Commit graph

91 commits

Author SHA1 Message Date
Matt Baer
e42ba392c6 Support Web Monetized split content
Ref T770
2021-06-07 15:52:24 -04:00
Matt Baer
73450a50e3
Merge pull request #356 from writefreely/draft-list-paging
Draft list paging
2021-05-04 09:39:22 -04:00
Matt Baer
b092421f6e Add Cross-Site Request Forgery (CSRF) protection on account deletion
This requires admins to generate a new encryption key with:
  writefreely keys generate

Ref T319
2021-04-22 12:41:54 -04:00
Matt Baer
f689706baa Merge branch 'T319-admin-delete-acct' into T319-user-delete-acct 2021-04-22 10:14:48 -04:00
Matt Baer
3b58d77e67 Merge branch 'develop' into T319-admin-delete-acct 2021-04-22 09:07:40 -04:00
Matt Baer
439f8bd262
Merge pull request #444 from writefreely/log-out-pass-blog
Support logging out of password-protected blogs
2021-04-12 14:11:12 -04:00
Matt Baer
27b43ac2f1 Merge branch 'develop' into draft-list-paging 2021-04-07 15:58:25 -04:00
Matt Baer
5a3e8d59b6 Support logging out of password-protected blogs
Closes T492
2021-03-29 20:55:21 -04:00
Matt Baer
9484880bca Sign actor fetch request
This fixes federation with Mastodon instances that have Authorized
Fetch turned on by signing the GET request to fetch the actor when
a blog is first followed.

Ref T820
2021-03-08 11:43:38 -05:00
Marcel van der Boom
5961eb8f27 Drop the /tags/{tag} route
fixes issue #305
2020-10-03 15:34:44 +02:00
Josip Antoliš
3f36ede885 Add Cache-Control header
Add Cache-Control response header for static files in order to improve page loading speed.
Fixes  #322
2020-09-04 22:03:42 +02:00
Pascal Richier
d3f1e40010
Merge branch 'develop' into feature/generic-oauth 2020-08-16 19:58:01 +02:00
Matt Baer
09e70e07f8 Support loading more draft posts
This adds a "load more" button to the bottom of the draft posts page,
which calls /api/me/posts with new parameters and the current page
number. It then populates the page accordingly.

Ref T696 - load anon. posts with ?anonymous=1&page=1
Ref T401 - completes UI for post loading
2020-07-30 16:46:01 -04:00
Keturah Dola-Borg
7b71d455a8 Apply go fmt
Signed-off-by: prichier <pascoualito@gmail.com>
2020-05-31 00:20:21 +02:00
Keturah Dola-Borg
badaffcd5c Add generic oauth to routes
Signed-off-by: prichier <pascoualito@gmail.com>
2020-05-31 00:20:08 +02:00
gytisrepecka
c798a44f69
Added Gitea OAuth login and account management. 2020-04-03 13:26:59 +03:00
Matt Baer
5d01f49ce9 Move /me/oauth/remove endpoint to /api/me/oauth/remove 2020-03-24 10:33:45 -04:00
Matt Baer
cf4f08b264 Merge branch 'develop' into T713-oauth-account-management 2020-03-19 12:02:33 -04:00
Kyle Robbertze
c292512b9d add Gitlab OAuth 2020-03-12 10:50:55 +02:00
Matt Baer
84ab41697b Merge branch 'develop' into admin-dashboard-redesign 2020-02-14 14:50:23 -05:00
Matt Baer
8364dce398 Merge branch 'develop' into T572-check-updates 2020-02-14 14:27:22 -05:00
Matt Baer
92da069ce4 Move admin dashboard sections into subpages
This moves app config to a "Settings" page and the application monitor
to a "Monitor" page. It also reworks the admin navigation bar a bit and
adds some instance stats on the dashboard.

Ref T694
2020-02-14 13:55:24 -05:00
Matt Baer
f846cada4b Merge branch 'develop' into T713-oauth-account-management 2020-02-09 14:05:12 -05:00
Matt Baer
f406f894c5 Merge branch 'develop' into T319-user-delete-acct 2020-02-09 11:53:24 -05:00
Matt Baer
d6c0026644 Merge branch 'develop' into T319-admin-delete-acct 2020-02-09 11:51:39 -05:00
Matt Baer
f902f65365 Merge pull request #259 from writeas/fix-edit-route-permissions
Require authenticated user on draft edit routes
2020-02-08 15:26:32 -05:00
Matt Baer
1a10bb3ed6 Merge pull request #252 from writeas/fix-mix-of-collations
Restrict /invite/{code} route to valid chars
2020-02-08 15:25:15 -05:00
Matt Baer
eac223158a Move remote user URL to /@/
from /mention:

Ref T627
2020-02-08 12:58:21 -05:00
Matt Baer
68d63d3fef Merge branch 'develop' into activitypub-mentions 2020-02-08 11:51:18 -05:00
Matt Baer
1b8f62d143 Require authenticated user on draft edit routes
- /edit
- /meta
2020-02-06 17:44:02 -05:00
Matt Baer
d6b7a5925f Restrict /invite/{code} route to valid chars
Previously, loading something like /invite/fFdblk😄 would return a 500,
due to a mix of collations in MySQL while SELECTing for an invite with
an ID of 'fFdblk😄'. This restricts the route to [a-zA-Z0-9] chars, to
prevent this.
2020-01-29 09:11:02 -05:00
Matt Baer
8e09e72979 Require authenticated user for editor access
Previously, anyone could access the editor even if they weren't logged
in. They couldn't do much in that case (publishing would fail), but it
could potentially cause some confusion.

Now, users will be sent to the login page, and then redirected back to
the editor once successfully logged in.
2020-01-16 14:50:29 -05:00
Nick Gerakines
c0317b4e93 Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713 2020-01-15 13:16:59 -05:00
Matt Baer
be76f865a4 Merge branch 'develop' into import-text 2020-01-07 16:35:23 -05:00
Matt Baer
a4579719cd
Merge pull request #197 from writeas/markdown-API
add basic API endpoint for rendering markdown

Ref T519
2020-01-03 13:47:50 -05:00
Nick Gerakines
2aea9560bc Merged T710-oauth-slack into oauth-wrapper. 2020-01-02 16:19:26 -05:00
Matt Baer
af23e28d05 Pass OAuth requests through new OAuth handler
This gives us our standard logging and passes around errors with
impart.HTTPError.

Ref T705
2019-12-30 18:14:01 -05:00
Nick Gerakines
462f87919a Feature complete on MVP slack auth integration. T710 2019-12-28 15:15:47 -05:00
Nick Gerakines
13121cb266 Merging T705-oauth into T710-oauth-slack. T705,T710 2019-12-27 13:40:11 -05:00
Nick Gerakines
bf3b6a5ba0 Unit tests, integration testing, and code cleanup for oauth support. Part of T705. 2019-12-23 14:30:32 -05:00
Rob Loranger
26d906ae92
clean up responses and logging, change endpoint
- return an error with invalid request types
- simplify json decoding
- return error and success consistent with app conventions
- endpoint change from /api/generate/markdownify to /api/markdown
- fix nil pointer dereference when passing a base_url
2019-12-17 12:27:34 -08:00
Matt Baer
5fa164d5cf Merge branch 'develop' into markdown-API 2019-11-29 08:12:17 -05:00
Matt Baer
8c1bf2ddd5 Merge branch 'markdown-API' into activitypub-mentions 2019-11-28 10:31:35 -05:00
Matt Baer
af6e5dea3a Merge branch 'develop' into import-text 2019-11-26 17:41:29 -05:00
Matt Baer
d8df15855c Merge branch 'develop' into activitypub-mentions 2019-11-26 13:19:20 -05:00
Matt Baer
53586d9cb8 Merge branch 'develop' into T661-disable-accounts 2019-11-12 01:46:37 +09:00
Matt Baer
6e09fcb9e2 Change password reset endpoint to /admin/user/{Username}/passphrase
Ref T695
2019-11-11 16:02:22 +09:00
Matt Baer
38f3eec8e0 Merge branch 'develop' into T572-check-updates 2019-11-11 15:45:47 +09:00
Rob Loranger
fc553d277f
add admin user account deletion
this adds a section to the admin user view to delete the account and a
handler to process the request.
2019-11-05 12:22:58 -08:00
Rob Loranger
482e632ca9
add user account delete UI 2019-11-05 12:22:27 -08:00