* Error early if email already exists
* Update changes/issue-4361-mail-change-should-error
Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
* Fix test
* Lint fixes
* Fix another test
* Also check for invites
* Improve error checks
* Update comment
* Update tests
* Fix test
Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
- Move team-related service methods to `ee/server/service`.
- Instantiate different service on startup based on license key.
- Refactor service errors into separate package.
- Add support for running E2E tests in both Core and Basic tiers.
Prevent abuse of these endpoints with rate limiting backed by Redis. The
limits assigned should be appropriate for almost any Fleet deployment.
Closes#530
- Return same error in all cases for login endpoint.
- Log error details in server logs.
- Make most login errors take ~1s to prevent timing attacks.
- Don't return forgot password errors.
- Log password errors in server logs.
- Make most forgot password requests take ~1s to prevent timing attacks.
Fixes#531
