Matt Baer
b092421f6e
Add Cross-Site Request Forgery (CSRF) protection on account deletion
...
This requires admins to generate a new encryption key with:
writefreely keys generate
Ref T319
2021-04-22 12:41:54 -04:00
Matt Baer
1d8facfe1c
Prevent admin self-deletion in API
...
Ref T319
2021-04-22 11:37:02 -04:00
Matt Baer
f689706baa
Merge branch 'T319-admin-delete-acct' into T319-user-delete-acct
2021-04-22 10:14:48 -04:00
Matt Baer
484d2736ce
Update repo URL to writefreely org
...
From the writeas org on GitHub.
2021-04-06 17:24:07 -04:00
Matt Baer
d52e2826f8
Merge pull request #389 from colin-axner/remove-unnecessary-var
...
remove unnecessary var in account.go
2020-11-16 12:06:47 -05:00
Matt Baer
e1cde913e2
Merge pull request #369 from writeas/web-monetization
...
Support Web Monetization
2020-10-06 16:22:28 -04:00
Matt Baer
2768ea9414
Make Monetization optional
...
Some WriteFreely instances are completely private, and thus have no need for public-
oriented features like Web Monetization. Like federation, this gives admins control
over whether or not the feature is enabled for users.
Ref T773
2020-09-30 15:18:21 -04:00
Matt Baer
ec7b299fd3
Enable updating WM payment pointer via API and Customize page
...
Ref T773
2020-09-30 14:40:13 -04:00
Colin Axner
75a79d49bd
remove unnecessary var
...
Remove createdWithPass var in account.go along with impossible if statement
2020-09-25 16:07:30 +02:00
Matt Baer
ce69117c79
Merge pull request #371 from writeas/design-update
...
Navigation improvements
2020-08-31 18:21:41 -05:00
Matt Baer
3a915ad8ea
Make New Post button contextual on coll sub-sections
2020-08-19 18:21:53 -04:00
Matt Baer
4db2cb8986
Templatize OAuth buttons across signup and login pages
...
This moves fields into the `OAuthButtons` struct and puts the buttons into templates/includes/oauth.tmpl.
2020-08-19 13:31:07 -04:00
Matt Baer
63f023ea98
Fix GitLab & OAuth button labels on Login page
...
Previously, these display names were swapped.
2020-08-19 12:04:36 -04:00
Matt Baer
ab32caa49c
Include key names in Login page struct
2020-08-19 12:02:36 -04:00
prichier
ab285644a0
Fix: signup methods mutually exclusive
2020-08-16 20:42:55 +02:00
Pascal Richier
d3f1e40010
Merge branch 'develop' into feature/generic-oauth
2020-08-16 19:58:01 +02:00
gytisrepecka
731d4e8efe
Run gofmt for modified files.
2020-08-13 09:15:04 +03:00
prichier
f6aa99e591
Add disable_password_auth option
2020-06-14 00:27:25 +02:00
prichier
724ab34006
Fix: option name from allow_logout to allow_disconnect
2020-06-06 23:52:26 +02:00
prichier
fe7ff38bd8
Manage generic Oauth buttons on Account Settings
...
Add generic Oauth allow_logout option
2020-05-31 04:09:14 +02:00
Keturah Dola-Borg
7b71d455a8
Apply go fmt
...
Signed-off-by: prichier <pascoualito@gmail.com>
2020-05-31 00:20:21 +02:00
Keturah Dola-Borg
630ac1f7c0
Typo fix
...
Signed-off-by: prichier <pascoualito@gmail.com>
2020-05-31 00:20:16 +02:00
Keturah Dola-Borg
6174987c6a
Adds generic oAuth bool & name string to login view.
...
Signed-off-by: prichier <pascoualito@gmail.com>
2020-05-30 23:58:42 +02:00
gytisrepecka
8675eb0f95
Merge develop branch into oauth-gitea and resolve pages/login.tmpl conflict.
2020-04-23 14:24:17 +03:00
Matt Baer
fd97539f85
Mention unset password on failed login
...
(when it applies)
2020-04-22 09:26:42 -04:00
Matt Baer
5400f416c0
Reduce db calls on normal invite-based signup
...
This removes an unnecessary database call after creating a user, and documents `db.CreateUser()` to make it clear that extra calls are unnecessary.
2020-04-20 18:21:01 -04:00
gytisrepecka
c798a44f69
Added Gitea OAuth login and account management.
2020-04-03 13:26:59 +03:00
Matt Baer
b25e80bb1b
Show configured GitLab name on Account page
...
This includes the chosen GitLab display name in the button text.
2020-03-24 09:07:27 -04:00
Nick Gerakines
048e8a5e13
Added error messaging when user attempts to attach a slack account to a user that already has the slack account attached. Added GitLab to settings page as oauth option.
2020-03-20 18:07:35 -04:00
Matt Baer
cf4f08b264
Merge branch 'develop' into T713-oauth-account-management
2020-03-19 12:02:33 -04:00
Matt Baer
79a968f425
Fix login.tmpl rendering
...
This passes in the correct field named GitlabDisplayName.
2020-03-18 16:05:26 -04:00
Kyle Robbertze
26b6ed5f4f
simplify gitlab oauth config
2020-03-16 15:11:03 +02:00
Kyle Robbertze
c292512b9d
add Gitlab OAuth
2020-03-12 10:50:55 +02:00
Matt Baer
f846cada4b
Merge branch 'develop' into T713-oauth-account-management
2020-02-09 14:05:12 -05:00
Matt Baer
f406f894c5
Merge branch 'develop' into T319-user-delete-acct
2020-02-09 11:53:24 -05:00
Matt Baer
468bbf2187
Merge branch 'develop' into rename-account-suspend
2020-02-09 11:14:14 -05:00
Nick Gerakines
5d834c1cd2
Minor code cleanup on settings page to improve oauth account management UI. T713
2020-01-15 13:37:57 -05:00
Nick Gerakines
c0317b4e93
Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713
2020-01-15 13:16:59 -05:00
Nick Gerakines
6429d495a2
Implemented /oauth/signup. T712
2020-01-03 13:50:21 -05:00
Nick Gerakines
6d8da2bffd
Encrypting email from oauth signup as per PR feedback. T710
2020-01-03 11:28:06 -05:00
Rob Loranger
7e014ca659
Rename Suspend status to Silence
...
This changes all variables and functions from using Suspend{ed} to using
Silence{d} as well as documentation, errors and logging.
2019-11-11 15:25:19 -08:00
Matt Baer
53586d9cb8
Merge branch 'develop' into T661-disable-accounts
2019-11-12 01:46:37 +09:00
Matt Baer
7f96e8c384
Rename UserSuspended to UserSilenced
...
Some of the work needed to have the backend match user-facing wording.
Ref T661
2019-11-12 00:41:25 +09:00
Matt Baer
f7550a0da8
Change more suspension check logic
...
From u.Status == UserSuspended to u.IsSuspended()
Ref T661
2019-11-12 00:04:36 +09:00
Matt Baer
e1149cd1e9
Fix URLs in CSV exports
...
This includes the instance's hostname in calls to export a CSV file and
PublicPost.CanonicalURL().
It also fixes a panic in that method during CSV export caused by draft
posts.
2019-11-07 17:25:42 +09:00
Rob Loranger
482e632ca9
add user account delete UI
2019-11-05 12:22:27 -08:00
Rob Loranger
b83af955c3
remove wrapper over db.DeleteAccount
2019-11-05 12:20:07 -08:00
Rob Loranger
41166e5c35
CLI delete account by username and delete posts
...
this changed the CLI flag to use the username instead of the userID
leaving the underlying database function as is.
also now posts are all deleted with no option to skip as this is likely
never needed.
2019-11-05 09:14:20 -08:00
Rob Loranger
c87ca11a52
add account deletion
...
CLI only but backend supports calls from app.db.DeleteAccount already
takes --delete-account user_id_number with optional --posts to also
delete posts. if --posts is omitted all user posts will be updated to
anonymous posts
2019-10-31 15:20:18 -07:00
Rob Loranger
f85f0751a3
address PR comments
...
- update error messages to be correct
- move suspended message into template and include for other pages
- check suspended status on all relevant pages and show message if
logged in user is suspended.
- fix possible nil pointer error
- remove changes to db schema files
- add version comment to migration
- add UserStatus type with UserActive and UserSuspended
- change database table to use status column instead of suspended
- update toggle suspended handler to be toggle status in prep for
possible future inclusion of further user statuses
2019-10-25 12:04:24 -07:00