053a7e 
…stionTUP into dev
@facundomelgarejo
fix: Formato numero dni, separador de miles
50ec31c
@facundomelgarejo
fix: Se trae todos los alumnos, sin limite de registros
e7c007e
@TobiasMaciel
feat: Se agregan las materias a los alumnos
cec7ee5
@TobiasMaciel TobiasMaciel merged commit 50a6fa8 into main Sep 22, 2024
6 of 8 checks passed
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 22, 2024
View reviewed changes
FrontAdmin/src/API/Login.ts
Cookies.set('refresh_token', data.refresh);
Cookies.set('access_expiration', data.access_expiration);
Cookies.set('refresh_expiration', data.refresh_expiration);
Cookies.set('username', data.user.username);
Cookies.set('username', data.user.dni);

Check warning

Code scanning / CodeQL

Clear text transmission of sensitive cookie Medium

Sensitive cookie sent without enforcing SSL encryption.

Copilot Autofix AI 2 months ago

To fix the problem, we need to ensure that the username cookie, along with other cookies, is only transmitted over HTTPS. This can be achieved by setting the secure attribute when setting the cookies. Additionally, it is a good practice to set the httpOnly attribute to prevent client-side scripts from accessing the cookies, further enhancing security.

  • Modify the Cookies.set calls to include the secure and httpOnly attributes.
  • Ensure that all cookies set in the FetchLogin function are updated accordingly.
Suggested changeset 1
FrontAdmin/src/API/Login.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/FrontAdmin/src/API/Login.ts b/FrontAdmin/src/API/Login.ts
--- a/FrontAdmin/src/API/Login.ts
+++ b/FrontAdmin/src/API/Login.ts
@@ -17,7 +17,7 @@
       console.log(data);
-      Cookies.set('tokennn', data.access);
-      Cookies.set('refresh_token', data.refresh);
-      Cookies.set('access_expiration', data.access_expiration);
-      Cookies.set('refresh_expiration', data.refresh_expiration);
-      Cookies.set('username', data.user.dni);
+      Cookies.set('tokennn', data.access, { secure: true, httpOnly: true });
+      Cookies.set('refresh_token', data.refresh, { secure: true, httpOnly: true });
+      Cookies.set('access_expiration', data.access_expiration, { secure: true, httpOnly: true });
+      Cookies.set('refresh_expiration', data.refresh_expiration, { secure: true, httpOnly: true });
+      Cookies.set('username', data.user.dni, { secure: true, httpOnly: true });
       return data;
EOF
@@ -17,7 +17,7 @@
console.log(data);
Cookies.set('tokennn', data.access);
Cookies.set('refresh_token', data.refresh);
Cookies.set('access_expiration', data.access_expiration);
Cookies.set('refresh_expiration', data.refresh_expiration);
Cookies.set('username', data.user.dni);
Cookies.set('tokennn', data.access, { secure: true, httpOnly: true });
Cookies.set('refresh_token', data.refresh, { secure: true, httpOnly: true });
Cookies.set('access_expiration', data.access_expiration, { secure: true, httpOnly: true });
Cookies.set('refresh_expiration', data.refresh_expiration, { secure: true, httpOnly: true });
Cookies.set('username', data.user.dni, { secure: true, httpOnly: true });
return data;
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@TobiasMaciel @carlosferreyra @facundomelgarejo @samuop @yoelmarain @ulisespallares888 @MirandaAriano