This document contains my major contributions to zulip as part of GSoC work which is a combination of several small and medium sized projects. This only lists the major projects but not the few minor yet valuable enhancements and bug fixes that got merged into Zulip's codebase. All of them can be found in commits and Pull requests made by me. My weekly checkins at chat.zulip.org are also great to view my work.
Integrated Sign in with Apple authentication. The work on this was started before GSoC but most of the valuable work was done during early GSoC period. This was a collaboration with my mentor Mateusz Mandera where most of the work on native flow was by him. Working on this was a great learning experience. It had me look into the internals of python-social-auth and gave a better understanding of authentication flow in general.
This required us to override several python-social-auth functions of apple auth class since Apple sent the user details as a POST request which caused variables like state token stored in the session to be cleared. This was handled by storing those fields in redis. These are the two major commits on Sign in with Apple: dc90d54, d308c12 and PRs #15274, #14237. There were also a few enhancements and bug fixes made after those were merged and can be found with https://github.com/zulip/zulip/pulls?q=is%3Apr+author%3Achdinesh1089+apple
Added a separate logger for authentication backends to make it easier to spot auth logs. Along with this change, assertLogs
was introduced to zulip's authentication tests to check that certain logging calls have been made. It was previously handled by mocking the logger generating logs.
Link to PR: zulip/zulip#15183
Moved the realm domains table to the settings page which was a modal that appears when an admin chooses to restrict user based on email domain previously. This was done as a prerequisite to restrict certain domains to require or not require invitation to join the organization. To avoid any confusion that occurs on adding this field, I moved the domains table to the settings page leaving no room for any confusion that could occur from having an invite required field.
Link to PR: zulip/zulip#15129 (not merged)
PR that adds invite required feature: zulip/zulip#14636 (not merged, was done before GSoC started)
When there was some configuration error with authentication backends, users were redirected to a configuration error page. It was confusing to users as they tend to refresh after fixing configuration issues. To resolve this, we render the configuration error page instead of redirecting with this Pull Request
Migrated the CasperJS frontend tests of zulip to Puppeteer since CasperJS is no longer actively maintained and had a lot of flaky tests which were failing too often on master. The challenging part about writing puppeteer tests was to avoid tests from being flaky which required a lot of debugging as it was not straight forward what's causing the rare false negatives which were only found on running each test few hundreds of times. Priyank Patel, who was also working on this helped a lot with debugging flakes. All the work related to this was sent in multiple PRs. This link lists them all https://github.com/zulip/zulip/pulls?q=is%3Apr+author%3Achdinesh1089+puppeteer
When a user has a weak password, they'll be insisted to change their password by being taken to reset password page just after logging in with the changes in the PR: zulip/zulip#15449 (Not merged. Also includes a commit for error handling of a rare case causing unexpected tracebacks)
When a user wanted to change their email it was simply entering their new email in the user settings section and then clicking the confirmation link sent to the new email. To have a stronger validation, I worked on requiring the user to re-authenticate with their old email for one last time after clicking the confirmation link. Added re-authetication support for all the three authentication flows: email+password, social auth(Google, GitHub etc) and remote SSO flows. Link to PR: zulip/zulip#15805 (Not merged)