Commit Graph

85 Commits (da302a43cddff2ffef145289eda3f69cc8c2ebf0)

Author SHA1 Message Date
Patrick Figel df4ff9a8e1 Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
8 years ago
ThibG 31f0bcf804 Refresh webfinger (#1323)
* Refresh local info for remote accounts when webfinger returns new values

It only refreshes account info if one of the URLs or the public-key changes,
in which cases it refreshes the full info, re-downloading the feeds from that
user.

Some special handling should probably be done when the public key changes,
but I have been unable to find any use for it in Mastodon yet.

* Re-fetch remote users we aren't subscribed to.

This might induce performance issues, we might want to only do that for users
we explicitly attempted to subscribe but failed to.

* Refactor changes

* Do not refresh existing remote account details more than once a day

* Avoid re-fetching webfinger info in tests unless otherwise specified
8 years ago
Eugen Rochko 31597fd377 Low-hanging fruit of query optimization, these indices were missing 8 years ago
Eugen Rochko cfe91ac984 Add index on mentions status_id 8 years ago
Eugen Rochko 68f829e11c Add basic logging of who resolved report 8 years ago
Eugen Rochko e8875c6046 Import feature for following/blocking lists (addresses #62, #177, #201, #454) 8 years ago
Eugen Rochko 03fb6c16ec Fix up null values on latest migration, add notes 8 years ago
Eugen Rochko 87513b31e0 Do NOT try to update the new fields from the migration. Takes too long on a live DB
Needs to be a separate task with no locking
8 years ago
Eugen Rochko de22c202f5 Add counter caches for a large performance increase on API requests 8 years ago
Eugen Rochko 5aa3df017b Fix full-text search query quotation, improve tag search performance with an index,
add ability to open status by URL from search (fix #53)
8 years ago
Eugen Rochko 22e06a4077 Upgrade status IDs to bigint 8 years ago
Eugen Rochko 1b09c3cb17 More efficient single account retrieval (0.9ms vs 50ms before) 8 years ago
Eugen Rochko 2816b1bf8e Federate header images, fix open-uri http->https redirection error 8 years ago
Eugen Rochko ad0d82d3ce Make account search blazing fast and rank followers/followees higher in the results 8 years ago
Eugen Rochko caf5b8e975 Fix #431 - convert gif to webm during upload. Web UI treats them like it did
before. In the API, attachments now can be either image, video or gifv. Gifv
is to be treated like images in terms of behaviour, but are videos by file
type.
8 years ago
Eugen Rochko 6b81d10030 Add digest e-mails 8 years ago
Kit Redgrave 442fdbfc53 Mute button progress so far. WIP, doesn't entirely work correctly. 8 years ago
Eugen Rochko a1e96ae94f Add foreign key to prevent reblogs of non-existent (after race conditions) statuses from happening
Fix issue with detailed status view not supporting unreblogging/unfavouriting
8 years ago
Eugen Rochko 3b81baaaaf Adding POST /api/v1/reports API, and a UI for submitting reports 8 years ago
Eugen Rochko 6331ed16e5 Fix #614 - extra reply-boolean on statuses to account for cases when replied-to
status is not in the system at time of distribution; fix #607 - reset privacy
settings to defaults when cancelling replies
8 years ago
Eugen Rochko 920ba5fc4e Fix #61 - Add list of blocked users to the UI; clean up failed push notifications API
Try to fix Travis CI setup
8 years ago
Eugen Rochko 3f075c7794 API for apps to register for push notifications 8 years ago
Eugen Rochko 1992575d57 Fix #569 - seeds.rb 8 years ago
Eugen Rochko ba192f12e3 Added optional two-factor authentication 8 years ago
Eugen Rochko cc5c1e5feb Removed accidental n+1 query from notifications, updated some deps,
improved how "show more" link looks
8 years ago
Effy Elden 198ea2522e Seed a default, confirmed, admin account on development environments 8 years ago
Eugen Rochko 0430f7c0fa Fix spoiler_text not having "not null" constraint 8 years ago
Eugen Rochko 51a7047367 Fix order of migrations 8 years ago
Eugen Rochko 999cde94a6 Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
8 years ago
blackle bf0f6eb62d Implement a click-to-view spoiler system 8 years ago
Eugen Rochko 434cf8237e Optional domain block attribute that prevents media attachments from being downloaded 8 years ago
Eugen Rochko 6d98a73180 Domain blocks now have varying severity - auto-suspend vs auto-silence 8 years ago
Eugen Rochko f0de621e76 Fix #463 - Fetch and display previews of URLs using OpenGraph tags 8 years ago
Effy Elden d6bc0e8db4 Add tracking of OAuth app that posted a status, extend OAuth apps to have optional website field, add application details to API, show application name and website on detailed status views. Resolves #11 8 years ago
Eugen Rochko c01dd089ff Adding about/more page with extended information that can be set up by an admin 8 years ago
Eugen Rochko 2939e9898b Extend rails-settings-cached to merge db-saved hash values with defaults 8 years ago
Eugen Rochko b11fdc3ae3 Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
8 years ago
Eugen Rochko 75f80bef10 Persist UI settings, add missing localizations for German 8 years ago
Eugen Rochko 7b9f8766e8 Fix #416 - Generate random unique 14-byte (19 characters) shortcodes
for local attachments, use them in URLs. Check status privacy
before redirecting to actual file.
8 years ago
Eugen Rochko e2c2fefc36 Add illustration to getting started column 8 years ago
Eugen Rochko b891a81008 Follow call on locked account creates follow request instead
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
8 years ago
Eugen Rochko 2d2154ba75 Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users 8 years ago
Eugen Rochko 80e02b90e4 Private visibility on statuses prevents non-followers from seeing those
Filters out hidden stream entries from Atom feed
Blocks now generate hidden stream entries, can be used to federate blocks
Private statuses cannot be reblogged (generates generic 422 error for now)
POST /api/v1/statuses now takes visibility=(public|unlisted|private) param instead of unlisted boolean
Statuses JSON now contains visibility=(public|unlisted|private) field
8 years ago
Eugen Rochko 39cc9fde8a Add account suspension 8 years ago
Eugen Rochko 565cd95bca Keep timelines in the UI trimmed when possible 8 years ago
Eugen Rochko b14b5e3b44 Improve notification model 8 years ago
Eugen Rochko 816284d739 Fix #248 - Reload all accounts when fetching from cache 8 years ago
Eugen Rochko 165498f110 Make data migration more merciful 8 years ago
Eugen Rochko 3114e55c7a Fix #323 - self-replies to appear in public timelines again 8 years ago
Eugen Rochko 14bd46946d Per-status control for unlisted mode, also federation for unlisted mode
Fix #233, fix #268
8 years ago