ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Commit graph

  • 2a69f0193f server/auth: add token authentication ReAnzu 2018-02-25 04:44:02 -0600
  • e35e709927 docs/install: use example.com for example domain rr- 2018-03-22 09:42:58 +0100
  • 020d8b42ba docs/api: more ocd rr- 2018-03-22 09:37:31 +0100
  • a297489d97 docs/api: delete trailing commas rr- 2018-03-22 09:35:24 +0100
  • a3be5135ff docs/api: whitespace rr- 2018-03-22 09:34:36 +0100
  • 0f8fc5efa8 imports rr- 2018-03-22 09:27:31 +0100
  • 8f43c0db2d formatting rr- 2018-03-22 09:19:45 +0100
  • 472f153960 formatting rr- 2018-03-22 09:17:26 +0100
  • a0ea1dc64a formatting rr- 2018-03-22 09:15:46 +0100
  • e678dcb872 move date to polyfill rr- 2018-03-22 09:09:57 +0100
  • 5f835e9d55 wrap to 80 characters rr- 2018-03-22 09:08:30 +0100
  • 2cfd635954 remove dead code rr- 2018-03-22 09:06:53 +0100
  • 2f857f00b2 server/api.md: Fix broken API docs ReAnzu 2018-03-21 20:52:48 -0500
  • 70e81bdce9 server/user_token: enabled cannot be None, no need for exception ReAnzu 2018-03-11 09:34:57 -0500
  • 141abf15c9 docs: update typos and formatting rr- 2018-03-11 01:24:55 +0100
  • 12b751f066 server/user_token: empty notes after strip will be saved as nulls ReAnzu 2018-03-10 19:53:55 -0600
  • 50efa71e0c Link to allow changing the note on the interface. ReAnzu 2018-03-10 19:46:06 -0600
  • a88ace403f Page formatting/style updates ReAnzu 2018-03-10 19:02:09 -0600
  • 5ce8fab533 Implement last usage time ReAnzu 2018-03-10 18:15:00 -0600
  • 8d8477ee6b client/user: Updating the title on the delete token button. ReAnzu 2018-03-10 16:27:20 -0600
  • e0d1d9a12e client/user: UI cleanup ReAnzu 2018-03-10 16:07:48 -0600
  • bc6d2dceb5 server/auth: updated typing on is_valid_token to agree with the implementation ReAnzu 2018-03-10 13:22:59 -0600
  • f19c82d110 Addressed defects * Deleting the current token used for the session, now forces a logout. * Removed an assert in the is_valid_token code that was erroneous. * Sorted imports in test_auth according to style. ReAnzu 2018-03-10 13:18:26 -0600
  • 053bd591a0 server/auth: fixed borked imports ReAnzu 2018-03-10 11:47:18 -0600
  • 6f53ca92d9 client/user: Removed async/await code * Moved user_token retrieval for display to the Promise.all pattern used elsewhere in the codebase. ReAnzu 2018-03-10 11:43:18 -0600
  • f532144a18 server/user_tokens: harden implementation * Added additional testing around the expiration time and notes * Forced rfc3339 datetime compliance for provided expiration_time values on user tokens * Simplified the update method from expiration_time on user_tokens * Updated API doc with correct field name for expirationTime ReAnzu 2018-03-10 11:20:04 -0600
  • 3a582a2a99 Address code review comments ReAnzu 2018-03-08 19:00:30 -0600
  • 22d9e584fa Address code review comments ReAnzu 2018-03-08 18:58:06 -0600
  • a900c54fe6 Address code review comments ReAnzu 2018-03-08 18:55:41 -0600
  • aa2963c0c6 Code and documentation cleanup ReAnzu 2018-03-07 19:50:40 -0600
  • fd9c224c06 Resolved timezone defect on python 3.5 ReAnzu 2018-03-03 00:43:11 -0600
  • 606ef31b01 Added note and expiration fields to the user_token model * Updated UI to show more information about the token. * Updated the js API to note the client token when creating it. * Added prototype override to do add day calculations on dates. * Updated auth check against token to inspect the expiration date of the token if it possesses one. ReAnzu 2018-03-02 02:37:31 -0600
  • 87c9c27fba Address pull request comments * Revised error messages ReAnzu 2018-03-01 07:32:55 -0600
  • 8b320ff978 Address pull request comments * Reformatted javascript * Appeased pycodestyle * TODO Add Expiration and Note fields to tokens? ReAnzu 2018-03-01 07:21:54 -0600
  • 483c32cfbf User Token Authentication * Users are only authenticated against their password on login, and to retrieve a token. * Passwords are wiped from the app and cookies after login and token retrieval * Tokens are revoked at the end of the session/logout * If the user chooses the "remember me" option, the token is stored in the cookie * A user interface to revoke tokens will be added * Tokens correctly delete themselves on logout * API documentation updated for the new user-token endpoints * Added a Manage tokens tab to the user panel * Added bullet point about the token authentication for the API * Added tests for new endpoints and tests against authentication middleware ReAnzu 2018-02-25 04:44:02 -0600
  • 31497000b3
         Merge 45f85412f5 into a98ca55391 kenny 2018-03-10 19:42:03 +0000
  • 46b5a78ec0
         Merge ae139d55ce into a98ca55391 Michael Serajnik 2018-03-10 16:45:46 +0000
  • a98ca55391 client/css: optimize help view margins Michael Serajnik 2017-12-25 00:16:13 +0100
  • db9132432b client/css: add default margins Michael Serajnik 2017-12-25 00:15:46 +0100
  • 23a28ce69c client/css: make tab navigations scrollable on smaller screens Michael Serajnik 2017-12-18 19:41:53 +0100
  • a962bb351a client/css: refine mobile sidebar styling Michael Serajnik 2017-12-18 19:06:44 +0100
  • a08c7d65da client/css: add scrollbar styling Michael Serajnik 2017-12-18 19:06:24 +0100
  • 7596f9042c client/css: remove margin on empty post container Michael Serajnik 2017-12-18 04:01:28 +0100
  • 9b10d2bebf client/css: add default font sizes for headings Michael Serajnik 2017-12-18 03:42:49 +0100
  • e15dffa1dc client/css: change container paddings to be viewport size independent Michael Serajnik 2017-12-18 03:36:45 +0100
  • 4ce29cf222 client/css: change font size declarations to em Michael Serajnik 2017-12-18 03:35:30 +0100
  • 26a1451ff6 client/css: improve mobile styling Michael Serajnik 2017-12-16 03:45:51 +0100
  • c770ad8f28 client/posts: fix copy tags list of string values error #153 ReAnzu 2018-03-09 00:19:17 -0600
  • 1e6ced5583 client/posts: fix copy tags list of string values error #153 ReAnzu 2018-03-09 00:19:17 -0600
  • 611832c43f
         Merge 72ff93784b into 3f52aceca4 ReAnzu 2018-03-08 22:47:44 +0000
  • 3f52aceca4 server/users: harden password hashes ReAnzu 2018-02-24 23:45:00 -0600
  • ab3fe31646
         Merge 19b41c20f2 into 7519e071e7 ReAnzu 2018-03-08 22:38:43 +0000
  • 7519e071e7 server/posts: deleting a post purges its artifacts ReAnzu 2018-02-24 01:57:31 -0600
  • 72ff93784b server/migrations: Address code review comments ReAnzu 2018-03-08 16:36:23 -0600
  • 19b41c20f2 server/tests: Address code review comments ReAnzu 2018-03-08 16:34:42 -0600
  • 12ec43f098 server/posts: auto convert GIFs to WEBMs/MP4s ReAnzu 2018-03-08 00:47:58 -0600
  • 4ff8be6a2f server/posts: ignore ffmpeg warnings ReAnzu 2018-03-08 00:41:24 -0600
  • 82c295fb60
         Merge branch 'master' into auto-conversion-options-for-animated-gif Marcin Kurczewski 2018-03-08 07:46:56 +0100
  • 77326da4f4 Allow thumbnails to be generated even if ffmpeg throws warnings (#157) ReAnzu 2018-03-08 00:41:24 -0600
  • 5a585cb01d Missed name shadowing issue ReAnzu 2018-03-07 19:55:38 -0600
  • 87140cadba Missed an indentation change. ReAnzu 2018-03-07 19:53:15 -0600
  • 9c13c6ae56 Resolved code formatting change requests ReAnzu 2018-03-07 19:32:28 -0600
  • 02a2e234e1 Resolved code formatting change requests ReAnzu 2018-03-07 19:20:42 -0600
  • aae955220b Resolved code formatting change requests ReAnzu 2018-03-07 19:07:41 -0600
  • 4dcbfbdc33 Resolved code formatting change requests ReAnzu 2018-03-07 19:00:44 -0600
  • 12ef319e1d
         Merge cf409ffb09 into 4b3529272e ReAnzu 2018-03-07 20:31:24 +0000
  • 4b3529272e server/users: let administrators add new users ReAnzu 2018-02-23 22:05:58 -0600
  • 45f85412f5
         Add example config for the Caddy HTTP server kenny 2018-03-07 12:46:10 +0100
  • 2bb7e62837 Fixed improper formatting for the resize constant ReAnzu 2018-03-03 00:47:05 -0600
  • addd2afdaa Configuration gate for feature * Put source and thumbnail deletion functionality behind configuration * Updated tests with new configuration parameter ReAnzu 2018-03-02 23:13:32 -0600
  • bedc03b18f Revision 3 can't exist yet, default to 0 for other lengths. ReAnzu 2018-03-02 22:50:20 -0600
  • 76c5c202b1 Updated migration * Modified migration to do an in place update of the password revision based on the hash length ReAnzu 2018-03-02 22:47:22 -0600
  • cb1f79ae98 Address pull request comments * Not married to the constants on mime, but atleast standardized them * Moved application/ogg to a constant to be consistent * Removed extraneous newlines * appeased pycodestyle * TODO: ideas for how to let a post have multiple source formats? ReAnzu 2018-03-01 02:39:57 -0600
  • 3276662c39 Address pull request comments * Added column password_revision. This field will default to 0, which all passwords will have till they're updated. After that each password hash method has a revision. * appeased pycodestyle ReAnzu 2018-03-01 02:24:15 -0600
  • 8dc24f0da7 Address pycodestyle comments and extraneous newlines ReAnzu 2018-03-01 01:41:08 -0600
  • cf409ffb09 The created user should always be the payload returned. ReAnzu 2018-03-01 01:29:36 -0600
  • ac8d683581 Added auto conversion options to the config for gif to mp4 and webm * webm conversion is slow, but better quality than mp4 conversion and with a typically smaller file size * tags are copied over from the original upload * Snapshots are generated for the new auto posts ReAnzu 2018-02-24 01:06:11 -0600
  • eaf2fb15f8 Allow thumbnails to be generated even if ffmpeg throws warnings ReAnzu 2018-02-24 01:48:10 -0600
  • 0815c99740 Delete thumbnails and post source immediately on post delete ReAnzu 2018-02-24 01:57:31 -0600
  • 0cd5600163 Changed password setup to use libsodium and argon2id * Regular SHA256 hashing for passwords is inadequate as modern GPU's can hash generate billions of hashes per second. * Added code to auto migrate old passwords to the new password_hash if the existing password_hash matches either of the legacy password generation schemes (SHA1 or SHA256). * Added migration to support new password_hash format length * Added auth tests ReAnzu 2018-02-24 23:45:00 -0600
  • 8792db0004 users:create:any permission and UI update * Added functionality for administrators to directly add users to the application * Added permission users:create:any to handle level that users are allowed to create other users * Moved old permission users:create to users:create:self ReAnzu 2018-02-23 22:05:58 -0600
  • 07c5bcf7f7
         Merge 5c929356bf into a1fbeb91a0 ReAnzu 2018-02-28 05:18:11 +0000
  • 5c929356bf Merge branch 'master' into github-master ReAnzu 2018-02-27 22:40:35 -0600
  • 148ed9700f Merge branch 'develop' into 'master' ReAnzu 2018-02-27 22:32:33 -0600
  • d9b3160437 Fixed existing tests, added new tests around endpoints, authentication, and password hash hardening ReAnzu 2018-02-27 22:29:38 -0600
  • 187ab77ebd Resolved a few failing tests due to config issues ReAnzu 2018-02-27 19:29:58 -0600
  • 70a42c9df2 Resolved the logout issue for when users:create:any is executed. * Resolved an issue where user_tokens:*:any permissions didn't operate on the correct user. * Updated user_token -> user_tokens permissions to mirror other permissions. ReAnzu 2018-02-27 18:34:37 -0600
  • 05d2785ec6 Added a Manage tokens tab to the user panel ReAnzu 2018-02-27 18:14:07 -0600
  • 23268ded75 ignoring local data folder ReAnzu 2018-02-27 11:26:38 -0600
  • 22cf806220 Added versioning, cleaned up API documentation, fixed endpoints, resolved logout diplay update issue ReAnzu 2018-02-26 21:47:01 -0600
  • d0b423e91c Updated API documentation for the new user-token endpoints ReAnzu 2018-02-26 20:45:51 -0600
  • deb70e5f28 Tokens now correctly delete themselves ReAnzu 2018-02-26 19:53:56 -0600
  • f11f4e9313 Revert "Cleanup func imports, and small formatting changes." ReAnzu 2018-02-26 19:52:02 -0600
  • 796563f772 Cleanup func imports, and small formatting changes. ReAnzu 2018-02-25 17:30:48 -0600
  • a526a56767 Users are only authenticated against their password on login, and to retrieve a token. * Passwords are wiped from the app and cookies after login and token retrieval * Tokens are revoked at the end of the session/logout * If the user chooses the "remember me" option, the token is stored in the cookie * A user interface to revoke tokens will be added ReAnzu 2018-02-25 04:44:02 -0600
  • d6ee744777 Added migration to support new password_hash format ReAnzu 2018-02-25 00:05:15 -0600
  • 0e5fbde097 Changed password setup to use libsodium and argon2id * regular SHA256 is not secure * added code to auto migrate old passwords to the new password_hash if the existing password_hash matches either of the old password generation schemes. ReAnzu 2018-02-24 23:45:00 -0600
  • 2383e75aa5 Merge branch 'master' into github-master ReAnzu 2018-02-24 01:59:59 -0600
  • 838ced3aae Delete thumbnails and post images immediately on post delete ReAnzu 2018-02-24 01:57:31 -0600
  • 4f612a6f64 Allow for thumbnails to be generated even on ffmpeg warnings ReAnzu 2018-02-24 01:48:10 -0600