FoundKey

Author	SHA1	Message	Date
Andreas Nedbal	c785fbab6e	client: remove integration signin options	2022-12-06 21:51:01 +01:00
Andreas Nedbal	547a1f81d4	client: remove integration settings	2022-12-06 21:50:34 +01:00
Andreas Nedbal	95384d0bb2	client: remove integration admin settings	2022-12-06 21:50:20 +01:00
Andreas Nedbal	4cc5b734e7	activitypub: remove integration fields from person and nodeinfo	2022-12-06 21:49:19 +01:00
Andreas Nedbal	5d32872999	server: remove integration API routes	2022-12-06 21:48:31 +01:00
Andreas Nedbal	b4b1204f77	server: remove integration-related fields from meta	2022-12-06 21:47:59 +01:00
Norm	c1a51547a9	BREAKING: server: remove wildcard blocking and instead block subdomains (#269 ) Co-authored-by: Francis Dinh <normandy@biribiri.dev> Reviewed-on: FoundKeyGang/FoundKey#269 Changelog: Changed	2022-12-05 17:55:38 +00:00
Chloe Kudryavtsev	4e74d26e45	backend: fix ratelimit typo Changelog: Fixed	2022-12-05 15:49:33 +01:00
Johann150	a421dd401c	activitypub: refactor to always apply recursion limit Refactor to remove as many "new Resolver" as possible.	2022-12-04 21:11:44 +01:00
Johann150	c4211761e6	server: refactor resolveSelf to just return the webfinger href Since the href seems to be the only attribute that is used, and I didn't want to add a full type definition this was the easier option.	2022-12-04 21:11:43 +01:00
Johann150	03b673165f	server: refactor "authUser" functions into separate file They did not really fit into the DbResolver because they may fetch data from remote instances even though DbResolver is only supposed to access the database.	2022-12-04 21:11:35 +01:00
Johann150	de18c8306d	server: fix token-permissions migration The table that is affected here was not properly purged of old entries. It only holds data that is needed while a 3rd party authorization is in progress but not finished. The code that typeorm generated for this migration is a bit wonky because it should probably have dropped one column and created another one. But if we clear out all entries it should work regardless and I'm feeling lazy right now. :P	2022-12-04 19:05:02 +01:00
Johann150	38df8dc734	client: set display name limit same as server Changelog: Fixed	2022-12-04 15:35:43 +01:00
Johann150	11e4a8cb9b	remove erroneous space	2022-12-04 15:34:05 +01:00
Johann150	d1e0d79c19	client: unify different error dialogs Changelog: Fixed	2022-12-04 14:27:53 +01:00
Johann150	946e862ecd	server: implement OAuth 2.0 Authorization Code grant Changelog: Added Reviewed-on: FoundKeyGang/FoundKey#205	2022-12-04 14:06:36 +01:00
Johann150	97052b1f61	server: refactor fromHtml attribute handling Also try to recognize owncast hashtag links.	2022-12-04 03:43:22 +01:00
Johann150	cda9197700	server: increase nodeinfo caching Changelog: Changed	2022-12-04 03:26:50 +01:00
Chloe Kudryavtsev	2dde8273e2	implement separate web workers Reviewed-on: FoundKeyGang/FoundKey#252	2022-12-03 13:33:23 +00:00
Johann150	de927e1f30	server: handle invalid URLs in comparison	2022-12-03 10:38:33 +00:00
Johann150	bdcec2b8a7	server: implement OAuth discovery (RFC 8414)	2022-12-03 10:38:33 +00:00
Johann150	5291f29581	implement OAuth PKCE This implements Proof Key for Code Exchange a.k.a. RFC 7636.	2022-12-03 10:38:33 +00:00
Johann150	15b3ab6d13	check redirect URIs	2022-12-03 10:38:33 +00:00
Johann150	79e3c20189	server: allow to grant tokens with more restricted privileges This also simplifies API authentication a bit by not having to fetch the App that is related to a token. The restriction of 1 token per app is also lifted. This was not a constraint in the database but it was enforced by the code and kinda wrong schema the auth_session table had.	2022-12-03 10:38:32 +00:00
Johann150	2f2e6a58a4	docs: read scope descriptions from locale strings	2022-12-03 10:38:32 +00:00
Johann150	c5568cfdf3	client: fix auth page layout This also includes better rendering when no permissions are requested. Also removed the app's id from the page as it makes no sense to show this to a user. Changelog: Fixed	2022-12-03 10:38:32 +00:00
Johann150	c65fdebe26	server: add missing auth/deny endpoint This endpoint is hinted at in the client, but is not actually defined in the backend. This commit defines it.	2022-12-03 10:38:32 +00:00
Johann150	418c88bb8f	expire AuthSessions after 15 min	2022-12-03 10:38:32 +00:00
Johann150	2b19b34196	update OpenAPI docs to OAuth	2022-12-03 10:38:32 +00:00
Johann150	7db7fdd9e2	add API route for OAuth access token retrieval	2022-12-03 10:38:32 +00:00
Johann150	a13e956af0	make authorization token granting OAuth 2.0 compatible This is basically a shim on top of the existing API. Instead of the 3rd party, the web UI generates the authorization session. The data that the API returns is slightly adjusted so that only one API call is necessary instead of two.	2022-12-03 10:38:32 +00:00
Francis Dinh	18cf228f89	server: readd "fetch meta only once in skippedInstances"" This reverts commit `e446a11bb7`. Turns out this wasn't really the source of the referenced issue and someone was able to run with the original commit fine, so adding this back for now.	2022-12-03 05:13:30 -05:00
Francis Dinh	bdf2e14a73	server: fix TypeError in registerOrFetchInstanceDoc Changelog: Fixed	2022-12-03 04:01:51 -05:00
Francis Dinh	e446a11bb7	Revert "server: fetch meta only once in skippedInstances" This reverts commit `81d63720f2` since it seems to cause a ReferenceError for some reason. Ref: https://toot.site/@jeder/109447151582516733	2022-12-03 02:13:18 -05:00
Johann150	194fff3603	activitypub: hashtags no longer displaying as links Some hashtags sent from Mastodon were erroneously displayed as links. This is because Mastodon seems to mangle hashtags containing non-ASCII codepoints (such as e.g. umlauts). This lead to the previous code which depended on the list of hashtags to not recognize a hashtag. Instead, the `rel="tag"` microformat is recognized instead. This makes the `htmlToMfm` wrapper function unnecessary so it was removed. Changelog: Fixed	2022-12-02 19:31:57 +01:00
Johann150	b4080d788d	slight refactoring & translating japanese	2022-12-02 19:00:58 +01:00
Johann150	e49b8d0ef3	server: remove unnecessary apLogger aliases	2022-12-02 18:58:19 +01:00
Johann150	7d3d0f858c	increment versions in package.json	2022-12-02 16:59:47 +01:00
Francis Dinh	81d63720f2	server: fetch meta only once in skippedInstances	2022-12-02 09:26:14 -05:00
Francis Dinh	5e6b51094e	server: fix instance skipping This should actually make instance skipping work properly since shouldBlockInstance is now properly awaited on now.	2022-12-02 09:10:56 -05:00
Johann150	9ad37a12f8	server: fix rendering of Follow activity when removing follow closes FoundKeyGang/FoundKey#263 Changelog: Fixed	2022-12-01 21:49:38 +01:00
Norm	e10700a2be	Merge pull request 'server: add wildcard matching to blocked hosts' (#260 ) from wildcard-block-v2 into main Reviewed-on: FoundKeyGang/FoundKey#260	2022-12-01 20:12:18 +00:00
Norm	dc7533baa4	Merge pull request 'server: Add recursion limit to resolver' (#261 ) from recursion-limit into main Reviewed-on: FoundKeyGang/FoundKey#261	2022-12-01 20:11:40 +00:00
Johann150	721a327192	fixup: remove unused import	2022-12-01 20:46:46 +01:00
Johann150	936cbf900b	use default argument value This unifies the style with the other function in that file and fixes the lint "no-param-reassign".	2022-12-01 20:32:57 +01:00
Mia Herkt	bc62d0ba9f	client: update emoji list This corrects the gender-specific variants in general, adds a few missing ones, replaces names that are just Unicode codepoints with actual names, and makes the keywords more consistent. Some data for this was taken from the annotations in the Unicode CLDR version 42. Reviewed-on: FoundKeyGang/FoundKey#262	2022-12-01 20:10:14 +01:00
Johann150	749015807a	client: also autocomplete flag emoji Changelog: Changed	2022-12-01 20:08:55 +01:00
Francis Dinh	b3e34795c0	require punycode conversion beforehand for admins	2022-12-01 12:07:43 -05:00
Francis Dinh	a35c98bbd5	server: encode non-ascii domains in punycode in matchHost	2022-12-01 11:34:11 -05:00
Francis Dinh	075e251822	server: add wildcard matching to blocked hosts This adds in wildcard matching. For instance: - `.bad.tld` will match: `very.bad.tld` - `bad.` will match: `bad.something` - `.bad.` will match: `very.bad.evil` Changelog: Changed	2022-12-01 11:29:02 -05:00
Derek Schmidt	11a6e706f4	server: Use shared resolver in featured and question accept	2022-12-01 04:40:14 -05:00
Derek Schmidt	d3af00a912	server: Add recursion limit to resolver Changelog: Security	2022-12-01 04:40:07 -05:00
Norm	973bd4532b	Merge pull request 'server: always enable push notifications' (#235 ) from enable-push-notifs into main Reviewed-on: FoundKeyGang/FoundKey#235 Changelog: Changed	2022-11-29 21:51:10 +00:00
Johann150	13fda0c9c7	client: refactor emoji autocomplete & make case insensitive Changelog: Changed	2022-11-29 21:13:20 +01:00
Johann150	cdb8922336	client: make all unicode emoji names lowercase	2022-11-29 20:35:23 +01:00
Francis Dinh	5b574d40f9	client: use native Notifications API (#234 ) Reviewed-on: FoundKeyGang/FoundKey#234 Changelog: Changed	2022-11-29 12:35:36 -05:00
Johann150	07370a3b84	client: put back button to remove all following Changelog: Added	2022-11-28 21:47:17 +01:00
Johann150	97233fab69	client: add link to weblate	2022-11-28 18:37:54 +01:00
Francis Dinh	5733f127ca	backend: update re2 to 1.17.8 This should fix Node 19 compatibility. Fixes: FoundKeyGang/FoundKey#238	2022-11-28 12:02:24 -05:00
Johann150	8130a2a9b1	server: remove deeplIsPro setting This setting is unnecessary because DeepL free keys can be detected easily according to <https://www.deepl.com/docs-api/api-access/authentication/>: > DeepL API Free authentication keys can be identified easily by the suffix ":fx" Changelog: Removed	2022-11-27 12:12:56 +01:00
Johann150	9fd23b5dae	server: remove quote urls, 3rd try First try was `66a7c62342` but classList is not in parse5 DOM. Second try was `7ee6a09cf2` but forgot the contents of this commit.	2022-11-27 09:30:51 +01:00
Francis Dinh	a6e05226ab	client: update vue and eslint-plugin-vue	2022-11-26 19:07:57 -05:00
Johann150	1f037e18d6	client: autofocus on search input field This should better replicate the previous behaviour of the text input dialog.	2022-11-27 00:14:42 +01:00
Johann150	24506ba557	client: remove unused notification-toast component	2022-11-26 16:37:11 +01:00
Johann150	8a807db02e	client: pass along notifications if push notifs disabled	2022-11-26 16:37:11 +01:00
Johann150	1e8e551ee3	service worker: refactor message event handler It is now possible for the client to trigger notifications "manually" if push notifications are not configured on the server.	2022-11-26 16:37:10 +01:00
Johann150	c34bebdf46	service worker: also show notifications if client is connected	2022-11-26 16:37:08 +01:00
Johann150	a1f3b212fe	client: translate comments	2022-11-26 16:34:45 +01:00
Johann150	f9ba3ab996	client: fix undefined variable when searching for handle	2022-11-26 16:26:38 +01:00
Chloe Kudryavtsev	6600f6e52e	fixup: make cluster limit into a per-mode warning rather than error	2022-11-26 13:28:39 +01:00
Johann150	d0c504ec85	server: fix unknown variable in signin endpoint	2022-11-25 19:09:08 +01:00
Johann150	062cba1b3c	server: fix undefined variable for instance actor	2022-11-25 19:05:37 +01:00
Johann150	48a60b03ea	BREAKING: implement separate web workers There are now separate web and queue workers. The configuration entry `clusterLimit` has been replaced by `clusterLimits` which allows separate configuration of web and queue workers. Changelog: Changed	2022-11-25 12:56:49 +01:00
Francis Dinh	f817d45210	update eslint and typescript-eslint	2022-11-25 02:07:21 -05:00
Francis Dinh	b67799ad3f	BREAKING: Remove support for Node 16.x and upgrade to TypeScript 4.9 Now that Node 18 is the new LTS version of Node, it should be safe to support ES2022 features. The install docs have already been updated to recommend Node 18.x in `41a710854e`. This will break support on Node 16.x and earlier. Also update TypeScript to 4.9 which contains various typechecking improvements: https://devblogs.microsoft.com/typescript/announcing-typescript-4-9/ Ref: FoundKeyGang/FoundKey#238 Changelog: Changed	2022-11-25 02:07:21 -05:00
Johann150	01fa4332c2	server: set vapid keys on initial setup	2022-11-21 22:30:34 +01:00
Johann150	563f3672a9	server: always enable push notifications The thing that previously presumably hindered this was that the VAPID keys had to be set up. Previously admins had to do this, but this is a bad idea for multiple reasons: 1) The meaning of "public key" and "private key" was not well documented in the settings. 2) Giving out a private key over the API, even just for admins, sounds like a bad idea. Co-authored-by: Francis Dinh <normandy@biribiri.dev>	2022-11-21 22:00:53 +01:00
Johann150	7ee6a09cf2	fix errors from quote string removal The parse5 tree does not have the full DOM methods and attributes.	2022-11-21 19:43:56 +01:00
Johann150	9e2553909e	server: use time constants	2022-11-20 23:15:40 +01:00
Johann150	66a7c62342	activitypub: remove akkoma quote URLs Changelog: Fixed	2022-11-20 20:48:15 +00:00
Norm	512351746f	Merge pull request 'Add LibreTranslate support' (#224 ) from libretranslate into main Reviewed-on: FoundKeyGang/FoundKey#224 Changelog: Added	2022-11-20 16:21:17 +00:00
hayabusa	19ee132930	client: files in some states could not be dropped and uploaded * Fixed association between dropEffect and effectAllowed as well as the submission form * Fixed that strings can be dropped Reviewed-on: https://github.com/misskey-dev/misskey/pull/9114 Changelog: Fixed	2022-11-20 16:17:26 +01:00
Johann150	3c4302cf3b	client: close webhook settings page automatically Changelog: Fixed	2022-11-20 12:33:04 +01:00
Johann150	e59706e36f	client: delete webhooks Changelog: Added	2022-11-20 12:29:17 +01:00
Johann150	0e0411f9e0	client: fix editing webhooks Co-authored-by: hayabusa <s.hashimoto@hs-sh.net> Changelog: Fixed	2022-11-20 11:41:21 +01:00
kabo2468	b7f32be512	server: don't nyaize quoted lines Co-authored-by: syuilo <Syuilotan@yahoo.co.jp> Changelog: Changed	2022-11-20 11:15:03 +01:00
Johann150	aefb11959f	fix: translator settings on admin/meta endpoint	2022-11-20 10:37:50 +01:00
Francis Dinh	cfe0f3ca67	client: Add LibreTranslate support This adds a new "Translation Settings" page to the admin interface where the admin can configure the instance's translation settings. The existing settigns for DeepL translation settings will now be located in that page alongside the new LibreTranslate stuff. Also made the translation service settings localizable, which funnily enough was not already the case.	2022-11-19 23:00:33 -05:00
Francis Dinh	8cde66b8ac	backend: Add LibreTranslate support	2022-11-19 23:00:33 -05:00
Norm	4952e29ac8	Merge pull request 'client: improve search' (#244 ) from search into main Reviewed-on: FoundKeyGang/FoundKey#244	2022-11-20 03:54:30 +00:00
Johann150	d02a51525f	client: improve account deletion question The message may be confusing when used by an adminstrator because it said "your account".	2022-11-19 20:24:28 +01:00
Johann150	47b0e292ef	clean up unused query parameters from router	2022-11-19 19:44:05 +01:00
Johann150	33e09b9901	client: remove user search from explore page User search is now located on the general search page. Also cleaned up other unused code. Changelog: Removed	2022-11-19 19:34:25 +01:00
Johann150	a7f3133f89	client: search page for notes and users This replaces the previous search box and allows for more narrowed down searches. Changelog: Added	2022-11-19 19:28:19 +01:00
Johann150	d86f826458	client: remove scripts/search	2022-11-19 19:21:06 +01:00
Johann150	7ffe2181a9	server: use host parameter in note search without elasticsearch Changelog: Fixed	2022-11-19 17:33:27 +01:00
Johann150	4183c429e6	server: rewrite skipped instances query in raw SQL This should hopefully improve performance somewhat. Reviewed-on: FoundKeyGang/FoundKey#230 Changelog: Changed	2022-11-18 22:02:47 +01:00
Francis Dinh	e1def3ae9e	client: fix federate blocks option not showing	2022-11-18 15:11:11 -05:00
Johann150	28aa440bcc	server: correctly await promises when updating server info When not awaiting promises, truncating the table and inserting again can sometimes not work due to race conditions.	2022-11-18 20:52:19 +01:00
Johann150	508cb00147	client: fix drive upload Using `addFile` here will add the file twice because the file is also added through the streaming API handler.	2022-11-18 20:17:42 +01:00

1 2 3 4 5 ...

1779 commits