Thomas Citharel
15b3940262
Revoke old refresh token when doing a refresh token rotation
...
See
https://auth0.com/blog/securing-single-page-applications-with-refresh-token-rotation/
for details for instance
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:24 +02:00
Thomas Citharel
a7da5ab269
Improve JWT tokens expiration
...
- Reduce access tokens TTL to 15 minutes
- Set refresh tokens TTL to 60 days
- Set Guardian.DB to only track refresh tokens
- Remove refresh token when logging out
Closes #710 #705 #706
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:22 +02:00
Thomas Citharel
6cf6e47ec7
Only show errors in tasks
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:21 +02:00
Thomas Citharel
c9700906f5
Paginate the list of conversations
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:20 +02:00
Thomas Citharel
bab751591f
Make sure we have a valid timezone
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:19 +02:00
Thomas Citharel
679600f003
Comment fixes
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:18 +02:00
Thomas Citharel
b5a5de5c0c
Event edit and participant fixes
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:18 +02:00
Thomas Citharel
80f951680f
Order actor organized events by begins_on
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:17 +02:00
Thomas Citharel
4ad67e1efc
Fix an issue when deleting an actor
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:17 +02:00
Thomas Citharel
bfb04bb84d
Make deleting an actor ignoring error when deleting files
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel
f84cc299ba
Log when a follow request is auto-accepted
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel
4100b2f962
Refresh profiles in a background task
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel
8c53ea442f
Make List report returns a paginated list
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel
74778925e0
Refactor accessing person details resolver
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:15 +02:00
Thomas Citharel
628c55cd84
Make sure relay and anonymous actors don't automatically approve
...
followers
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:14 +02:00
Thomas Citharel
938f698b7a
Add webpush front-end support
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:12 +02:00
Thomas Citharel
9f5e3a39ec
Add Push notifications backend support
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:32:06 +02:00
Thomas Citharel
86c2512c62
WIP
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:32:05 +02:00
Thomas Citharel
b0394fdb02
Use post picture as OGP picture if existing
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-19 11:35:19 +02:00
Thomas Citharel
df4b947c25
Fix removed call to :crypto.hmac/3
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-18 17:56:50 +02:00
Thomas Citharel
a56f28f98e
Make koena connect picture configurable
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-18 17:56:49 +02:00
Thomas Citharel
5b36e71581
Fix rich media parsers
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-03 15:34:25 +02:00
Thomas Citharel
46120b16b6
Fix merging URIs for media from url when doing a rich media preview
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-03 14:57:30 +02:00
Thomas Citharel
5afdd80c71
Fix searching for persons
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-02 19:27:34 +02:00
Thomas Citharel
2692d32c5e
Add url to error log
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-29 10:23:47 +02:00
Thomas Citharel
4a1e9ce713
Add constraint on the comment url
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-29 10:23:46 +02:00
Thomas Citharel
614ead1777
Transmogrifier event create Handle any type of error
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-28 18:19:09 +02:00
Thomas Citharel
b13d4d253e
Increase tag allowed size
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-28 18:18:42 +02:00
Thomas Citharel
4fd6ecf53d
Improve AP error handling
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-28 18:06:17 +02:00
Thomas Citharel
70ca2d68a6
Improve some translations
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-28 16:16:46 +02:00
Thomas Citharel
1dc20889da
Fix missing deleted comment moderation logaction
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-28 11:59:15 +02:00
Thomas Citharel
495fbda330
Add pagination to moderation logs
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-28 10:27:29 +02:00
Thomas Citharel
c58e54d5b9
Add Group as a possible ActionLog object
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-27 16:51:28 +02:00
Thomas Citharel
493808a3c8
Reset default actor id for an user when a profile is deleted
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-27 12:02:56 +02:00
Thomas Citharel
c39f83fa9a
Cleanup warnings
...
Came in 8185fcd0bd
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-27 09:13:45 +02:00
Thomas Citharel
6d99b04a7a
Fix email headers
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-27 09:06:28 +02:00
Thomas Citharel
8185fcd0bd
Refresh after invite accept only if remote group
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-26 10:17:57 +02:00
Thomas Citharel
ed52474b51
Disable sentry logging unknown activities
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-26 09:21:00 +02:00
Thomas Citharel
687d1685f0
Fix metadata remote image URL
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-23 09:57:23 +02:00
Thomas Citharel
2d0abaad4a
Handle rendering AP issues
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-23 09:26:16 +02:00
Thomas Citharel
eaadf261ac
Handle actor fetch issues better
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-23 09:25:57 +02:00
Thomas Citharel
87aeac6aea
Remove duplicate text in emails
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-23 09:16:20 +02:00
Thomas Citharel
280f461ba7
Refactor the ActivityPub module
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-22 19:29:47 +02:00
Thomas Citharel
17a6a6eada
Add an unique index on addresses url
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-22 19:29:46 +02:00
Thomas Citharel
67b537f380
Fix sentry issues
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-22 19:29:46 +02:00
Thomas Citharel
fc5adedf0b
Handle 406 Not acceptable when asking for JSON on an AP entity better
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-21 11:36:32 +02:00
Thomas Citharel
eb2050a997
Handle errors from comment changeset as well when creating discussions
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-21 09:09:34 +02:00
Thomas Citharel
6ad4e33fab
Suspended actors don't need refreshing
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-20 17:10:34 +02:00
Thomas Citharel
cb4a801519
Small fixes
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-20 17:10:34 +02:00
Thomas Citharel
6668a663a7
Add user context to Sentry
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-20 15:07:57 +02:00
Thomas Citharel
118175db3e
Link Sentry to telemetry
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-20 15:07:38 +02:00
Thomas Citharel
d98e68203e
Handle sending mail more properly
...
With custom sentry reporting issues
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-20 15:02:24 +02:00
Thomas Citharel
ebf192e2c7
Fix CLI to change an user's email and add a test
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-19 16:50:16 +02:00
Thomas Citharel
16d192db24
Trim addresses when exporting them
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-19 12:41:40 +02:00
Thomas Citharel
3df80b96aa
Expose instance wide Atom feed in the HTML if enabled
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-19 12:41:19 +02:00
Thomas Citharel
bcf52ccdf7
Expose instance feed config option in the API and show it on About page
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-19 12:40:51 +02:00
Thomas Citharel
014c2da915
Improve wording when editing an user through CLI
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-19 09:53:36 +02:00
Thomas Citharel
489787ceb5
Avoid showing suspended broken UI for suspended/deleted groups
...
Don't return them if they're suspended
Closes #655
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-16 18:36:52 +02:00
Thomas Citharel
53fd77f5da
Fixes discussions being sent to followers instead of members
...
Closes #681
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-16 16:01:10 +02:00
Thomas Citharel
f2175c6498
Refactor CSP
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-16 14:57:02 +02:00
Thomas Citharel
ed7b53357f
Refactor tests for relay task and refresh cassetes
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 13:37:25 +02:00
Thomas Citharel
947d0b0cdb
Handle maximum file sizes better
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:52 +02:00
Thomas Citharel
0210b677c5
Expose maximum picture sizes
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:52 +02:00
Thomas Citharel
fb614cf877
Handle AP fetch issues properly
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:51 +02:00
Thomas Citharel
4079af6f72
Make sure arg for Actors.get_actor_by_name/2 doesn't start with @
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:50 +02:00
Thomas Citharel
bbfe3de471
Handle NotAcceptableError better
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:50 +02:00
Thomas Citharel
cbf772f282
Add a check for valid URI before fetching it in AP Client
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:50 +02:00
Thomas Citharel
5ac02bae5d
Use runtime configuration for HTTP clients user-agent
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:49 +02:00
Thomas Citharel
e991d7d373
Fix content type and size missing for profile avatars
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:49 +02:00
Thomas Citharel
b34958d3af
Refactor Webfinger module, use XRD host-meta to find webfinger endpoint
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:49 +02:00
Thomas Citharel
bd53bfc46b
Fix usage of is_bitstring instead of is_binary
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-08 16:41:49 +02:00
Thomas Citharel
00c8be4d8c
Fix an issue with default bot type value
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-08 10:39:02 +02:00
Thomas Citharel
fa99c09c57
Use tasks to process refreshing elements
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-08 10:39:01 +02:00
Thomas Citharel
386dbbb3a6
Fix path issue when fetching favicon for resources
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-08 10:39:01 +02:00
Thomas Citharel
356f69cef2
Fix accessing a discussion without being a member
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-08 09:54:22 +02:00
Thomas Citharel
076c14b54e
Don't auto-approve instance follows
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-30 09:12:53 +02:00
Thomas Citharel
8e6aa8c85c
Decode HTML entities when sanitized
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-30 09:12:53 +02:00
Thomas Citharel
acf51a3130
Fix issues when group isn't local
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-29 18:23:03 +02:00
Thomas Citharel
4d4ee80b8c
Handle feeds with unknown formats properly
...
Closes #660
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-29 18:22:14 +02:00
Thomas Citharel
13c8080097
Allow to create an event from a group preconfigured with the organizer
...
Refactored the organizer-picker components a lot
Close #464
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-29 10:33:19 +02:00
Thomas Citharel
cde9f8873e
Expose personal tokened feeds
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-26 19:36:48 +01:00
Thomas Citharel
1aa699fef0
Introduce instance ICS & Atom feeds (disabled by default)
...
And refactor the feed modules
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-26 16:19:58 +01:00
Thomas Citharel
80adf2307d
Extract tag parsing to own code, because linkify doesn't handle tag into
...
HTML
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-26 09:16:31 +01:00
Thomas Citharel
968a965763
Handle empty comments
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-25 12:11:49 +01:00
Thomas Citharel
b95b3c16e7
Handle getting organized events from an actor when not authorized
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-25 10:46:45 +01:00
Thomas Citharel
7aadc447e1
Handle changing default actor unlogged
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-25 10:38:31 +01:00
Thomas Citharel
95516a4067
Fix registering new user account with same email as unconfirmed
...
Refactors get_user_by_email/2
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-25 10:22:40 +01:00
Thomas Citharel
e6189390ac
Fix creating discussion with title containing only spaces
...
Also sanitize first comment
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-24 15:47:03 +01:00
Thomas Citharel
48f52ba4fd
Handle duplicate usernames correctly
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-24 11:38:31 +01:00
Thomas Citharel
98a219c7a9
Validate URIs before trying to proxify them
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-24 11:17:24 +01:00
Thomas Citharel
7b9910f251
Resources fixes and improvements
...
- Fix getting page description
- Fix fetching metadata from Twitter (thx @marienfressinaud)
- Improve error handling
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-24 11:07:00 +01:00
Thomas Citharel
50c89e21da
Make sure default publish date doesn't override the current one
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-23 19:29:22 +01:00
Thomas Citharel
b002d905cb
Handle calling .well-known/host-meta with "application/xrd+xml" accept
...
header
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-23 19:28:19 +01:00
Thomas Citharel
346d6438f8
Fix changing changing email and validating new email with bad token
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-23 16:38:37 +01:00
Thomas Citharel
cfa94851fa
Fix close events order
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-18 09:58:53 +01:00
Thomas Citharel
4ff00e92b6
Fix lasts events published order on the homepage
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-16 19:08:00 +01:00
Thomas Citharel
6fe22ac6ed
Handle ActivityPub Fetcher returning text that's not JSON
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-16 16:50:43 +01:00
Thomas Citharel
35e641bcff
Fix geospatial runtime configuration
...
Geospatial configuration was only evaluated at compile-time, not at
runtime
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-16 15:33:44 +01:00
Thomas Citharel
c09a43f71e
Get front-end index path at runtime instead of compile-time
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-16 11:08:04 +01:00
Thomas Citharel
239457a219
Releases fixes
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-15 10:34:03 +01:00