This adds a self-serve password reset page. Users can enter their username
and receive an email with a link that will let them create a new password.
If they've never set a password, it will send them a one-time login link
(building on #776) that will then take them to their Account Settings page.
If they don't have an email associated with their account, they'll be
instructed to contact the admin, so they can manually reset the password.
Includes changes to the stylesheet and database, so run:
make ui
writefreely db migrate
Closes T508
Now, on OAuth signup form, we create a unique username with random appended string only if there's a conflict.
Previously, this was always happening during the Slack OAuth flow. This has the benefit of preventing username collisions for all OAuth providers.
This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered.
It enables invite-only instances with OAuth-based registration.
This acknowledges "too many connections" and "max user connections"
errors in MySQL and propagates the error up the chain so we can notify
the user and return the correct HTTP code.
This moves logic for determining whether or not to show a "Sign up" page
on /signup (i.e. because the `/` route shows another, non-signup page)
into the AppCfg.SignupPath() method. It also changes various signup
links to use this value.
Having a `Username` field populated in the page data tells the base
template to display navigation that only a logged in user should see. So
this renames the field to `LoginUsername`, similar to our login.tmpl
page.
Ref T712
Previously, a failed login would change the site-wide navigation so that
it looked like the user was logged in, even though they weren't. This
fixes that.
This adds a new `wf_modesty` config option that removes the copious
mentions of WriteFreely in places like the About page and site
footers.
WriteFreely remains boastful and bumptious by default; but enabling
the modesty option will tone it down and likely lead to less confusion
among average users.
Ref T676
This enables admins to customize their landing / home page via the Admin
dashboard -- including the text at the top of the page and the section
below it. It keeps the current default text, falling back to it if the
user hasn't overwritten it.
Ref T565
Now admins can choose a title for their About and Privacy pages; now
editable through the instance page editor.
This adds `title` and `content_type` fields to the `appcontent` table,
requiring a migration by running `writefreely --migrate`
The content_type field specifies that items we're currently storing in
this table are all "page"s; queries for fetching these have been updated
to filter for this type. In the future, this field will be used to
indicate when an item is a stylesheet (ref T563) or other supported
type.
Ref T566
This includes:
- A new `user_invites` config value that determines who can generate
invite links
- A new page for generating invite links, with new user navigation link
- A new /invite/ path that allows anyone to sign up via unique invite
link, even if registrations are closed
- Tracking who (of registered users) has been invited by whom
It requires an updated database with `writefreely --migrate` in order to
work.
This closes T556
