Commit graph

926 commits

Author SHA1 Message Date
Matt Baer
81edb739dd Fix mention links
by making them absolute, not relative.
2020-02-08 12:19:08 -05:00
Matt Baer
bb63e64883 Clean up getProfilePageFromHandle
- Export the func
- Remove commented-out code
- Use log, not fmt for debug messages
- Remove named return parameters
- Use standard var naming schemes
- Fix spacing in queries and remove unnecessary chars
2020-02-08 12:10:47 -05:00
Matt Baer
68d63d3fef Merge branch 'develop' into activitypub-mentions 2020-02-08 11:51:18 -05:00
Matt Baer
1b8f62d143 Require authenticated user on draft edit routes
- /edit
- /meta
2020-02-06 17:44:02 -05:00
Matt Baer
fec0eb2a0b
Merge pull request #251 from writeas/fix-memory-leak
Fix memory leak
2020-02-05 16:04:45 +01:00
Matt Baer
6e36868e92
Merge pull request #239 from techknowlogick/switch-xgo
Switch to a maintained fork of XGO
2020-02-05 14:56:22 +01:00
Matt Baer
1fd4230267
Merge pull request #248 from writeas/fix-drafts-html-entities
A minor Drafts page fix + improvement
2020-02-05 12:26:42 +01:00
Matti R
0ed3059bd7
add xgo to go mod 2020-01-31 16:34:36 -05:00
Matt Baer
ff33c59f27
Merge pull request #180 from writeas/cache-control
Add Cache-Control headers on AP endpoints

Closes T693
2020-01-31 12:00:47 +01:00
Matt Baer
5452bf0c0d
Merge pull request #254 from writeas/fix-local-datetime
Fix date format in `datetime` attribute
2020-01-31 11:00:43 +01:00
Matt Baer
51700cc7da Ignore "mix of collations" error on invite SELECT
This adds the `isIgnorableError` method and calls it when error checking
in `GetUserInvite()`, returning "not found" if the rror comes up.
2020-01-30 10:36:29 +01:00
Matt Baer
bc9455db4f Fix datetime attributes on read.tmpl 2020-01-30 10:20:50 +01:00
Matt Baer
5de2f633e1 Fix localdate.js not included on Tags page 2020-01-29 13:03:04 -05:00
Matt Baer
50901d2446 Fix date format in datetime attribute
Previously, the date format in this attribute for posts was invalid.
This caused local date rendering to fail in Firefox. This fixes that.

Closes #253
2020-01-29 13:01:21 -05:00
Matt Baer
d6b7a5925f Restrict /invite/{code} route to valid chars
Previously, loading something like /invite/fFdblk😄 would return a 500,
due to a mix of collations in MySQL while SELECTing for an invite with
an ID of 'fFdblk😄'. This restricts the route to [a-zA-Z0-9] chars, to
prevent this.
2020-01-29 09:11:02 -05:00
Matt Baer
93dd2341c2
Merge pull request #191 from writeas/T670-local-time
show timestamps in local date/locale
2020-01-29 07:10:43 -05:00
Matt Baer
4d5f58a7e6 Fix date-based post header links
Posts without an explicit title render the date as the post header in
lists of posts (like on the blog index and tag pages). This updates
localdate.js to properly adjust those dates, too.
2020-01-29 06:42:32 -05:00
Matt Baer
3e902461f1 Merge branch 'develop' into T670-local-time 2020-01-29 06:24:46 -05:00
Matt Baer
5ddd73eff4
Merge pull request #247 from writeas/update-upgrade-script
update upgrade script for recent changes
2020-01-29 05:53:58 -05:00
Matt Baer
b25cec8381 Update copyright in upgrade script 2020-01-29 05:49:12 -05:00
Matt Baer
be0885698e Change "restarting" to "starting" in upgrade script 2020-01-29 05:47:19 -05:00
Matt Baer
8fce34b70b Tidy up Go mod files 2020-01-29 05:24:22 -05:00
Matt Baer
ae1a892be0 Upgrade gorilla/sessions to v1.2.0
This gets rid of the gorilla/context dependency, which might have been
causing a memory leak.

We noticed some serious memory leakage on Write.as that seemed to point
to this library. One heap snapshot:

      flat  flat%   sum%        cum   cum%
  259.13MB 30.41% 30.41%   268.13MB 31.46%  net/textproto.(*Reader).ReadMIMEHeader
  105.71MB 12.40% 42.81%   105.71MB 12.40%  github.com/gorilla/context.Set
   78.53MB  9.21% 52.03%   125.53MB 14.73%  github.com/gorilla/sessions.(*Registry).Get
   55.51MB  6.51% 58.54%    82.52MB  9.68%  net/http.(*Request).WithContext
   38.01MB  4.46% 63.00%    38.01MB  4.46%  github.com/gorilla/mux.extractVars
      35MB  4.11% 67.11%       53MB  6.22%  context.WithCancel
   34.50MB  4.05% 71.16%    34.50MB  4.05%  context.WithValue
      27MB  3.17% 74.32%       27MB  3.17%  net/http.cloneURL
      26MB  3.05% 77.38%       26MB  3.05%  github.com/gorilla/sessions.NewSession
      18MB  2.11% 79.49%       18MB  2.11%  context.(*cancelCtx).Done
   16.50MB  1.94% 81.42%    16.50MB  1.94%  syscall.anyToSockaddr
      14MB  1.64% 83.07%       47MB  5.52%  github.com/gorilla/sessions.(*CookieStore).New
   13.50MB  1.58% 84.65%    51.51MB  6.04%  github.com/gorilla/mux.(*Route).Match
   11.67MB  1.37% 86.02%    13.21MB  1.55%  regexp.(*Regexp).replaceAll
    9.72MB  1.14% 87.16%    22.94MB  2.69%  regexp.(*Regexp).ReplaceAllString
    9.50MB  1.11% 88.28%   115.21MB 13.52%  github.com/gorilla/sessions.GetRegistry

With the help of these articles, we tracked it down to this dependency,
and upgraded the library, which seems to have completely fixed the issue
so far:

https://rover.rocks/golang-memory-leak/
https://medium.com/@walterwu_22843/golang-memory-leak-while-handling-huge-amount-of-http-request-35cc970cb75e

This should fix #133
2020-01-29 04:56:23 -05:00
Matt Baer
bf8dcff01e Quit AP goroutine early when there's no "to"
Previously, we'd sleep for 2 seconds and then return for no reason. This
fixes that.
2020-01-27 09:23:50 -05:00
Matt Baer
8d3e755c8f Return pointer to http.Client in activityPubClient() 2020-01-23 12:03:23 -05:00
Matt Baer
bc9843dfa3 Add timeout on ActivityPub requests 2020-01-23 11:47:35 -05:00
Matt Baer
fe26594e8c
Merge pull request #245 from writeas/fix-editor-open-access
Require authenticated user for editor access
2020-01-20 15:42:24 -05:00
Matt Baer
30032e74a0 Add helpful text on Drafts page 2020-01-20 15:25:37 -05:00
Matt Baer
b336e95e12 Render HTML entities in Drafts list
Previously, we'd show the raw HTML entities in the summaries of Draft
posts, instead of rendering them. This fixes that.
2020-01-20 15:20:45 -05:00
Rob Loranger
2c075c0347
update upgrade script for recent changes
changes accounted for
- the tar directory structure had changed to use a subdirectory
- there are now multiple linux targets released

bugs
- the service must be stopped before replacing the binary
- migrations were not being run during an upgrade
2020-01-19 15:57:58 -08:00
Matt Baer
8e09e72979 Require authenticated user for editor access
Previously, anyone could access the editor even if they weren't logged
in. They couldn't do much in that case (publishing would fail), but it
could potentially cause some confusion.

Now, users will be sent to the login page, and then redirected back to
the editor once successfully logged in.
2020-01-16 14:50:29 -05:00
Matt Baer
b9914dd65a
Merge pull request #244 from writeas/oauth-signup-tweaks
OAuth signup form tweaks

Resolves T715
2020-01-16 14:46:48 -05:00
Matt Baer
c1ec6b2605 Fix copyright years in oauth_slack.go 2020-01-16 14:43:32 -05:00
Matt Baer
dcdd4dd1ef Add and update copyright notices 2020-01-16 14:39:18 -05:00
Matt Baer
803dd78df5 Remove Password field from OAuth signup page
This removes a bit of friction.

Ref T715 T712
2020-01-16 14:30:09 -05:00
Matt Baer
f7dabd39c2 Skip password requirement on OAuth signup
This makes it possible to complete OAuth signup without creating a
password on the WriteFreely instance.

A user can then add a password to their account through their Account
Settings page without any admin action (all of this logic is already in
place).

Ref T715 T712
2020-01-16 14:25:33 -05:00
Matt Baer
b5a38efd28 Fall back to username as coll title on OAuth signup
This uses the given username as the Display Name / Collection Title if a
user doesn't give one -- as might happen when authenticating with
Write.as.

Ref T712
2020-01-16 14:09:42 -05:00
Matt Baer
130c9eb747 Change Blog Title to Display Name in OAuth signup
Ref T712
2020-01-16 13:58:14 -05:00
Matt Baer
6842ab2e3b Rename collTitle from alias
"alias" is the name of a different collection field, so this renames the
variable internally to make things clearer.
2020-01-16 13:50:37 -05:00
Matt Baer
4d5c89e7ef Fix false login state on OAuth signup page
Having a `Username` field populated in the page data tells the base
template to display navigation that only a logged in user should see. So
this renames the field to `LoginUsername`, similar to our login.tmpl
page.

Ref T712
2020-01-16 13:37:44 -05:00
Matt Baer
33a6129d1e Add async username check on OAuth signup form
This checks the user's inputted username as they type it, and prevents
form submission if the name is taken.

Ref T712
2020-01-16 13:18:23 -05:00
Matt Baer
f2f779e4a2 Generate non-colliding usernames in all lowercase
All usernames should be lowercase, so this generates any username suffix
(in cases of collision) with only lowercase letters. It also removes
vowels to prevent bad 5-letter words from forming.

Ref T712
2020-01-16 12:29:01 -05:00
Matt Baer
d297859705 Reserve the username "oauth" 2020-01-16 12:18:21 -05:00
Nick Gerakines
5d834c1cd2 Minor code cleanup on settings page to improve oauth account management UI. T713 2020-01-15 13:37:57 -05:00
Nick Gerakines
c0317b4e93 Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713 2020-01-15 13:16:59 -05:00
Rob Loranger
571460f08d
move timezone correction to client side 2020-01-15 09:04:38 -08:00
Rob Loranger
0766e6cb36
fixes imported post times
changes the client side to round the unix time to avoid floats

alters the time to match the client time zone on the server side
2020-01-14 10:44:56 -08:00
Matti R
80cffbb3ec
update golang.org/x/crypto vendor to use acme v2
also run go mod tidy to clean up module files
2020-01-14 12:46:52 -05:00
Matt Baer
75e2b60328
Merge pull request #172 from writeas/import-text
add basic text file imports

Resolves T609
2020-01-14 12:33:57 -05:00
Matt Baer
3e97625cca Fix Unix timestamps on client during import
File API gives timestamp in milliseconds, not seconds, so this converts
it on the client-side and sends it the correct time to the server.

Ref T609
2020-01-14 12:26:02 -05:00