Commit graph

121 commits

Author SHA1 Message Date
sam
51e335f090
feat: use a FixedWindowRateLimiter keyed by IP to rate limit emails
we don't talk about the sent_emails table :)
2024-12-11 21:17:46 +01:00
sam
ff8d53814d
feat: rate limit emails to two per address per hour 2024-12-11 20:42:48 +01:00
sam
5cb3faa92b
feat(backend): allow suspended users to access some endpoints, add flag scopes 2024-12-11 20:42:26 +01:00
sam
7f8e72e857
fix backend dockerfile, Caddyfile, and email controller 2024-12-11 02:11:53 +01:00
sam
a29d1fdb78
feat: plain text emails 2024-12-11 01:44:00 +01:00
sam
7e6698c3fb
update to .net 9 and add new OpenAPI packages 2024-12-10 15:28:44 +01:00
sam
80b7f192f1
clean up RemoteAuthService 2024-12-10 14:09:32 +01:00
sam
3338243cea
feat: log in with tumblr 2024-12-09 21:48:07 +01:00
sam
d30ebacc72
chore: add license headers to all c# files 2024-12-09 21:11:46 +01:00
sam
8a8b4caa18
feat: log in with google 2024-12-09 21:07:53 +01:00
sam
d9d48c3cbf
feat: flag management 2024-12-09 14:52:31 +01:00
sam
8bd4449804
refactor(backend): move all request/response types to a new Dto namespace 2024-12-09 13:58:18 +01:00
sam
f8e6032449
chore(backend): add roslynator and fix diagnostics 2024-12-08 15:17:18 +01:00
sam
649988db25
refactor(backend): use explicit types instead of var by default 2024-12-08 15:07:25 +01:00
sam
bc7fd6d804
feat(frontend): register/log in with email 2024-12-04 17:43:02 +01:00
sam
57e1ec09c0
feat: link fediverse account to existing user 2024-12-04 01:49:03 +01:00
sam
03209e4028
chore(backend): clean imports 2024-12-03 20:05:24 +01:00
sam
9966656c0c
fix(backend): don't need [NotMapped] for these actually 2024-12-03 20:04:28 +01:00
sam
18bdbc0745
feat(backend): clean deleted users 2024-12-03 14:55:19 +01:00
sam
903be2709c
feat(backend): initial data export support
obviously it's missing things that haven't been added yet
2024-12-02 18:06:19 +01:00
sam
b47ed7b699
rate limit tweaks
the /users/{id} prefix contains most API routes so it's not a good idea
to put a single rate limit on *all* of them combined. the rate limiter
will now ignore the /users/{id} prefix *if* there's a second {id}
parameter in the URL.

also, X-RateLimit-Bucket is no longer hashed, so it can be directly
decoded by clients to get the actual bucket name. i'm not sure if this
will actually be useful, but it's nice to have the option.
2024-12-02 16:13:56 +01:00
sam
de733a0682
feat(frontend): discord registration/login/linking
also moves the registration form found on the mastodon callback page
into a component so we're not repeating the same code for every auth method
2024-11-28 21:37:30 +01:00
sam
4780be3019
fix(backend): add unique index to auth methods 2024-11-28 21:29:25 +01:00
sam
8b1d5b2c1b
feat(backend): validate custom preferences on save 2024-11-28 17:28:52 +01:00
sam
71b59dbb00
feat: add icon list generation script
this is used to validate icons for custom preferences. it generates both
typescript and c# code
2024-11-27 20:00:28 +01:00
sam
59496a8cd8
feat(frontend): edit names/pronouns 2024-11-25 23:07:17 +01:00
sam
c237aa8827
fix(backend): add unlisted param to patch member 2024-11-25 21:24:28 +01:00
sam
c0bb76580d
even more frontend stuff 2024-11-25 17:35:24 +01:00
sam
261435c252
feat: so much more frontend stuff 2024-11-24 22:19:53 +01:00
sam
0c78cd25b0
fix(backend): use serilog theme that actually works with a light terminal 2024-11-24 16:01:40 +01:00
sam
c8cd483d20
feat: sid redirect controller 2024-11-24 15:40:12 +01:00
sam
7cb17409cd
fix: explicitly set sids to null so the find free sid functions actually trigger 2024-11-24 15:39:44 +01:00
sam
4e9c4af4a5
feat(auth): misc fediverse auth improvements
- remove automatic app validation
- add force refresh option to GetFediverseUrlAsync
- pass state to mastodon authorization URI
2024-11-24 15:37:36 +01:00
sam
142ff36d3a
fix: stop crash on start with empty sentry dsn, make max avatar length a constant 2024-11-23 20:43:43 +01:00
sam
d87856bf2c
refactor: change ConvertBase64UriToImage from extension method to static method 2024-11-23 20:42:14 +01:00
sam
6abf505c40
refactor: make Member.display_name non-nullable and fall back to Member.name 2024-11-23 20:41:11 +01:00
sam
d0bf638a21
fix: check for obviously invalid instance URLs, use correct JSON key for mastodon scopes 2024-11-23 20:40:09 +01:00
sam
9160281ea2
feat: remove auth method 2024-11-04 22:04:04 +01:00
sam
201c56c3dd
feat: link discord account to existing account 2024-11-03 13:53:16 +01:00
sam
c4cb08cdc1
feat: initial fediverse registration/login 2024-11-03 02:07:07 +01:00
sam
5a22807410
fix: don't pass CancellationToken to method that shouldn't abort
also add license header to project
2024-11-02 21:23:49 +01:00
sam
d982342ab8
refactor: pass DbContextOptions into context directly
turns out efcore doesn't like it when we create a new options instance
(which includes a new data source *and* a new logger factory)
every single time we create a context. this commit extracts
OnConfiguring into static methods which are called when the context is
added to the service collection and when it's manually created for
migrations and the importer.
2024-10-30 15:35:23 +01:00
sam
0077a165b5
feat: add some fediverse authentication code
* create applications on instances
* generate authorize URLs
* exchange oauth code for token and user info (untested)
* recreate mastodon app on authentication failure
2024-10-06 15:34:31 +02:00
sam
567e794154
feat(frontend): hide everything email related if it's disabled on the backend 2024-10-02 21:05:52 +02:00
sam
e030342358
feat(frontend): add, list email 2024-10-02 02:46:39 +02:00
sam
5b17c716cb
feat(backend): add add email address endpoint 2024-10-02 00:52:49 +02:00
sam
7f971e8549
chore: add csharpier to husky, format backend with csharpier 2024-10-02 00:28:07 +02:00
sam
06f7019330
feat(backend): move internal endpoints to /api/internal 2024-10-02 00:15:14 +02:00
sam
aa756ac56a
chore(backend): format 2024-10-01 21:58:13 +02:00
sam
42041d49bc
feat: add force log out endpoint 2024-10-01 21:25:51 +02:00