Added changes for Sharelatex/Overleaf 5.0.6; Added Track Changes.

2024-06-24 16:36:53 +02:00
parent 09a38afa57
commit ddd0a14b3e
10 changed files with 129 additions and 561 deletions
--- a/README.md
+++ b/README.md
@@ -7,6 +7,20 @@ edition. Currently this repo uses `sharelatex/sharelatex:4.2.0`.
 The inital idea for this implementation was taken from 
 [worksasintended](https://github.com/worksasintended).
 ## Upgrading from 4.x to 5.0
 - enter mongo database container and open a mongo shell
 ```mongo```
 - execute 
 ```db.adminCommand({ setFeatureCompatibilityVersion: "4.4" })```
 in the MongoDB shell.
 - Then upgrade:
 ```
 bash scripts/extract_files.sh 5.0.6
 bash scripts/apply_diffs.sh
 make
 ```
 ## BREAKING CHANGE
 Be careful if you try to migrate from 3.3.2! Backup your machines and data. The migration paths should be:
--- a/docker-compose.certbot.yml
+++ b/docker-compose.certbot.yml
@@ -19,40 +19,40 @@ services:
      - redis
      - simple-certbot
    volumes:
-      - ${MYDATA}/sharelatex:/var/lib/sharelatex
+      - ${MYDATA}/sharelatex:/var/lib/overleaf
      - ${MYDATA}/letsencrypt:/etc/letsencrypt
      - ${MYDATA}/letsencrypt/live/${MYDOMAIN}/:/etc/letsencrypt/certs/domain
    environment:
-      SHARELATEX_APP_NAME: Overleaf
+      OVERLEAF_APP_NAME: Overleaf
-      SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
+      OVERLEAF_MONGO_URL: mongodb://mongo/sharelatex
-      SHARELATEX_SITE_URL: https://${MYDOMAIN}
+      OVERLEAF_SITE_URL: https://${MYDOMAIN}
-      SHARELATEX_NAV_TITLE: Overleaf - run by ${MYDOMAIN}
+      OVERLEAF_NAV_TITLE: Overleaf - run by ${MYDOMAIN}
-      #SHARELATEX_HEADER_IMAGE_URL: https://${MYDOMAIN}/logo.svg
+      #OVERLEAF_HEADER_IMAGE_URL: https://${MYDOMAIN}/logo.svg
-      SHARELATEX_ADMIN_EMAIL: ${MYMAIL}
+      OVERLEAF_ADMIN_EMAIL: ${MYMAIL}
-      SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"} ]'
+      OVERLEAF_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"} ]'
-      SHARELATEX_RIGHT_FOOTER: '[{"text": "LDAP Overleaf (beta)"} ]'
+      OVERLEAF_RIGHT_FOOTER: '[{"text": "LDAP Overleaf (beta)"} ]'
-      SHARELATEX_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}"
+      OVERLEAF_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}"
-      # SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID:
+      # OVERLEAF_EMAIL_AWS_SES_ACCESS_KEY_ID:
-      # SHARELATEX_EMAIL_AWS_SES_SECRET_KEY:
+      # OVERLEAF_EMAIL_AWS_SES_SECRET_KEY:
-      SHARELATEX_EMAIL_SMTP_HOST: smtp.${MYDOMAIN}
+      OVERLEAF_EMAIL_SMTP_HOST: smtp.${MYDOMAIN}
-      SHARELATEX_EMAIL_SMTP_PORT: 587
+      OVERLEAF_EMAIL_SMTP_PORT: 587
-      SHARELATEX_EMAIL_SMTP_SECURE: "false"
+      OVERLEAF_EMAIL_SMTP_SECURE: "false"
-      # SHARELATEX_EMAIL_SMTP_USER:
+      # OVERLEAF_EMAIL_SMTP_USER:
-      # SHARELATEX_EMAIL_SMTP_PASS:
+      # OVERLEAF_EMAIL_SMTP_PASS:
-      # SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
+      # OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
-      # SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false
+      # OVERLEAF_EMAIL_SMTP_IGNORE_TLS: false
-      SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues."
+      OVERLEAF_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues."
      # make public links accessible w/o login (link sharing issue)
      # https://github.com/overleaf/docker-image/issues/66
      # https://github.com/overleaf/overleaf/issues/628
      # https://github.com/overleaf/web/issues/367
      # Fixed in 2.0.2 (Release date: 2019-11-26)
-      SHARELATEX_ALLOW_PUBLIC_ACCESS: "true"
+      OVERLEAF_ALLOW_PUBLIC_ACCESS: "true"
-      SHARELATEX_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING: "true"
+      OVERLEAF_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING: "true"
-      SHARELATEX_SECURE_COOKIE: "true"
+      OVERLEAF_SECURE_COOKIE: "true"
-      SHARELATEX_BEHIND_PROXY: "true"
+      OVERLEAF_BEHIND_PROXY: "true"
      LDAP_SERVER: ldaps://LDAPSERVER:636
      LDAP_BASE: ou=people,dc=DOMAIN,dc=TLD
@@ -99,7 +99,7 @@ services:
      # Same property, unfortunately with different names in
      # different locations
-      SHARELATEX_REDIS_HOST: redis
+      OVERLEAF_REDIS_HOST: redis
      REDIS_HOST: redis
      REDIS_PORT: 6379
@@ -110,7 +110,7 @@ services:
  mongo:
    restart: always
-    image: mongo:4.4
+    image: mongo:5.0
    container_name: mongo
    expose:
      - 27017
@@ -125,7 +125,7 @@ services:
  # See also: https://github.com/overleaf/overleaf/issues/1120
  mongoinit:
-    image: mongo:4.4
+    image: mongo:5.0
    # this container will exit after executing the command
    restart: "no"
    depends_on:
--- a/docker-compose.traefik.yml
+++ b/docker-compose.traefik.yml
@@ -80,7 +80,7 @@ services:
      - mongo
      - redis
    volumes:
-      - ${MYDATA}/sharelatex:/var/lib/sharelatex
+      - ${MYDATA}/sharelatex:/var/lib/overleaf
      - ${MYDATA}/letsencrypt:/etc/letsencrypt:ro
      # - ${MYDATA}/letsencrypt/live/${MYDOMAIN}/:/etc/letsencrypt/certs/domain
    labels:
@@ -106,34 +106,34 @@ services:
      - "traefik.http.services.sharel.loadbalancer.sticky.cookie.samesite=io"
    environment:
-      SHARELATEX_APP_NAME: Overleaf
+      OVERLEAF_APP_NAME: Overleaf
-      SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
+      OVERLEAF_MONGO_URL: mongodb://mongo/sharelatex
-      SHARELATEX_SITE_URL: https://${MYDOMAIN}
+      OVERLEAF_SITE_URL: https://${MYDOMAIN}
-      SHARELATEX_NAV_TITLE: Overleaf - run by ${MYDOMAIN}
+      OVERLEAF_NAV_TITLE: Overleaf - run by ${MYDOMAIN}
-      #SHARELATEX_HEADER_IMAGE_URL: https://${MYDOMAIN}/logo.svg
+      #OVERLEAF_HEADER_IMAGE_URL: https://${MYDOMAIN}/logo.svg
-      SHARELATEX_ADMIN_EMAIL: ${MYMAIL}
+      OVERLEAF_ADMIN_EMAIL: ${MYMAIL}
-      SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"} ]'
+      OVERLEAF_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"} ]'
-      SHARELATEX_RIGHT_FOOTER: '[{"text": "LDAP Overleaf (beta)"} ]'
+      OVERLEAF_RIGHT_FOOTER: '[{"text": "LDAP Overleaf (beta)"} ]'
-      SHARELATEX_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}"
+      OVERLEAF_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}"
-      SHARELATEX_EMAIL_SMTP_HOST: smtp.${MYDOMAIN}
+      OVERLEAF_EMAIL_SMTP_HOST: smtp.${MYDOMAIN}
-      SHARELATEX_EMAIL_SMTP_PORT: 587
+      OVERLEAF_EMAIL_SMTP_PORT: 587
-      SHARELATEX_EMAIL_SMTP_SECURE: "false"
+      OVERLEAF_EMAIL_SMTP_SECURE: "false"
-      # SHARELATEX_EMAIL_SMTP_USER:
+      # OVERLEAF_EMAIL_SMTP_USER:
-      # SHARELATEX_EMAIL_SMTP_PASS:
+      # OVERLEAF_EMAIL_SMTP_PASS:
-      # SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
+      # OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
-      # SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false
+      # OVERLEAF_EMAIL_SMTP_IGNORE_TLS: false
-      SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues."
+      OVERLEAF_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues."
      # make public links accessible w/o login (link sharing issue)
      # https://github.com/overleaf/docker-image/issues/66
      # https://github.com/overleaf/overleaf/issues/628
      # https://github.com/overleaf/web/issues/367
      # Fixed in 2.0.2 (Release date: 2019-11-26)
-      SHARELATEX_ALLOW_PUBLIC_ACCESS: "true"
+      OVERLEAF_ALLOW_PUBLIC_ACCESS: "true"
-      SHARELATEX_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING: "true"
+      OVERLEAF_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING: "true"
-      SHARELATEX_SECURE_COOKIE: "true"
+      OVERLEAF_SECURE_COOKIE: "true"
-      SHARELATEX_BEHIND_PROXY: "true"
+      OVERLEAF_BEHIND_PROXY: "true"
      LDAP_SERVER: ldaps://LDAPSERVER:636
      LDAP_BASE: ou=people,dc=DOMAIN,dc=TLD
@@ -180,7 +180,7 @@ services:
      # Same property, unfortunately with different names in
      # different locations
-      SHARELATEX_REDIS_HOST: redis
+      OVERLEAF_REDIS_HOST: redis
      REDIS_HOST: redis
      REDIS_PORT: 6379
@@ -191,7 +191,7 @@ services:
  mongo:
    restart: always
-    image: mongo:4.4
+    image: mongo:5.0
    container_name: mongo
    expose:
      - 27017
@@ -214,7 +214,7 @@ services:
  # See also: https://github.com/overleaf/overleaf/issues/1120
  mongoinit:
-    image: mongo:4.4
+    image: mongo:5.0
    # this container will exit after executing the command
    restart: "no"
    depends_on:
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,41 +16,41 @@ services:
      - mongo
      - redis
    volumes:
-      - ${MYDATA}/sharelatex:/var/lib/sharelatex
+      - ${MYDATA}/sharelatex:/var/lib/overleaf
      - ${MYDATA}/letsencrypt:/etc/letsencrypt
      - ${MYDATA}/letsencrypt/live/${MYDOMAIN}/:/etc/letsencrypt/certs/domain
    environment:
-      SHARELATEX_APP_NAME: Overleaf
+      OVERLEAF_APP_NAME: Overleaf
-      SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
+      OVERLEAF_MONGO_URL: mongodb://mongo/sharelatex
-      SHARELATEX_SITE_URL: https://${MYDOMAIN}
+      OVERLEAF_SITE_URL: https://${MYDOMAIN}
-      SHARELATEX_NAV_TITLE: Overleaf - run by ${MYDOMAIN}
+      OVERLEAF_NAV_TITLE: Overleaf - run by ${MYDOMAIN}
-      #SHARELATEX_HEADER_IMAGE_URL: https://${MYDOMAIN}/logo.svg
+      #OVERLEAF_HEADER_IMAGE_URL: https://${MYDOMAIN}/logo.svg
-      SHARELATEX_ADMIN_EMAIL: ${MYMAIL}
+      OVERLEAF_ADMIN_EMAIL: ${MYMAIL}
-      SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"} ]'
+      OVERLEAF_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"} ]'
-      SHARELATEX_RIGHT_FOOTER: '[{"text": "LDAP Overleaf (beta)"} ]'
+      OVERLEAF_RIGHT_FOOTER: '[{"text": "LDAP Overleaf (beta)"} ]'
-      SHARELATEX_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}"
+      OVERLEAF_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}"
-      # SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID:
+      # OVERLEAF_EMAIL_AWS_SES_ACCESS_KEY_ID:
-      # SHARELATEX_EMAIL_AWS_SES_SECRET_KEY:
+      # OVERLEAF_EMAIL_AWS_SES_SECRET_KEY:
-      SHARELATEX_EMAIL_SMTP_HOST: smtp.${MYDOMAIN}
+      OVERLEAF_EMAIL_SMTP_HOST: smtp.${MYDOMAIN}
-      SHARELATEX_EMAIL_SMTP_PORT: 587
+      OVERLEAF_EMAIL_SMTP_PORT: 587
-      SHARELATEX_EMAIL_SMTP_SECURE: "false"
+      OVERLEAF_EMAIL_SMTP_SECURE: "false"
-      # SHARELATEX_EMAIL_SMTP_USER:
+      # OVERLEAF_EMAIL_SMTP_USER:
-      # SHARELATEX_EMAIL_SMTP_PASS:
+      # OVERLEAF_EMAIL_SMTP_PASS:
-      # SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
+      # OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
-      # SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false
+      # OVERLEAF_EMAIL_SMTP_IGNORE_TLS: false
-      SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues."
+      OVERLEAF_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues."
      # make public links accessible w/o login (link sharing issue)
      # https://github.com/overleaf/docker-image/issues/66
      # https://github.com/overleaf/overleaf/issues/628
      # https://github.com/overleaf/web/issues/367
      # Fixed in 2.0.2 (Release date: 2019-11-26)
-      SHARELATEX_ALLOW_PUBLIC_ACCESS: "true"
+      OVERLEAF_ALLOW_PUBLIC_ACCESS: "true"
-      SHARELATEX_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING: "true"
+      OVERLEAF_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING: "true"
      # Uncomment the following line to enable secure cookies if you are using SSL
-      # SHARELATEX_SECURE_COOKIE: "true"
+      # OVERLEAF_SECURE_COOKIE: "true"
-      # SHARELATEX_BEHIND_PROXY: "true"
+      # OVERLEAF_BEHIND_PROXY: "true"
      LDAP_SERVER: ldaps://LDAPSERVER:636
      LDAP_BASE: ou=people,dc=DOMAIN,dc=TLD
@@ -97,7 +97,7 @@ services:
      # Same property, unfortunately with different names in
      # different locations
-      SHARELATEX_REDIS_HOST: redis
+      OVERLEAF_REDIS_HOST: redis
      REDIS_HOST: redis
      REDIS_PORT: 6379
@@ -108,7 +108,7 @@ services:
  mongo:
    restart: always
-    image: mongo:4.4
+    image: mongo:5.0
    container_name: mongo
    expose:
      - 27017
@@ -123,7 +123,7 @@ services:
  # See also: https://github.com/overleaf/overleaf/issues/1120
  mongoinit:
-    image: mongo:4.4
+    image: mongo:5.0
    # this container will exit after executing the command
    restart: "no"
    depends_on:
--- a/ldap-overleaf-sl/Dockerfile
+++ b/ldap-overleaf-sl/Dockerfile
@@ -1,4 +1,4 @@
-FROM sharelatex/sharelatex:4.2.0
+FROM sharelatex/sharelatex:5.0.6
 # FROM sharelatex/sharelatex:latest
 # latest might not be tested 
 # e.g. the AuthenticationManager.js script had to be adapted after versions 2.3.1 
@@ -20,10 +20,10 @@ RUN npm install -g npm && \
    npm install ldap-escape ldapts-search ldapts@3.2.4 && \
    # npm install bcrypt@5.0.0 && \
    apt-get update && \
-    apt-get -y install libxml-libxslt-perl cpanminus libbtparse2 python-pygments && \
+    apt-get -y install libxml-libxslt-perl cpanminus libbtparse2 && \
    # now install latest texlive2023 from tlmgr
-    tlmgr update --self --all  && \
+    #tlmgr update --self --all  && \
-    tlmgr install scheme-full --verify-repo=none && \
+    #tlmgr install scheme-full --verify-repo=none && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*
@@ -35,14 +35,30 @@ ENV PATH="/usr/local/texlive/2023/bin/x86_64-linux:${PATH};"
 COPY sharelatex/AuthenticationManager.js    /overleaf/services/web/app/src/Features/Authentication/
 COPY sharelatex/AuthenticationController.js /overleaf/services/web/app/src/Features/Authentication/
 COPY sharelatex/ContactController.js        /overleaf/services/web/app/src/Features/Contacts/
 COPY sharelatex/ProjectEditorHandler.js     /overleaf/services/web/app/src/Features/Project/
 COPY sharelatex/TrackChangesController.js   /overleaf/services/web/app/src/Features/TrackChanges/
 COPY sharelatex/router.js                   /overleaf/services/web/app/src/router.js
 ## Copy some new files from the Docker git repo (because they are not in the current Docker release - to enable Track-Changes
 RUN wget -O /overleaf/services/web/app/src/Features/DocumentUpdater/DocumentUpdaterHandler.js https://raw.githubusercontent.com/overleaf/overleaf/main/services/web/app/src/Features/DocumentUpdater/DocumentUpdaterHandler.js 
 RUN wget -O /overleaf/services/web/app/src/Features/Chat/ChatApiHandler.js https://raw.githubusercontent.com/overleaf/overleaf/main/services/web/app/src/Features/Chat/ChatApiHandler.js
 RUN wget -O /overleaf/services/web/app/src/Features/Chat/ChatController.js https://raw.githubusercontent.com/overleaf/overleaf/main/services/web/app/src/Features/Chat/ChatController.js
 RUN wget -O /overleaf/services/web/app/src/Features/Chat/ChatManager.js https://raw.githubusercontent.com/overleaf/overleaf/main/services/web/app/src/Features/Chat/ChatManager.js
 # Too much changes to do inline (>10 Lines).
-COPY sharelatex/settings.pug    /overleaf/services/web/app/views/user/
+#COPY sharelatex/settings.pug    /overleaf/services/web/app/views/user/
 COPY sharelatex/login.pug       /overleaf/services/web/app/views/user/
-COPY sharelatex/navbar.pug      /overleaf/services/web/app/views/layout/
+#COPY sharelatex/navbar.pug      /overleaf/services/web/app/views/layout/
 COPY sharelatex/navbar-marketing.pug      /overleaf/services/web/app/views/layout/
 # Copy TrackChanges Module
 #COPY sharelatex-modules/track-changes  /overleaf/services/web/modules/track-changes
 # Non LDAP User Registration for Admins
 COPY sharelatex/admin-index.pug     /overleaf/services/web/app/views/admin/index.pug
 COPY sharelatex/admin-sysadmin.pug  /tmp/admin-sysadmin.pug
--- a/ldap-overleaf-sl/sharelatex_diff/AuthenticationController.js.diff
+++ b/ldap-overleaf-sl/sharelatex_diff/AuthenticationController.js.diff
@@ -1,6 +1,4 @@
-268a268,364
+300a301,394
 > 
 > // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 >   oauth2Redirect(req, res, next) {
 >     // random state
 >     const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
@@ -95,4 +93,3 @@
 >       console.error("Fails to access by OAuth2: " + String(e))
 >     }
 >   },
 > // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
--- a/ldap-overleaf-sl/sharelatex_diff/AuthenticationManager.js.diff
+++ b/ldap-overleaf-sl/sharelatex_diff/AuthenticationManager.js.diff
@@ -1,12 +1,9 @@
-19a20,25
+19a20,22
 > // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 > const fs = require("fs")
 > const { Client } = require("ldapts")
 > const ldapEscape = require("ldap-escape")
-> // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+120a124,132
 > 
 120a127,136
 > // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 >   _checkUserPassword2(query, password, callback) {
 >     // leave original _checkUserPassword untouched, because it will be called by
 >     // setUserPasswordInV2 (e.g. UserRegistrationHandler.js )
@@ -14,17 +11,16 @@
 >       AuthenticationManager.authUserObj(error, user, query, password, callback)
 >     })
 >   },
 > // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
 > 
-126c142,144
+122c134,138
 <     AuthenticationManager._checkUserPassword(
 ---
-> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
+>     if (typeof callback === 'undefined') {
 >       callback = auditLog
 >       auditLog = null
 >     }
 >     AuthenticationManager._checkUserPassword2(
-> // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+201a218,467
 190a209,488
 > 
 > // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 >   /**
 >    * login with any password
 >    */
@@ -32,33 +28,6 @@
 >     callback(null, user, true)
 >   },
 > 
 >   createIfNotFoundAndLogin(
 >     query,
 >     callback,
 >     uid,
 >     firstname,
 >     lastname,
 >     mail,
 >     isAdmin
 >   ) {
 >     User.findOne(query, (error, user) => {
 >       if (error) {
 >         console.log(error)
 >       }
 > 
 >       AuthenticationManager.createIfNotExistAndLogin(
 >         query,
 >         user,
 >         callback,
 >         uid,
 >         firstname,
 >         lastname,
 >         mail,
 >         isAdmin
 >       )
 >     })
 >   },
 > 
 >   createIfNotExistAndLogin(
 >     query,
 >     user,
@@ -70,9 +39,10 @@
 >     isAdmin
 >   ) {
 >     if (!user) {
 >       //console.log('Creating User:' + JSON.stringify(query))
 >       //create random pass for local userdb, does not get checked for ldap users during login
->       const pass = require("crypto").randomBytes(32).toString("hex")
+>       let pass = require("crypto").randomBytes(32).toString("hex")
->       console.log('Creating User', { mail, uid, firstname, lastname, isAdmin, pass })
+>       //console.log('Creating User:' + JSON.stringify(query) + 'Random Pass' + pass)
 > 
 >       const userRegHand = require("../User/UserRegistrationHandler.js")
 >       userRegHand.registerNewUser(
@@ -102,7 +72,6 @@
 >         }
 >       ) // end register user
 >     } else {
 >       console.log('User exists', { mail })
 >       AuthenticationManager.login(user, "randomPass", callback)
 >     }
 >   },
@@ -302,4 +271,3 @@
 >       }
 >     })
 >   },
 > // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
--- a/ldap-overleaf-sl/sharelatex_diff/navbar.pug.diff
+++ b/ldap-overleaf-sl/sharelatex_diff/navbar.pug.diff
@@ -1,217 +0,0 @@
 4,6c4,5
 < 			if (typeof(suppressNavbarRight) == "undefined")
 < 				button.navbar-toggle(ng-init="navCollapsed = true", ng-click="navCollapsed = !navCollapsed", ng-class="{active: !navCollapsed}", aria-label="Toggle " + translate('navigation'))
 < 					i.fa.fa-bars(aria-hidden="true")
 ---
 > 			button.navbar-toggle(ng-init="navCollapsed = true", ng-click="navCollapsed = !navCollapsed", ng-class="{active: !navCollapsed}", aria-label="Toggle " + translate('navigation'))
 > 				i.fa.fa-bars(aria-hidden="true")
 14,106c13,74
 < 		- var canDisplayAdminMenu = hasAdminAccess()
 < 		- var canDisplayAdminRedirect = canRedirectToAdminDomain()
 < 		- var canDisplaySplitTestMenu = hasFeature('saas') && (canDisplayAdminMenu || (getSessionUser() && getSessionUser().staffAccess && (getSessionUser().staffAccess.splitTestMetrics || getSessionUser().staffAccess.splitTestManagement)))
 < 		- var canDisplaySurveyMenu = hasFeature('saas') && canDisplayAdminMenu
 < 		- var featuresPageVariant = splitTestVariants && splitTestVariants['features-page']
 < 
 < 		if (typeof(suppressNavbarRight) == "undefined")
 < 			.navbar-collapse.collapse(collapse="navCollapsed")
 < 				ul.nav.navbar-nav.navbar-right
 < 					if (canDisplayAdminMenu || canDisplayAdminRedirect || canDisplaySplitTestMenu)
 < 						li.dropdown(class="subdued", dropdown)
 < 							a.dropdown-toggle(href, dropdown-toggle)
 < 								| Admin
 < 								b.caret
 < 							ul.dropdown-menu
 < 								if canDisplayAdminMenu
 < 									li
 < 										a(href="/admin") Manage Site
 < 									li
 < 										a(href="/admin/user") Manage Users
 < 									li
 < 										a(href="/admin/project") Project URL Lookup
 < 									li
 < 										a(href="/admin/saml/logs") SAML logs
 < 								if canDisplayAdminRedirect
 < 									li
 < 										a(href=settings.adminUrl) Switch to Admin
 < 								if canDisplaySplitTestMenu
 < 									li
 < 										a(href="/admin/split-test") Manage Feature Flags
 < 								if canDisplaySurveyMenu
 < 									li
 < 										a(href="/admin/survey") Manage Surveys
 < 
 < 					// loop over header_extras
 < 					each item in nav.header_extras
 < 						-
 < 							if ((item.only_when_logged_in && getSessionUser())
 < 								|| (item.only_when_logged_out && (!getSessionUser()))
 < 								|| (!item.only_when_logged_out && !item.only_when_logged_in && !item.only_content_pages)
 < 								|| (item.only_content_pages && (typeof(suppressNavContentLinks) == "undefined" || !suppressNavContentLinks))
 < 							){ 
 < 								var showNavItem = true
 < 							} else {
 < 								var showNavItem = false
 < 							}
 < 
 < 						if showNavItem
 < 							if item.dropdown
 < 								li.dropdown(class=item.class, dropdown)
 < 									a.dropdown-toggle(href, dropdown-toggle)
 < 										| !{translate(item.text)}
 < 										b.caret
 < 									ul.dropdown-menu
 < 										each child in item.dropdown
 < 											if child.divider
 < 												li.divider
 < 											else if child.isContactUs
 < 												li
 < 													a(ng-controller="ContactModal" ng-click="contactUsModal()" href)
 < 														span(event-tracking="menu-clicked-contact" event-tracking-mb="true" event-tracking-trigger="click")
 < 															| #{translate("contact_us")}
 < 											else
 < 												li
 < 													if child.url
 < 														if !child.splitTest || child.splitTest && child.splitTest === 'features-page' && child.splitTestVariant === featuresPageVariant
 < 															a(
 < 																href=child.url,
 < 																class=child.class,
 < 																event-tracking=child.event
 < 																event-tracking-mb="true"
 < 																event-tracking-trigger="click"
 < 																event-segmentation=child.eventSegmentation
 < 															) !{translate(child.text)}
 < 													else
 < 														| !{translate(child.text)}
 < 							else
 < 								li(class=item.class)
 < 									if item.url
 < 										a(
 < 											href=item.url,
 < 											class=item.class,
 < 											event-tracking=item.event
 < 											event-tracking-mb="true"
 < 											event-tracking-trigger="click"
 < 										) !{translate(item.text)}
 < 									else
 < 										| !{translate(item.text)}
 < 
 < 					// logged out
 < 					if !getSessionUser()
 < 						// register link
 < 						if hasFeature('registration-page')
 ---
 > 		.navbar-collapse.collapse(collapse="navCollapsed")
 > 
 > 			ul.nav.navbar-nav.navbar-right
 > 				if (getSessionUser() && getSessionUser().isAdmin)
 > 					li
 > 						a(href="/admin") Admin
 > 
 > 
 > 				// loop over header_extras
 > 				each item in nav.header_extras
 > 					-
 > 						if ((item.only_when_logged_in && getSessionUser())
 > 							|| (item.only_when_logged_out && (!getSessionUser()))
 > 							|| (!item.only_when_logged_out && !item.only_when_logged_in && !item.only_content_pages)
 > 							|| (item.only_content_pages && (typeof(suppressNavContentLinks) == "undefined" || !suppressNavContentLinks))
 > 						){ 
 > 							var showNavItem = true
 > 						} else {
 > 							var showNavItem = false
 > 						}
 > 
 > 					if showNavItem
 > 						if item.dropdown
 > 							li.dropdown(class=item.class, dropdown)
 > 								a.dropdown-toggle(href, dropdown-toggle)
 > 									| !{translate(item.text)}
 > 									b.caret
 > 								ul.dropdown-menu
 > 									each child in item.dropdown
 > 										if child.divider
 > 											li.divider
 > 										else
 > 											li
 > 												if child.url
 > 													a(href=child.url, class=child.class) !{translate(child.text)}
 > 												else
 > 													| !{translate(child.text)}
 > 						else
 > 							li(class=item.class)
 > 								if item.url
 > 									a(href=item.url, class=item.class) !{translate(item.text)}
 > 								else
 > 									| !{translate(item.text)}
 > 
 > 				// logged out
 > 				if !getSessionUser()
 > 					// login link
 > 					li
 > 						a(href="/login") #{translate('log_in')}
 > 
 > 				// projects link and account menu
 > 				if getSessionUser()
 > 					li
 > 						a(href="/project") #{translate('Projects')}
 > 					li.dropdown(dropdown)
 > 						a.dropdown-toggle(href, dropdown-toggle)
 > 							| #{translate('Account')}
 > 							b.caret
 > 						ul.dropdown-menu
 > 							//li
 > 							//	div.subdued(ng-non-bindable) #{getUserEmail()}
 > 							//li.divider.hidden-xs.hidden-sm
 108,139c76,77
 < 								a(
 < 									href="/register"
 < 									event-tracking="menu-clicked-register"
 < 									event-tracking-action="clicked"
 < 									event-tracking-trigger="click"
 < 									event-tracking-mb="true"
 < 									event-segmentation={ page: currentUrl }
 < 								) #{translate('register')}
 < 
 < 						// login link
 < 						li
 < 							a(
 < 								href="/login"
 < 								event-tracking="menu-clicked-login"
 < 								event-tracking-action="clicked"
 < 								event-tracking-trigger="click"
 < 								event-tracking-mb="true"
 < 								event-segmentation={ page: currentUrl }
 < 							) #{translate('log_in')}
 < 
 < 					// projects link and account menu
 < 					if getSessionUser()
 < 						li
 < 							a(href="/project") #{translate('Projects')}
 < 						li.dropdown(dropdown)
 < 							a.dropdown-toggle(href, dropdown-toggle)
 < 								| #{translate('Account')}
 < 								b.caret
 < 							ul.dropdown-menu
 < 								li
 < 									div.subdued {{ usersEmail }}
 < 								li.divider.hidden-xs.hidden-sm
 ---
 > 								a(href="/user/settings") #{translate('Account Settings')}
 > 							if nav.showSubscriptionLink
 141,149c79,84
 < 									a(href="/user/settings") #{translate('Account Settings')}
 < 								if nav.showSubscriptionLink
 < 									li
 < 										a(href="/user/subscription") #{translate('subscription')}
 < 								li.divider.hidden-xs.hidden-sm
 < 								li
 < 									form(method="POST" action="/logout")
 < 										input(name='_csrf', type='hidden', value=csrfToken)
 < 										button.btn-link.text-left.dropdown-menu-button #{translate('log_out')}
 ---
 > 									a(href="/user/subscription") #{translate('subscription')}
 > 							li.divider.hidden-xs.hidden-sm
 > 							li
 > 								form(method="POST" action="/logout")
 > 									input(name='_csrf', type='hidden', value=csrfToken)
 > 									button.btn-link.text-left.dropdown-menu-button #{translate('log_out')}
--- a/ldap-overleaf-sl/sharelatex_diff/settings.pug.diff
+++ b/ldap-overleaf-sl/sharelatex_diff/settings.pug.diff
@@ -1,212 +0,0 @@
 1c1
 < extends ../layout-marketing
 ---
 > extends ../layout
 3,4c3,14
 < block entrypointVar
 < 	- entrypoint = 'pages/user/settings'
 ---
 > block content
 > 	.content.content-alt
 > 		.container
 > 			.row
 > 				.col-md-12.col-lg-10.col-lg-offset-1
 > 					if ssoError
 > 						.alert.alert-danger
 > 							| #{translate('sso_link_error')}: #{translate(ssoError)}
 > 					.card
 > 						.page-header
 > 							h1  #{translate("account_settings")}
 > 						.account-settings(ng-controller="AccountSettingsController", ng-cloak)
 6,29c16,17
 < block append meta
 < 	meta(name="ol-hasPassword" data-type="boolean" content=hasPassword)
 < 	meta(name="ol-shouldAllowEditingDetails" data-type="boolean" content=shouldAllowEditingDetails)
 < 	meta(name="ol-oauthProviders", data-type="json", content=oauthProviders)
 < 	meta(name="ol-institutionLinked", data-type="json", content=institutionLinked)
 < 	meta(name="ol-samlError", data-type="json", content=samlError)
 < 	meta(name="ol-institutionEmailNonCanonical", content=institutionEmailNonCanonical)
 < 
 < 	meta(name="ol-reconfirmedViaSAML", content=reconfirmedViaSAML)
 < 	meta(name="ol-reconfirmationRemoveEmail", content=reconfirmationRemoveEmail)
 < 	meta(name="ol-samlBeta", content=samlBeta)
 < 	meta(name="ol-ssoErrorMessage", content=ssoErrorMessage)
 < 	meta(name="ol-thirdPartyIds", data-type="json", content=thirdPartyIds || {})
 < 	meta(name="ol-passwordStrengthOptions", data-type="json", content=settings.passwordStrengthOptions || {})
 < 	meta(name="ol-isExternalAuthenticationSystemUsed" data-type="boolean" content=externalAuthenticationSystemUsed())
 < 	meta(name="ol-user" data-type="json" content=user)
 < 	meta(name="ol-dropbox" data-type="json" content=dropbox)
 < 	meta(name="ol-github" data-type="json" content=github)
 < 	meta(name="ol-projectSyncSuccessMessage", content=projectSyncSuccessMessage)
 < 	meta(name="ol-showPersonalAccessToken", data-type="boolean" content=showPersonalAccessToken)
 < 	meta(name="ol-optionalPersonalAccessToken", data-type="boolean" content=optionalPersonalAccessToken)
 < 	meta(name="ol-personalAccessTokens", data-type="json" content=personalAccessTokens)
 < 	meta(name="ol-emailAddressLimit", data-type="json", content=emailAddressLimit)
 < 	meta(name="ol-currentManagedUserAdminEmail" data-type="string" content=currentManagedUserAdminEmail)
 ---
 > 
 > 
 31,32c19,178
 < block content
 < 	main.content.content-alt#settings-page-root
 ---
 > 							.row
 > 								.col-md-5
 > 									h3 #{translate("update_account_info")}
 > 									form(async-form="settings", name="settingsForm", method="POST", action="/user/settings", novalidate)
 > 										input(type="hidden", name="_csrf", value=csrfToken)
 > 										if !hasFeature('affiliations')
 > 											// show the email, non-editable
 > 											.form-group
 > 												label.control-label #{translate("email")}
 > 												div.form-control(
 > 													readonly="true",
 > 													ng-non-bindable
 > 												) #{user.email}
 > 
 > 										if shouldAllowEditingDetails
 > 											.form-group
 > 												label(for='firstName').control-label #{translate("first_name")}
 > 												input.form-control(
 > 													id="firstName"
 > 													type='text',
 > 													name='first_name',
 > 													value=user.first_name
 > 													ng-non-bindable
 > 												)
 > 											.form-group
 > 												label(for='lastName').control-label #{translate("last_name")}
 > 												input.form-control(
 > 													id="lastName"
 > 													type='text',
 > 													name='last_name',
 > 													value=user.last_name
 > 													ng-non-bindable
 > 												)
 > 											.form-group
 > 												form-messages(aria-live="polite" for="settingsForm")
 > 													.alert.alert-success(ng-show="settingsForm.response.success")
 > 														|  #{translate("thanks_settings_updated")}
 > 											.actions
 > 												button.btn.btn-primary(
 > 													type='submit',
 > 													ng-disabled="settingsForm.$invalid"
 > 												)  #{translate("update")}
 > 										else
 > 											.form-group
 > 												label.control-label #{translate("first_name")}
 > 												div.form-control(
 > 													readonly="true",
 > 													ng-non-bindable
 > 												) #{user.first_name}
 > 											.form-group
 > 												label.control-label #{translate("last_name")}
 > 												div.form-control(
 > 													readonly="true",
 > 													ng-non-bindable
 > 												) #{user.last_name}
 > 
 > 								.col-md-5.col-md-offset-1
 > 									h3 
 > 										| Set Password for Email login
 > 									p 
 > 										| Note: you can not change the LDAP password from here. You can set/reset a password for 
 > 										| your email login:
 > 										| #[a(href="/user/password/reset", target='_blank') Reset.]
 > 
 > 							| !{moduleIncludes("userSettings", locals)}
 > 							hr
 > 
 > 							h3
 > 								| Contact
 > 							div 
 > 								| If you need any help, please contact your sysadmins.
 > 							
 > 							p #{translate("need_to_leave")} 
 > 								a(href, ng-click="deleteAccount()")  #{translate("delete_your_account")}
 > 
 > 
 > 
 > 	script(type='text/ng-template', id='deleteAccountModalTemplate')
 > 		.modal-header
 > 			h3 #{translate("delete_account")}
 > 		div.modal-body#delete-account-modal
 > 			p !{translate("delete_account_warning_message_3")}
 > 			if settings.createV1AccountOnLogin && settings.overleaf
 > 				p
 > 					strong
 > 						| Your Overleaf v2 projects will be deleted if you delete your account.
 > 						| If you want to remove any remaining Overleaf v1 projects in your account,
 > 						| please first make sure they are imported to Overleaf v2.
 > 
 > 			if settings.overleaf && !hasPassword
 > 				p
 > 					b
 > 						| #[a(href="/user/password/reset", target='_blank') #{translate("delete_acct_no_existing_pw")}].
 > 			else
 > 				form(novalidate, name="deleteAccountForm")
 > 					label #{translate('email')}
 > 					input.form-control(
 > 						type="text",
 > 						autocomplete="off",
 > 						placeholder="",
 > 						ng-model="state.deleteText",
 > 						focus-on="open",
 > 						ng-keyup="checkValidation()"
 > 					)
 > 
 > 					label #{translate('password')}
 > 					input.form-control(
 > 						type="password",
 > 						autocomplete="off",
 > 						placeholder="",
 > 						ng-model="state.password",
 > 						ng-keyup="checkValidation()"
 > 					)
 > 
 > 					div.confirmation-checkbox-wrapper
 > 						input(
 > 							type="checkbox"
 > 							ng-model="state.confirmV1Purge"
 > 							ng-change="checkValidation()"
 > 						).pull-left
 > 						label(style="display: inline") &nbsp;I have left, purged or imported my projects on Overleaf v1 (if any) &nbsp;
 > 
 > 					div.confirmation-checkbox-wrapper
 > 						input(
 > 							type="checkbox"
 > 							ng-model="state.confirmSharelatexDelete"
 > 							ng-change="checkValidation()"
 > 						).pull-left
 > 						label(style="display: inline") &nbsp;I understand this will delete all projects in my Overleaf v2 account (and ShareLaTeX account, if any) with email address #[em {{ userDefaultEmail }}]
 > 
 > 			div(ng-if="state.error")
 > 				div.alert.alert-danger(ng-switch="state.error.code")
 > 					span(ng-switch-when="InvalidCredentialsError")
 > 						| #{translate('email_or_password_wrong_try_again')}
 > 					span(ng-switch-when="SubscriptionAdminDeletionError")
 > 						| #{translate('subscription_admins_cannot_be_deleted')}
 > 					span(ng-switch-when="UserDeletionError")
 > 						| #{translate('user_deletion_error')}
 > 					span(ng-switch-default)
 > 						| #{translate('generic_something_went_wrong')}
 > 			if settings.createV1AccountOnLogin && settings.overleaf
 > 				div(ng-if="state.error && state.error.code == 'InvalidCredentialsError'")
 > 					div.alert.alert-info
 > 						| If you can't remember your password, or if you are using Single-Sign-On with another provider
 > 						| to sign in (such as Twitter or Google), please
 > 						| #[a(href="/user/password/reset", target='_blank') reset your password],
 > 						| and try again.
 > 		.modal-footer
 > 			button.btn.btn-default(
 > 				ng-click="cancel()"
 > 			) #{translate("cancel")}
 > 			button.btn.btn-danger(
 > 				ng-disabled="!state.isValid || state.inflight"
 > 				ng-click="delete()"
 > 			)
 > 				span(ng-hide="state.inflight") #{translate("delete")}
 > 				span(ng-show="state.inflight") #{translate("deleting")}...
 > 	
 > 	script(type='text/javascript').
 > 		window.passwordStrengthOptions = !{StringHelper.stringifyJsonForScript(settings.passwordStrengthOptions || {})}
--- a/scripts/extract_files.sh
+++ b/scripts/extract_files.sh
@@ -6,6 +6,7 @@ CONTAINER_FILE_PATHS=(
    "/overleaf/services/web/app/src/Features/Authentication/AuthenticationManager.js"
    "/overleaf/services/web/app/src/Features/Authentication/AuthenticationController.js"
    "/overleaf/services/web/app/src/Features/Contacts/ContactController.js"
    "/overleaf/services/web/app/src/Features/Project/ProjectEditorHandler.js"
    "/overleaf/services/web/app/src/router.js"
    "/overleaf/services/web/app/views/user/settings.pug"
    "/overleaf/services/web/app/views/user/login.pug"
@@ -19,6 +20,7 @@ FILENAMES=(
    "AuthenticationManager.js"
    "AuthenticationController.js"
    "ContactController.js"
    "ProjectEditorHandler.js"
    "router.js"
    "settings.pug"
    "login.pug"