4fe288f17c
server: rewrite user status queries in SQL
2023-01-08 20:02:21 +00:00
cd26e3a35c
fixup: missing parenthesis
2023-01-08 19:34:03 +01:00
c7ab8839dc
BREAKING: remove admin/delete-account, change admin/accounts/delete
...
You should use the API endpoint admin/accounts/delete.
It has the same parameter and the same behaviour.
The admin/accounts/delete endpoint now requries administrator privileges
instead of just moderator privileges.
Changelog: Removed
2023-01-07 23:53:48 +01:00
1eda1760d1
server: refactor to always use deleteAccount service
...
This should reduce code duplication around how deletion of an actor is
handled.
2023-01-07 19:46:05 +01:00
8772181b6f
server: refactor remote host check to validateActor
...
Instead of checking that an actor is not from the local host separately,
it seems like a good idea to do it in the central place that is supposed
to validate an actor.
2023-01-07 19:46:05 +01:00
5102d0bc2e
chore: remove unused user_group_invite table
...
Based on `1558257926829-UserGroupInvite.js` but switched `up` and `down`
migrations around.
Closes #314
2023-01-06 02:51:44 -05:00
cdba5447e6
server: remove joins to avatar and banners in children endpoint
...
Reviewed-on: FoundKeyGang/FoundKey#303
2023-01-05 21:05:22 +01:00
4bb814adfc
client: add space between endpoint and code in error message
2023-01-05 20:55:03 +01:00
35e9d7f958
client: fix null i18n interpolation values
...
Fixed the occurence that was reported in
<FoundKeyGang/FoundKey#317 > along with a similar one.
Fixes <FoundKeyGang/FoundKey#317 >
Also changed the i18n code so this should not happen any more in the general case.
2023-01-05 20:50:25 +01:00
a0c2cf328e
server: fix redirected fetch
...
Don't throw a StatusError on an intended redirect.
2023-01-05 20:03:38 +01:00
334368f6e2
fix: allow to pick higher visibility than chosen before
...
If you selected a lower visibility that one would then be used as
the parent visibility. Instead it is necessary to use two separate
variables, one for parent and one for the preselected visibility.
2023-01-04 21:39:33 +01:00
3efa7046bd
meta: don't type check dependencies
2023-01-04 20:59:31 +01:00
48f8fb97df
activitypub: use quoteUri instead of quoteUrl
...
It's not quite Mastodon, but still, I said they'd use a different approach...
Changelog: Changed
2023-01-04 20:56:06 +01:00
0230f819e2
fixup: wrong negation
...
This is a fixup for commit 417d252e9d
.
2023-01-04 19:09:03 +01:00
08af6fda37
fix some type errors
2023-01-03 22:18:01 +01:00
0c8a3cfeec
server: fix lints
2023-01-03 03:51:38 +01:00
8bc366fde0
server: fix comma-dangle lint
2023-01-03 02:47:58 +01:00
417d252e9d
server: fix custom lint typeorm-prefer-count
2023-01-03 02:42:42 +01:00
b54e07caec
enhance typeorm-prefer-count lint rule
2023-01-03 02:41:53 +01:00
e0560dbe9e
client: dont display tooltip if software name unknown
...
Changelog: Fixed
2023-01-02 21:51:13 +01:00
5b898c6c82
chore: update yarn files
2023-01-02 21:40:12 +01:00
6010884e62
cleanup: translate japanese, use SECOND constant
2023-01-02 21:07:56 +01:00
b423d23cf6
server: fix custom lint typeorm-prefer-count
2023-01-02 21:07:02 +01:00
29714d1ae0
add custom eslint rule to prefer countBy over findBy
2023-01-02 20:58:33 +01:00
7bf4d4426a
use count instead of find to check existence
2023-01-02 14:43:27 +01:00
d28931bf00
server: remove dateUTC function
2023-01-02 12:45:30 +01:00
2a46719f31
server: set file permissions after copy
...
This explicitly sets the file permissions to allow everyone to read files
since apparently multer sometimes doesn't set the permissions we expect.
Ref: FoundKeyGang/FoundKey#202
Changelog: Fixed
2023-01-02 12:44:09 +01:00
7f564431be
server: fixup sql
...
Fixup to 0b7c9095bf
.
2023-01-02 00:11:35 +01:00
0fbd7fa492
client: fix 500 error in notifications
...
closes FoundKeyGang/FoundKey#73
Changelog: Fixed
2023-01-01 23:32:01 +01:00
3aaa9facc6
translate japanese to english
2023-01-01 23:30:43 +01:00
8f09b05e7c
chore: remove reversi database tables
...
Changelog: Fixed
2023-01-01 22:27:34 +01:00
8b0b7ff525
server: change default value for api/admin/show-users origin param
...
Changed from "local" to "combined" to fix a bug when the hostname is set
but origin is not.
Changelog: Changed
2023-01-01 22:11:19 +01:00
0b7c9095bf
server: don't return users twice in search
2023-01-01 21:22:53 +01:00
338e898f56
client: disable unavailable visibilities
2023-01-01 21:02:55 +01:00
3a9d283630
client: make mod patterns display when seeking on stopped track
2022-12-29 21:43:34 +01:00
ed27f61a4d
client: add mod tracker
...
Squashed commit of the following:
commit 54f0b67b25bc6064b5c0ab3982e20943859aff76
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 21:27:15 2022 +0100
use nextTick instead of setTimeout
commit 6998cae7e3a706b00c1b63320750dab279f13e3d
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 21:14:55 2022 +0100
my absolute terrible fix to the unhide issue
commit 79f546d1509185c315a5db7e12985e01ed430b08
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 21:01:35 2022 +0100
stop player on hide/unhide
commit 6b7f13e8ef48d74edb92441144051e4225b27f71
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 10:36:59 2022 +0100
make webkit style range slider the same
commit 8a267c5cdc5c1e98d6dd1e038571d92d01985a98
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 01:16:18 2022 +0100
restyling range inputs
commit c39e1671b2957326ff91746da44091d728f58e82
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 00:57:47 2022 +0100
make module seekable
commit c1762f27ae2e4d342ede88018f777c75b8b31d4a
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 00:14:35 2022 +0100
remove accesskey attribs
commit 08f75a01f1c2359799e4c2ec734a391d3abfc07c
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 00:12:23 2022 +0100
v-else on play button
commit 9302a9faaa5a75c33314befb3f8e0f414e9d886b
Author: Puniko <me@absturztaube.ch>
Date: Thu Dec 29 00:08:19 2022 +0100
replace filter with some
commit bffd15daedf55f7623d6ebd777a12384274b89d6
Author: Puniko <me@absturztaube.ch>
Date: Wed Dec 28 09:13:20 2022 +0100
add chiptune2 and libopenmpt into COPYING
commit 794298c21c6fe09909136d141fd2a6b83eb64a89
Author: Puniko <me@absturztaube.ch>
Date: Tue Dec 27 15:32:43 2022 +0100
little cleanup
commit f383aec1cd5a9f8a44539d9f802dee2d1332f64c
Author: Puniko <me@absturztaube.ch>
Date: Tue Dec 27 15:23:25 2022 +0100
repeat only once and proper handling of track ending
commit fdaa9614c993de306789ecafc38d781d350fe1ab
Author: Puniko <me@absturztaube.ch>
Date: Tue Dec 27 14:52:20 2022 +0100
prevent losing connection when downloading module
commit 6c5723c795a3610558111f5d0cd6f39dcfd06965
Author: Puniko <me@absturztaube.ch>
Date: Tue Dec 27 14:45:59 2022 +0100
colours!!! 🌈
commit dba4f0a4a909b956d928bfb7e4f0321291a096e0
Author: Puniko <me@absturztaube.ch>
Date: Tue Dec 27 13:01:06 2022 +0100
replace with i18n
commit 4234dfbdbc7f9b73fe07348af1fe2590db4e811d
Author: Puniko <me@absturztaube.ch>
Date: Mon Dec 26 15:47:10 2022 +0100
retab
commit 0cc1ea8c3ec14fde81936ec3c9eed4d06ad52d95
Author: Puniko <me@absturztaube.ch>
Date: Mon Dec 26 15:19:28 2022 +0100
include libopenmpt tracker to foundkey
commit c2437c696a5dabb8581fd81f7852cdd6091fe00f
Author: Puniko <me@absturztaube.ch>
Date: Mon Dec 26 12:08:49 2022 +0100
add libopenmpt
Reviewed-on: FoundKeyGang/FoundKey#306
Changelog: Added
2022-12-29 21:36:44 +01:00
ed9d4023d4
backend: add argon2 support
...
Passwords will be automatically re-hashed on sign-in.
All new password hashes will be argon2 by default.
This uses argon2id and is not configurable.
In the very unlikely case someone has more specific needs,
a fork is recommended.
ChangeLog: Added
Co-authored-by: Chloe Kudryavtsev <code@toast.bunkerlabs.net>
Reviewed-on: FoundKeyGang/FoundKey#308
2022-12-29 20:13:47 +00:00
76a8e000a3
client: only catch erroneous key errors in i18n.ts
2022-12-27 21:47:34 +01:00
a673647fba
server: remove avatarColor and bannerColor properties
...
According to comments next to those properties, they were kept for backward compatibility.
However they were always being set to null.
Changelog: Removed
2022-12-26 18:52:16 +01:00
eea2eb4919
use Promise.all instead of separate promises
2022-12-25 19:04:00 +01:00
114d416de0
server: refactor password hashing & comparison to module
...
For easier replacement should the hash algorithm ever be changed.
2022-12-25 19:03:51 +01:00
c2372315f7
server: improve error messages
...
Refactor Error's to ApiError's.
Changelog: Changed
2022-12-25 16:07:48 +01:00
de3cdb5833
activitypub: block check for resolving collections
2022-12-24 18:39:44 -05:00
a732cdc1ad
activitypub: perform block check in performOneActivity
2022-12-24 18:39:44 -05:00
a8f82050c8
activitypub: perform resolver block check on objects as well
2022-12-24 18:39:44 -05:00
8e12b9a33e
server: restore original comment for skippedInstances
2022-12-24 15:01:32 -05:00
6583d0c43d
server: pass in resolved meta table to shouldBlockInstance
...
This should make it more friendly to use in places where the meta table
has already been resolved for other reasons.
2022-12-24 14:56:48 -05:00
c02a03168d
fixup tooltip: use this instead of self
2022-12-24 13:48:58 +01:00
85419326f8
server: use prelude function instead of separate function
2022-12-23 13:55:15 +01:00
eaa11647f0
server: rewrite drive usage queries in raw SQL
2022-12-23 13:54:12 +01:00
61a2db49df
server: always use user id for calcDriveUsageOf
2022-12-23 13:38:29 +01:00
79ddbafd0d
client: fix tooltips not closing
...
closes FoundKeyGang/FoundKey#120
Changelog: Fixed
2022-12-23 11:06:07 +01:00
0e1459e5cf
Merge pull request 'server: refactor follow request functions to be named exports' ( #296 ) from refactor/follow-requests into main
...
Reviewed-on: FoundKeyGang/FoundKey#296
2022-12-23 02:06:31 +00:00
e8e82dac82
fixup: confusing commas
2022-12-23 02:30:57 +01:00
02aaee6050
client: select folder when entering it
...
As a convenience when a user is in the "select a folder" dialog,
opens a folder an then clicks on the checkmark, the currently open folder
is selected.
2022-12-23 02:21:52 +01:00
d26e2588e3
client: combine selection of files & folders
2022-12-23 02:20:36 +01:00
df9064c284
client: remove driveFolderBg theme color
...
Changelog: Removed
2022-12-23 02:02:20 +01:00
9690244848
server: add return type for all follow reject funcs
2022-12-22 17:52:30 -05:00
4db25e4b1f
server: add doc for cancelFollowRequest
2022-12-22 16:55:08 -05:00
549302e9c0
server: add doc for createFollowRequest
2022-12-22 16:55:07 -05:00
a3354904af
server: use named export for createFollowRequest
2022-12-22 16:52:52 -05:00
28f65bebfc
server: use named export for cancelFollowRequest
2022-12-22 16:52:52 -05:00
2204adc657
server: use named export for acceptAllFollowRequests
2022-12-22 16:52:52 -05:00
b11e4053db
server: use named export for acceptFollowRequest
2022-12-22 16:52:52 -05:00
f7c4107ca4
client: drive uses grid instead of flexbox
2022-12-22 18:55:06 +01:00
c983c4860c
client: use combined drive endpoint
2022-12-22 17:55:13 +01:00
d96070bc80
client: fix duplicate folder when creating new folder
2022-12-22 17:32:05 +01:00
240cf98920
client: refactor drive drag&drop
2022-12-22 17:06:52 +01:00
7b39483966
server: drive endpoint to fetch files and folders
...
Changelog: Added
2022-12-22 16:46:48 +01:00
e2ef800708
server: dont use replace for file types
...
No point in using replace if we already know which character we want to replace.
2022-12-22 14:46:21 +01:00
a7048f17f7
server: simplify duplicated code
2022-12-22 14:45:20 +01:00
ddf3e2c3db
client: refactor tooltip directive
...
Using the beforeUnmount hook should hopefully improve issues with
tooltips being left behind.
2022-12-22 14:12:25 +01:00
33f0b24c56
server: add v2 routes to notes endpoints
2022-12-22 11:02:04 +01:00
7685b92511
improve fetching of endpoint arguments
...
including support for route parameters (e.g. '/v2/note/:noteId' giving us a 'noteId' value)
Co-authored-by: Johann150 <johann.galle@protonmail.com>
2022-12-22 11:02:04 +01:00
8276bd3bdc
generate OpenAPI spec for v2 endpoints
2022-12-22 11:02:04 +01:00
aed2752470
server: make v2 meta endpoint support GET
2022-12-22 11:01:56 +01:00
4a3b91d658
server: add additional API v2 options to endpoints
...
* improve type definitions for v2 method
The method has to be lowercase because it is used as an index to get
the respective method of the router.
Co-authored-by: Johann150 <johann.galle@protonmail.com>
2022-12-22 11:00:46 +01:00
9317d25078
server: expire notifications after 3 months
...
closes FoundKeyGang/FoundKey#292
Changelog: Added
2022-12-21 21:46:45 +01:00
fc36bb8880
server: reduce code duplication in check-expired queue job
2022-12-21 21:46:27 +01:00
711bb8be7d
fixup: add missing redirect argument
2022-12-21 21:23:23 +01:00
275136cf8b
allow redirects in API ap/* endpoints
2022-12-21 20:45:55 +01:00
aa33708b90
server: handle redirects in signed get
...
part of FoundKeyGang/FoundKey#288
Changelog: Fixed
2022-12-20 22:07:24 +01:00
99c459a21a
server: better upload limit error
...
Ref: FoundKeyGang/FoundKey#293
2022-12-19 21:29:29 +01:00
bd68096ea9
server: refactor API error
2022-12-19 21:24:39 +01:00
c411669133
client: fix token-generate-window component
2022-12-18 20:42:05 +01:00
639fa74d43
client: restyle app token view
2022-12-18 19:37:52 +01:00
3bf7deb233
client: remove unused styling classes
2022-12-18 00:50:02 +01:00
2520633210
client: move MFM animations to MFM component
2022-12-18 00:49:28 +01:00
4574db523a
client: add default margin to FormSwitch and MkButton
2022-12-18 00:11:32 +01:00
263fb94f3f
client: unify import names of form ui components
2022-12-18 00:04:53 +01:00
0e3321c106
client: unify import names of MkButton component
2022-12-17 23:32:25 +01:00
677ee537d1
client: remove unused component
2022-12-17 22:39:18 +01:00
1e539e6af5
client: add missing space
...
see FoundKeyGang/FoundKey#291
2022-12-17 22:34:49 +01:00
0e5f744560
client: 2fa is not its own settings page
2022-12-17 22:34:49 +01:00
6c7f1774e3
server: fix thread mutes not applying to renotes
...
Changelog: Fixed
2022-12-15 21:20:24 +01:00
af43df15ca
reduce duplication in secureRndstr
2022-12-15 20:46:17 +01:00
5f83383ab8
fix import error in tests
2022-12-15 20:45:55 +01:00
8c759dde6c
server: fix error about duplicate resolve
2022-12-15 19:44:55 +01:00
84d83d908a
client: add button to unrenote
...
Changelog: Added
2022-12-15 17:52:19 +01:00
16d091497a
server: use extractDbHost instead of toPuny, translate comments
...
Also swapped logical or for nullish coalescing operator in some places.
2022-12-15 00:32:15 +01:00
ef53ec276a
activitypub: simplify some URI/id related checks
...
followup on previous commit
2022-12-15 00:31:23 +01:00
3582fd8260
activitypub: centrally check id matches URL in resolver
...
This makes some duplicated checks in models/note and models/person
unnecessary.
2022-12-15 00:29:39 +01:00
6256ddbd30
client: remove unused variables
2022-12-14 22:09:29 +01:00
00fcc238f7
client: remove broken instance ticker from landing page
2022-12-14 22:08:27 +01:00
9f1670d5fd
server: fix default not found error image
2022-12-14 19:05:41 +01:00
ff31b8b06d
server: remove bios and cli
...
The BIOS and CLI functionality were mainly for debugging purposes.
If a user has to use those to resolve an issue with the server, that
really should be fixed at the source instead.
Closes: FoundKeyGang/FoundKey#283
Changelog: Removed
2022-12-14 17:59:25 +00:00
398ee6435b
client: replace repo link with foundkey link
2022-12-14 18:21:24 +01:00
ffff2ae5ef
server: fix missing import
...
closes FoundKeyGang/FoundKey#286
2022-12-14 18:08:44 +01:00
ccc8bf0289
chore: fix more miscellaneous lints
2022-12-13 23:09:32 +01:00
a231b36d59
chore: fix lint about unused variables in entities
2022-12-13 23:09:32 +01:00
8e9c65fab0
chore: fix some import related lints
2022-12-13 23:09:31 +01:00
78a3051313
remove unneeded TODO
2022-12-13 16:46:29 -05:00
78717e85d3
server: change JSON.parse/stringify to structuredClone
...
structuredClone is more typesafe than using JSON.parse and
JSON.stringify.
Now that Node 18.x is the new baseline, this should be safe to use now.
See https://developer.mozilla.org/en-US/docs/Web/API/structuredClone
for details.
2022-12-13 16:45:38 -05:00
a9d3cae511
server: add return type to extractApMentions
2022-12-13 16:31:15 -05:00
bd27b7ca3a
server: add typing for renderFollowRelay
2022-12-13 16:06:18 -05:00
e28a9eb8e8
use tsc --noEmit for backend and client
...
See https://github.com/misskey-dev/misskey/pull/9316
2022-12-13 16:02:06 -05:00
e5a4c5d2d0
chore: update @typescript-eslint packages
2022-12-13 15:57:26 -05:00
6bba55c196
sw: add TypeScript type checking
...
This implements the upstream changes from
https://github.com/misskey-dev/misskey/pull/9314 but updated to our
version of ESLint.
Also updates TypeScript to 4.9.4 for all packages.
2022-12-13 15:42:08 -05:00
1d469f3c34
fix import typo
2022-12-13 15:12:29 -05:00
3f0228e14c
server: use color-convert KEYWORD instead of extracting parameter type
2022-12-13 15:11:29 -05:00
73f81177b4
foundkey-js: adjust type definition
2022-12-13 20:54:50 +01:00
6a26da3516
client: use configurable images
2022-12-13 20:54:49 +01:00
5ea744b1b2
server: use configurable images
2022-12-13 20:54:49 +01:00
ae6ba05306
add config for error images
...
Changelog: Added
2022-12-13 20:54:49 +01:00
Sam Smucny
21069223e3
client: add tooltips to visibility icons
...
Changelog: Changed
2022-12-13 20:49:17 +01:00
d4d1e03479
server: fix errors for replies and state when note doesnt exist
2022-12-13 20:35:46 +01:00
030394b30d
refactor: remove default export for boot
2022-12-11 14:42:55 -05:00
768d9bbdfb
refactor: remove default export for perform
2022-12-11 18:23:19 +01:00
3ef1a4b0f9
refactor: remove default export for Resolver
2022-12-11 18:23:07 +01:00
ae59ce51b0
refactor: remove default export for DbResolver
2022-12-11 18:16:48 +01:00
14a9b9bedd
refactor: remove default export for request
2022-12-11 18:16:45 +01:00
985a13f47f
refactor: remove default export for DeliverManager
2022-12-11 17:56:25 +01:00
507b328fdf
activitypub: also forward resolver to resolveNote
2022-12-10 11:23:10 +01:00
3cf673960b
server: Fix typing for user token
...
Also fix a comment in the User model that wrongly states that the token
is null if the user is local, when it's the opposite.
2022-12-08 23:20:41 -05:00
cbfd866122
server: make fetcher key non-null
2022-12-08 23:19:39 -05:00
b23a8dbaed
server: translate comments
2022-12-08 23:18:45 -05:00
80a73a7510
server: remove unused imports from suspend-user.ts
2022-12-08 23:18:45 -05:00
3dec9a47f0
server: fix various type errors in services
2022-12-08 23:18:45 -05:00
b8fb7a38cc
server: improve Logger typing information and docs
2022-12-08 23:18:45 -05:00
fdc682e810
server: remove sendEmailNotification
...
The functions have their bodies completely comented out,
which means they are doing nothing.
2022-12-08 23:18:45 -05:00
fde751df8f
fix: properly supply resolver (2)
2022-12-08 19:06:55 +01:00
1faf1035f9
server: handle users getting deleted somewhere else
...
I don't know why but several jobs got stuck in my inbox queue because
of errors like 'Could not find any entity of type "User" matching...'.
2022-12-08 18:12:24 +01:00
e2ce599aca
fix: properly supply resolver
2022-12-08 18:12:05 +01:00
73870e85cd
client: make headlines in queue widget links
...
The headlines "inbox queue" and "deliver queue" are now links to the
admin panel page about the queue.
Changelog: Changed
2022-12-07 23:23:16 +01:00
350f21d955
server: fix typing for skippedInstances query
2022-12-07 16:41:34 -05:00
873e21f090
chore: update eslint
2022-12-07 16:27:53 -05:00
2afe54c121
eslint: allow backticks to avoid escaping single/double quotes
2022-12-07 16:27:39 -05:00
501cf834c8
client: fix issue of search only working once
...
closes FoundKeyGang/FoundKey#274
Changelog: Fixed
2022-12-07 21:56:27 +01:00
b66f7550ab
server: auto-fix lints
2022-12-07 13:39:21 -05:00
18664dbca3
server: add missing paren
...
How did this not break yet?
2022-12-07 18:29:04 +01:00
0f3f42eb39
remove rndstr dependency
...
This dependency was unused in the client.
The use of it in the server can be replaced entirely by the
secureRndstr function, with some slight modifications.
That function could probably be refactored a bit more as well.
2022-12-07 18:08:09 +01:00
d3f1ad9a88
chore: remove unused packages
2022-12-06 23:18:27 +01:00
1aa3898db5
server: remove unused import
2022-12-06 23:12:45 +01:00
96c3744555
client: remove integration settings menu entry
2022-12-06 23:00:32 +01:00
b023741f50
server: remove integrations field from user
2022-12-06 23:00:08 +01:00
7e8d5c3b79
foundkey-js: remove integration fields from instance type
2022-12-06 21:52:16 +01:00
c785fbab6e
client: remove integration signin options
2022-12-06 21:51:01 +01:00
547a1f81d4
client: remove integration settings
2022-12-06 21:50:34 +01:00
95384d0bb2
client: remove integration admin settings
2022-12-06 21:50:20 +01:00
4cc5b734e7
activitypub: remove integration fields from person and nodeinfo
2022-12-06 21:49:19 +01:00
5d32872999
server: remove integration API routes
2022-12-06 21:48:31 +01:00
b4b1204f77
server: remove integration-related fields from meta
2022-12-06 21:47:59 +01:00
c1a51547a9
BREAKING: server: remove wildcard blocking and instead block subdomains ( #269 )
...
Co-authored-by: Francis Dinh <normandy@biribiri.dev>
Reviewed-on: FoundKeyGang/FoundKey#269
Changelog: Changed
2022-12-05 17:55:38 +00:00
4e74d26e45
backend: fix ratelimit typo
...
Changelog: Fixed
2022-12-05 15:49:33 +01:00
a421dd401c
activitypub: refactor to always apply recursion limit
...
Refactor to remove as many "new Resolver" as possible.
2022-12-04 21:11:44 +01:00
c4211761e6
server: refactor resolveSelf to just return the webfinger href
...
Since the href seems to be the only attribute that is used, and I didn't
want to add a full type definition this was the easier option.
2022-12-04 21:11:43 +01:00
03b673165f
server: refactor "authUser" functions into separate file
...
They did not really fit into the DbResolver because they may fetch data
from remote instances even though DbResolver is only supposed to access
the database.
2022-12-04 21:11:35 +01:00
de18c8306d
server: fix token-permissions migration
...
The table that is affected here was not properly purged of old entries. It only holds
data that is needed while a 3rd party authorization is in progress but not finished.
The code that typeorm generated for this migration is a bit wonky because it should
probably have dropped one column and created another one. But if we clear out all entries
it should work regardless and I'm feeling lazy right now. :P
2022-12-04 19:05:02 +01:00
38df8dc734
client: set display name limit same as server
...
Changelog: Fixed
2022-12-04 15:35:43 +01:00
11e4a8cb9b
remove erroneous space
2022-12-04 15:34:05 +01:00
d1e0d79c19
client: unify different error dialogs
...
Changelog: Fixed
2022-12-04 14:27:53 +01:00
946e862ecd
server: implement OAuth 2.0 Authorization Code grant
...
Changelog: Added
Reviewed-on: FoundKeyGang/FoundKey#205
2022-12-04 14:06:36 +01:00
97052b1f61
server: refactor fromHtml attribute handling
...
Also try to recognize owncast hashtag links.
2022-12-04 03:43:22 +01:00
cda9197700
server: increase nodeinfo caching
...
Changelog: Changed
2022-12-04 03:26:50 +01:00
2dde8273e2
implement separate web workers
...
Reviewed-on: FoundKeyGang/FoundKey#252
2022-12-03 13:33:23 +00:00
de927e1f30
server: handle invalid URLs in comparison
2022-12-03 10:38:33 +00:00
bdcec2b8a7
server: implement OAuth discovery (RFC 8414)
2022-12-03 10:38:33 +00:00
5291f29581
implement OAuth PKCE
...
This implements Proof Key for Code Exchange a.k.a. RFC 7636.
2022-12-03 10:38:33 +00:00
15b3ab6d13
check redirect URIs
2022-12-03 10:38:33 +00:00
79e3c20189
server: allow to grant tokens with more restricted privileges
...
This also simplifies API authentication a bit by not having to fetch
the App that is related to a token.
The restriction of 1 token per app is also lifted. This was not a
constraint in the database but it was enforced by the code and
kinda wrong schema the auth_session table had.
2022-12-03 10:38:32 +00:00
2f2e6a58a4
docs: read scope descriptions from locale strings
2022-12-03 10:38:32 +00:00
c5568cfdf3
client: fix auth page layout
...
This also includes better rendering when no permissions are requested.
Also removed the app's id from the page as it makes no sense to show
this to a user.
Changelog: Fixed
2022-12-03 10:38:32 +00:00
c65fdebe26
server: add missing auth/deny endpoint
...
This endpoint is hinted at in the client, but is not actually defined
in the backend. This commit defines it.
2022-12-03 10:38:32 +00:00
418c88bb8f
expire AuthSessions after 15 min
2022-12-03 10:38:32 +00:00
2b19b34196
update OpenAPI docs to OAuth
2022-12-03 10:38:32 +00:00
7db7fdd9e2
add API route for OAuth access token retrieval
2022-12-03 10:38:32 +00:00
a13e956af0
make authorization token granting OAuth 2.0 compatible
...
This is basically a shim on top of the existing API.
Instead of the 3rd party, the web UI generates the authorization session.
The data that the API returns is slightly adjusted so that only one
API call is necessary instead of two.
2022-12-03 10:38:32 +00:00
18cf228f89
server: readd "fetch meta only once in skippedInstances""
...
This reverts commit e446a11bb7
.
Turns out this wasn't really the source of the referenced issue and
someone was able to run with the original commit fine, so adding this
back for now.
2022-12-03 05:13:30 -05:00
bdf2e14a73
server: fix TypeError in registerOrFetchInstanceDoc
...
Changelog: Fixed
2022-12-03 04:01:51 -05:00
e446a11bb7
Revert "server: fetch meta only once in skippedInstances"
...
This reverts commit 81d63720f2
since it
seems to cause a ReferenceError for some reason.
Ref: https://toot.site/@jeder/109447151582516733
2022-12-03 02:13:18 -05:00
194fff3603
activitypub: hashtags no longer displaying as links
...
Some hashtags sent from Mastodon were erroneously displayed as links.
This is because Mastodon seems to mangle hashtags containing non-ASCII
codepoints (such as e.g. umlauts). This lead to the previous code which
depended on the list of hashtags to not recognize a hashtag. Instead,
the `rel="tag"` microformat is recognized instead.
This makes the `htmlToMfm` wrapper function unnecessary so it was removed.
Changelog: Fixed
2022-12-02 19:31:57 +01:00
b4080d788d
slight refactoring & translating japanese
2022-12-02 19:00:58 +01:00
e49b8d0ef3
server: remove unnecessary apLogger aliases
2022-12-02 18:58:19 +01:00
7d3d0f858c
increment versions in package.json
2022-12-02 16:59:47 +01:00
81d63720f2
server: fetch meta only once in skippedInstances
2022-12-02 09:26:14 -05:00
5e6b51094e
server: fix instance skipping
...
This should actually make instance skipping work properly since
shouldBlockInstance is now properly awaited on now.
2022-12-02 09:10:56 -05:00
9ad37a12f8
server: fix rendering of Follow activity when removing follow
...
closes FoundKeyGang/FoundKey#263
Changelog: Fixed
2022-12-01 21:49:38 +01:00
e10700a2be
Merge pull request 'server: add wildcard matching to blocked hosts' ( #260 ) from wildcard-block-v2 into main
...
Reviewed-on: FoundKeyGang/FoundKey#260
2022-12-01 20:12:18 +00:00
dc7533baa4
Merge pull request 'server: Add recursion limit to resolver' ( #261 ) from recursion-limit into main
...
Reviewed-on: FoundKeyGang/FoundKey#261
2022-12-01 20:11:40 +00:00
721a327192
fixup: remove unused import
2022-12-01 20:46:46 +01:00