writefreely

Commit Graph

Author	SHA1	Message	Date
Matt Baer	82e7dcd3f3	Add Subscribers page - Shows all fediverse followers and email subscribers - Shows number of email subscribers on Stats page - Links to Subscribers page from Stats page Requires running `make ui` to regenerate stylesheet. Ref T826	1 year ago
Josh Soref	bc53300e33	spelling: dynamic Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	2 years ago
Matt Baer	d08f067e9c	Change copyright notices to Musing Studio LLC A Bunch Tell is now Musing Studio.	2 years ago
Matt Baer	414d5b0a1c	Add pagination routes on lang post filter Ref T805	3 years ago
Matt Baer	c4b124e37c	Limit lang filter to 2 characters Ref T805	3 years ago
Matt Baer	f4977c7a34	Support filtering blog posts by language Ref T805	3 years ago
Matt Baer	2ea235f0c4	Support email subscriptions (base) This adds beginning email subscription functionality, with only MySQL support, Mailgun support, and incomplete support for private instances. It includes database changes, so run: writefreely db migrate to use this feature. Ref T856	3 years ago
Matt Baer	e42ba392c6	Support Web Monetized split content Ref T770	4 years ago
Matt Baer	b092421f6e	Add Cross-Site Request Forgery (CSRF) protection on account deletion This requires admins to generate a new encryption key with: writefreely keys generate Ref T319	4 years ago
Matt Baer	5a3e8d59b6	Support logging out of password-protected blogs Closes T492	4 years ago
Matt Baer	9484880bca	Sign actor fetch request This fixes federation with Mastodon instances that have Authorized Fetch turned on by signing the GET request to fetch the actor when a blog is first followed. Ref T820	4 years ago
Donald Feury	530439772d	Add Pagination to Tags Collection Mostly copied the logic for pagination from non tag collection	4 years ago
Marcel van der Boom	5961eb8f27	Drop the /tags/{tag} route fixes issue #305	4 years ago
Josip Antoliš	3f36ede885	Add Cache-Control header Add Cache-Control response header for static files in order to improve page loading speed. Fixes #322	4 years ago
Matt Baer	09e70e07f8	Support loading more draft posts This adds a "load more" button to the bottom of the draft posts page, which calls /api/me/posts with new parameters and the current page number. It then populates the page accordingly. Ref T696 - load anon. posts with ?anonymous=1&page=1 Ref T401 - completes UI for post loading	4 years ago
Keturah Dola-Borg	7b71d455a8	Apply go fmt Signed-off-by: prichier <pascoualito@gmail.com>	5 years ago
Keturah Dola-Borg	badaffcd5c	Add generic oauth to routes Signed-off-by: prichier <pascoualito@gmail.com>	5 years ago
gytisrepecka	c798a44f69	Added Gitea OAuth login and account management.	5 years ago
Matt Baer	5d01f49ce9	Move /me/oauth/remove endpoint to /api/me/oauth/remove	5 years ago
Kyle Robbertze	c292512b9d	add Gitlab OAuth	5 years ago
Matt Baer	92da069ce4	Move admin dashboard sections into subpages This moves app config to a "Settings" page and the application monitor to a "Monitor" page. It also reworks the admin navigation bar a bit and adds some instance stats on the dashboard. Ref T694	5 years ago
Matt Baer	eac223158a	Move remote user URL to /@/ from /mention: Ref T627	5 years ago
Matt Baer	1b8f62d143	Require authenticated user on draft edit routes - /edit - /meta	5 years ago
Matt Baer	d6b7a5925f	Restrict /invite/{code} route to valid chars Previously, loading something like /invite/fFdblk😄 would return a 500, due to a mix of collations in MySQL while SELECTing for an invite with an ID of 'fFdblk😄'. This restricts the route to [a-zA-Z0-9] chars, to prevent this.	5 years ago
Matt Baer	8e09e72979	Require authenticated user for editor access Previously, anyone could access the editor even if they weren't logged in. They couldn't do much in that case (publishing would fail), but it could potentially cause some confusion. Now, users will be sent to the login page, and then redirected back to the editor once successfully logged in.	5 years ago
Nick Gerakines	c0317b4e93	Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713	5 years ago
Matt Baer	af23e28d05	Pass OAuth requests through new OAuth handler This gives us our standard logging and passes around errors with impart.HTTPError. Ref T705	5 years ago
Nick Gerakines	462f87919a	Feature complete on MVP slack auth integration. T710	5 years ago
Nick Gerakines	13121cb266	Merging T705-oauth into T710-oauth-slack. T705,T710	5 years ago
Nick Gerakines	bf3b6a5ba0	Unit tests, integration testing, and code cleanup for oauth support. Part of T705.	5 years ago
Rob Loranger	26d906ae92	clean up responses and logging, change endpoint - return an error with invalid request types - simplify json decoding - return error and success consistent with app conventions - endpoint change from /api/generate/markdownify to /api/markdown - fix nil pointer dereference when passing a base_url	5 years ago
Matt Baer	6e09fcb9e2	Change password reset endpoint to /admin/user/{Username}/passphrase Ref T695	5 years ago
Rob Loranger	fc553d277f	add admin user account deletion this adds a section to the admin user view to delete the account and a handler to process the request.	5 years ago
Rob Loranger	482e632ca9	add user account delete UI	5 years ago
Rob Loranger	f85f0751a3	address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses	5 years ago
Rob Loranger	d2480cb3aa	add basic API endpoint for rendering markdown	5 years ago
Michael Demetriou	b9d2689828	Fix comments on T627 pull request (https://github.com/writeas/writefreely/pull/195)	5 years ago
Michael Demetriou	99bb77153e	Handles are saved in `remoteusers` while the links take you to an intermediate page (WIP) that shows the user profile page url	5 years ago
Rob Loranger	aa9efc7b37	allow admin to reset user passwords this adds a new button when viewing a user as an admin, that will generate and store a new password for the user	5 years ago
Rob Loranger	d954b7c8e3	add user invite instructions this adds a new page with instructions for sharing user invites if a user clicks the link for one of their own invite codes they are directed to a page with clear instructions for it's use. if a user clicks another users link they are redirectec to their account settings witha flash telling them they do not need to register.	5 years ago
Rob Loranger	eae4097677	add update checks includes cache of latest version and page to view if updates are available with a link to the latest update's release notes and a link to check for the latest update now, refreshing the cache manually.	5 years ago
Rob Loranger	77f7b4a522	Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.	5 years ago
Rob Loranger	6c5d89ac86	move import post handler under /api handler for post request to import is now under /api/me/import form target updated also allow all plaintext files in form	5 years ago
Rob Loranger	ee4fe2f4ad	add basic text file imports this adds basic support for importing files as blog posts. .txt and .md are supported at this time and the collection is selectable, defaulting to draft. if a collection is specified the post is federated.	5 years ago
Matt Baer	f821dbaac4	Support dedicated signup page in chorus mode This adds a Sign Up link to site navigation and shows the otherwise-landing page on /signup when in chorus mode. Ref T681	5 years ago
Matt Baer	2b39b714de	Use UserLevelReader func for read routes Previously, that func was duplicated here.	6 years ago
Matt Baer	7dc620aff1	Check reader permissions on .well-known endpoints (for private instances) Ref T576	6 years ago
Matt Baer	d6a77d6668	Check reader permissions on RSS feed & sitemap (on private instances) Ref T576	6 years ago
Matt Baer	a2088c1646	Restrict API read access based on Private setting This verifies that a user is authenticated before getting to the actual handler on API endpoints where a user is reading content. Ref T576	6 years ago
Matt Baer	b3a36a3be7	Allow completely private instances, part 1 This is the start of all changes needed to support entirely private instances, where all blogs are only visible to other authenticated users on an instance (ref T576). It begins by changing how Handler methods check an endpoint's permissions. - Renames UserLevelLEVEL consts to UserLevelLEVELType - Adds UserLevelLEVEL funcs with same names as previous consts. Each returns a UserLevel - Adds a new UserLevelReader that restricts access based on app configuration. This is now used on collections and posts. - Changes routing a bit so static files are always accessible	6 years ago

1 2 3

106 Commits (verify-collection-max-lengths)