ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
936 commits 4 branches 22 tags 15 MiB
Commit graph

936 commits

This branch
This branch
All branches
Author SHA1 Message Date
ReAnzu
5c929356bf Merge branch 'master' into github-master 2018-02-27 22:40:35 -06:00
ReAnzu
148ed9700f Merge branch 'develop' into 'master' 
Develop

See merge request reanzu/szurubooru!1
 2018-02-27 22:36:22 -06:00
ReAnzu
d9b3160437 Fixed existing tests, added new tests around endpoints, authentication, and password hash hardening 2018-02-27 22:29:38 -06:00
ReAnzu
187ab77ebd Resolved a few failing tests due to config issues 2018-02-27 19:29:58 -06:00
ReAnzu
70a42c9df2 Resolved the logout issue for when users:create:any is executed. 
* Resolved an issue where user_tokens:*:any permissions didn't operate on the correct user.
* Updated user_token -> user_tokens permissions to mirror other permissions.
 2018-02-27 18:34:37 -06:00
ReAnzu
05d2785ec6 Added a Manage tokens tab to the user panel 2018-02-27 18:14:07 -06:00
ReAnzu
23268ded75 ignoring local data folder 2018-02-27 11:26:38 -06:00
ReAnzu
22cf806220 Added versioning, cleaned up API documentation, fixed endpoints, resolved logout diplay update issue 2018-02-26 21:47:01 -06:00
ReAnzu
d0b423e91c Updated API documentation for the new user-token endpoints 2018-02-26 20:45:51 -06:00
ReAnzu
deb70e5f28 Tokens now correctly delete themselves 2018-02-26 19:53:56 -06:00
ReAnzu
f11f4e9313 Revert "Cleanup func imports, and small formatting changes." 
This reverts commit 796563f
 2018-02-26 19:52:02 -06:00
ReAnzu
796563f772 Cleanup func imports, and small formatting changes. 2018-02-25 17:30:48 -06:00
ReAnzu
a526a56767 Users are only authenticated against their password on login, and to retrieve a token. 
* Passwords are wiped from the app and cookies after login and token retrieval
* Tokens are revoked at the end of the session/logout
* If the user chooses the "remember me" option, the token is stored in the cookie
* A user interface to revoke tokens will be added
 2018-02-25 04:44:02 -06:00
ReAnzu
d6ee744777 Added migration to support new password_hash format 2018-02-25 00:05:15 -06:00
ReAnzu
0e5fbde097 Changed password setup to use libsodium and argon2id 
* regular SHA256 is not secure
* added code to auto migrate old passwords to the new password_hash if the existing password_hash matches either of the old password generation schemes.
 2018-02-24 23:45:00 -06:00
ReAnzu
2383e75aa5 Merge branch 'master' into github-master 
# Conflicts:
#	server/szurubooru/api/user_api.py
 2018-02-24 01:59:59 -06:00
ReAnzu
838ced3aae Delete thumbnails and post images immediately on post delete 2018-02-24 01:57:31 -06:00
ReAnzu
4f612a6f64 Allow for thumbnails to be generated even on ffmpeg warnings 2018-02-24 01:48:10 -06:00
ReAnzu
90044eacd2 Added auto conversion option for gif to mp4,webm 
* webm conversion is slow, but better quality than mp4 conversion and with a typically smaller filesize
 2018-02-24 01:06:11 -06:00
ReAnzu
bc947a14ae Working on adding functionality for administrators to directly add users to the application 2018-02-23 22:05:58 -06:00
ReAnzu
40ac9185b3 Revert "Added the ability to disable registration in the config file" 
This reverts commit a5211d9

Functionality already exists through elevating the privilege of the users:create role above anonymous
 2018-02-23 20:58:19 -06:00
ReAnzu
a5211d9483 Added the ability to disable registration in the config file 2018-02-23 18:09:37 -06:00
rr-
a1fbeb91a0 server/users: fix checking passwords with colons 2018-02-10 14:04:02 +01:00
rr-
59d8b0d4c5 client: update dependencies 2018-01-06 21:35:53 +01:00
Michael Serajnik
69421464f6 client/posts: override resize mode in home view 2017-12-15 19:11:39 +00:00
Michael Serajnik
85cb3d4702 client/help: fix spelling issues 2017-12-02 23:38:22 +01:00
rr-
f8c7375b01 server/tags: allow uppercase tag category colors 
i.e. colors such as "#FF0000"
 2017-10-08 21:38:38 +02:00
rr-
cdf454818c client: widen search inputs to match post search 2017-10-02 21:08:13 +02:00
rr-
4848bee5e3 client/tags: remove unused cruft 2017-10-01 22:09:00 +02:00
rr-
36698cddc2 client/posts: fix promise chaining 2017-10-01 22:00:42 +02:00
rr-
1c4c5c5f91 remove tags.json 2017-10-01 21:48:00 +02:00
Robin Appelman
253e28c1b5 client/posts: add shortcut for deleting posts 2017-09-23 20:05:57 +02:00
Robin Appelman
6d78c5e55d client/posts: fix keyboard nav to next/prev post 
The exact search query was discarded.
 2017-09-23 16:10:03 +02:00
rr-
795891767e client/home: fix featured WEBMs being unclickable 2017-09-09 23:42:00 +02:00
rr-
234afc8dfe client: update dependencies 2017-08-25 23:54:29 +02:00
rr-
87735110aa client/posts: add copying notes to clipboard 
Saves some frustration when losing changes due to editing conflict
 2017-08-25 23:53:51 +02:00
rr-
674d6c35d7 server/posts: add posts:view:featured privilege 2017-08-24 17:17:09 +02:00
rr-
4afece8d50 server/posts: add non-guessable IDs to post URLs 2017-08-24 17:17:09 +02:00
Michael Serajnik
90b0d77147 client/build: fix build, use uglify-es package directly 2017-08-11 17:36:10 +02:00
rr-
043b182b5e client/paging: add cues for qutebrowser 2017-06-25 17:47:40 +02:00
rr-
3c138685ea server/images: handle resizing errors 2017-05-03 12:10:04 +02:00
rr-
a1b762c65f api: fix getting cached disk usage with empty dirs 2017-05-01 20:26:53 +02:00
rr-
4bc58a3c95 server: lint 2017-04-24 23:30:53 +02:00
rr-
fea9a94945 client/routing: fix certain history bug 
The bug could be reproduced as follows:

1. Navigate to /posts
2. Search for "test"
3. Navigate to /posts again
4. Refresh the page

The user should see plain post list, but instead they were seeing the
"test" search results again as if step 3 never happened.
 2017-04-24 23:02:25 +02:00
rr-
467b4a7630 server/tags: fix nondeterministic siblings order 2017-04-24 22:48:11 +02:00
rr-
8e5798ab8c server/tests: fix content sync tests on postgres 2017-04-24 22:36:41 +02:00
rr-
e4aa38f159 server/search: fix errors on negative page offsets 2017-04-24 22:12:12 +02:00
rr-
ba4df16499 server/search: add search term escaping 2017-04-24 21:59:38 +02:00
rr-
9814b132c3 server/search: fix searching for --- 
Allow only one negation sign.
Also throw an error if user searches only for "-".
 2017-04-24 19:55:02 +02:00
rr-
0014721053 server/tags: fix retrieving many tags 2017-04-19 14:44:54 +02:00