Commit graph

183 commits

Author SHA1 Message Date
sam
49b2902d6d
fix: use url-unsafe base 64 for auth tokens
.net throws an error when decoding url-safe base 64
luckily we never decode it *except* for tokens, so those can keep using
url-unsafe base 64. they're never used in URLs after all
2024-12-14 16:39:02 +01:00
sam
9d33093339
feat: forgot password/reset password 2024-12-14 16:32:08 +01:00
sam
26b32b40e2
feat: show utc offset on profile 2024-12-14 14:00:48 +01:00
sam
5cdadc6158
fix: remove scoped styles from user pages
these are *hell* for user styles and they're really not necessary.
they are still used on some editor pages as those are less important
to be able to comprehensively style, imo
2024-12-14 00:52:44 +01:00
sam
39a3098a99
fix: fix all eslint errors 2024-12-14 00:46:27 +01:00
sam
1cf2619393
feat: add email to existing account, change password 2024-12-13 21:25:41 +01:00
sam
77c3047b1e
feat: misskey auth 2024-12-12 16:44:01 +01:00
sam
51e335f090
feat: use a FixedWindowRateLimiter keyed by IP to rate limit emails
we don't talk about the sent_emails table :)
2024-12-11 21:17:46 +01:00
sam
1ce4f9d278
fix: favicon 2024-12-11 20:43:55 +01:00
sam
ff8d53814d
feat: rate limit emails to two per address per hour 2024-12-11 20:42:48 +01:00
sam
5cb3faa92b
feat(backend): allow suspended users to access some endpoints, add flag scopes 2024-12-11 20:42:26 +01:00
sam
7f8e72e857
fix backend dockerfile, Caddyfile, and email controller 2024-12-11 02:11:53 +01:00
sam
a9ccc12671
add favicon 2024-12-11 01:44:12 +01:00
sam
a29d1fdb78
feat: plain text emails 2024-12-11 01:44:00 +01:00
sam
7e6698c3fb
update to .net 9 and add new OpenAPI packages 2024-12-10 15:28:44 +01:00
sam
80b7f192f1
clean up RemoteAuthService 2024-12-10 14:09:32 +01:00
sam
3338243cea
feat: log in with tumblr 2024-12-09 21:48:07 +01:00
sam
d30ebacc72
chore: add license headers to all c# files 2024-12-09 21:11:46 +01:00
sam
8a8b4caa18
feat: log in with google 2024-12-09 21:07:53 +01:00
sam
bb2fa55cd5
feat: docker config for new frontend 2024-12-09 18:04:56 +01:00
sam
c6eba5b51a
feat(frontend): links editor 2024-12-09 17:05:43 +01:00
sam
b0a286dd9f
feat(frontend): member fields and flags editors, fix user fields editor 2024-12-09 16:41:54 +01:00
sam
2a0df335bc
feat(frontend): user profile flag editor 2024-12-09 16:33:06 +01:00
sam
d9d48c3cbf
feat: flag management 2024-12-09 14:52:31 +01:00
sam
8bd4449804
refactor(backend): move all request/response types to a new Dto namespace 2024-12-09 13:58:18 +01:00
sam
f8e6032449
chore(backend): add roslynator and fix diagnostics 2024-12-08 15:17:18 +01:00
sam
649988db25
refactor(backend): use explicit types instead of var by default 2024-12-08 15:07:25 +01:00
sam
bc7fd6d804
feat(frontend): register/log in with email 2024-12-04 17:43:02 +01:00
sam
57e1ec09c0
feat: link fediverse account to existing user 2024-12-04 01:49:03 +01:00
sam
03209e4028
chore(backend): clean imports 2024-12-03 20:05:24 +01:00
sam
9966656c0c
fix(backend): don't need [NotMapped] for these actually 2024-12-03 20:04:28 +01:00
sam
c20831f20d
feat(frontend): export ui 2024-12-03 20:02:09 +01:00
sam
74222ead45
feat(frontend): replace placeholder avatar with identicons
i don't actually know what the license on the kitten image is, and while
it's very unlikely, i don't want to get into legal trouble. it was only
ever supposed to be a temporary image, too.

identicons aren't the prettiest but at least they have a clear license
:3
2024-12-03 15:19:52 +01:00
sam
71d3b42330
fix(frontend): don't throw a 500 error if a user or member doesn't exist 2024-12-03 14:55:41 +01:00
sam
18bdbc0745
feat(backend): clean deleted users 2024-12-03 14:55:19 +01:00
sam
903be2709c
feat(backend): initial data export support
obviously it's missing things that haven't been added yet
2024-12-02 18:06:19 +01:00
sam
f0ae648492
feat(frontend): force log out page 2024-12-02 16:32:13 +01:00
sam
54be457a47
chore(frontend): add docs to RequestArgs 2024-12-02 16:31:48 +01:00
sam
b47ed7b699
rate limit tweaks
the /users/{id} prefix contains most API routes so it's not a good idea
to put a single rate limit on *all* of them combined. the rate limiter
will now ignore the /users/{id} prefix *if* there's a second {id}
parameter in the URL.

also, X-RateLimit-Bucket is no longer hashed, so it can be directly
decoded by clients to get the actual bucket name. i'm not sure if this
will actually be useful, but it's nice to have the option.
2024-12-02 16:13:56 +01:00
sam
02e2b230bf
feat(frontend): actual error page 2024-12-02 15:24:09 +01:00
sam
f3bb2d5d01
fix(frontend): add autocomplete=off tags to most inputs 2024-12-02 15:06:17 +01:00
sam
de733a0682
feat(frontend): discord registration/login/linking
also moves the registration form found on the mastodon callback page
into a component so we're not repeating the same code for every auth method
2024-11-28 21:37:30 +01:00
sam
4780be3019
fix(backend): add unique index to auth methods 2024-11-28 21:29:25 +01:00
sam
8b1d5b2c1b
feat(backend): validate custom preferences on save 2024-11-28 17:28:52 +01:00
sam
71b59dbb00
feat: add icon list generation script
this is used to validate icons for custom preferences. it generates both
typescript and c# code
2024-11-27 20:00:28 +01:00
sam
f435ad4cf5
feat(frontend): fields editor 2024-11-27 19:50:45 +01:00
sam
7c52ab759c
tiny readme update 2024-11-25 23:12:19 +01:00
sam
59496a8cd8
feat(frontend): edit names/pronouns 2024-11-25 23:07:17 +01:00
sam
b6d42fb15d
feat(frontend): replace non-working bootstrap tooltips with tippy.js 2024-11-25 21:43:11 +01:00
sam
004111feb6
feat(frontend): unlisted toggle on member editor 2024-11-25 21:25:18 +01:00