Commit Graph

155 Commits

Author SHA1 Message Date
Trinity Pointard
fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Bat
72fd9eb610 API: Filter posts in the list 2018-09-29 15:45:27 +01:00
Bat
f893056d6d Mount the API endpoints 2018-09-25 20:45:32 +01:00
Bat
1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Bat
8879935925 Add the possibility to save an article as draft 2018-09-10 19:38:19 +01:00
Bat
a3b7d5557b Allow newer Tera versions
Tera 0.11.15 was released, and fixes the bug that forced us to downgrade.
2018-09-09 18:53:28 +01:00
Bat
2f53cb9122 Update rocket_csrf 2018-09-09 11:06:10 +01:00
Bat
c0d0f98d1f Update rocket_csrf and enable protection again 2018-09-09 10:27:03 +01:00
Bat
995c173146 Downgrade Tera + Temporary disable CSRF protection
Bugs in these crates prevented articles from displaying correctly.
2018-09-08 23:09:59 +01:00
Thomas Letan
0ef4717a7f deps: Update to a more recent rocket and rust toolchain
With this patch, Plume will be use a more up-to-date revision of
Rocket, that works with nightly-2018-07-17. It may have been able to
make it work with a more recent revision, but it turns out rocket has
introduced several breaking changes so I’d rather fix those.

Besides updating rocket_i18n and rocket_csrf to use the same revision
than Plume, this patch deals with the new implementation of the
Uri<'_> type. It silents a class of warnings, to deal with a change in
rustc which affects diesel. This latter change should be reverted as
soon as diesel releases a new version of its crate.
2018-09-08 15:51:55 +02:00
Bat
772bb350ac Update rocket_csrf to support multipart forms 2018-09-03 10:21:33 +01:00
Bat
f44b6fffa3 Media upload 2018-09-02 21:55:42 +01:00
Bat
97c0b533ab Add Atom feeds for blogs and users 2018-09-01 21:08:26 +01:00
Bat
5583029b07 Update the WebFinger crate
Fixes an issue with some Mastodon accounts
2018-07-26 21:35:35 +02:00
Bat
1e5ad2b086 Add a job pool 2018-07-26 17:32:52 +02:00
Trinity Pointard
e9b2a20ad3 Update dependancie to rocket_csrf
fix #117
2018-07-20 17:24:34 +02:00
Baptiste Gelez
6fe70cd723
Merge pull request #111 from Plume-org/form-validation
Form validation
2018-07-08 14:28:47 +02:00
Bat
5f3afe900f Display errors on invalid forms
It will probably need a bit of styling…
2018-07-06 19:29:36 +02:00
Trinity Pointard
ec4b791727 Update dependancy to rocket_csrf
fix #96
2018-06-30 09:38:44 +02:00
Bat
b008e11fb0 Add validator 2018-06-29 14:22:43 +02:00
Baptiste Gelez
ca07950100
Merge pull request #83 from Plume-org/csrf-protection
Csrf protection
2018-06-26 16:30:24 +02:00
Bat
f805ec1d53 Introduce an environment variable to disable HTTPS, and use it when fetching WebFinger resources
You can now use USE_HTTPS=0 when debugging the federation locally.
2018-06-26 16:16:59 +02:00
Trinity Pointard
30e9620d0a Add csrf protection 2018-06-24 18:58:57 +02:00
Bat
68c7aad179 Big repository reorganization
The code is divided in three crates:
- plume-common, for the ActivityPub module, and some common utils
- plume-models, for the models and database-related code
- plume, the app itself

This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of
the code (for instance a Wordpress import tool, that would just use the plume-models crate)
2018-06-23 17:36:11 +01:00
Bat
e7e557612e Rewrite User::from_activity to use the activitypub crate instead of raw JSON 2018-06-21 21:30:56 +01:00
Bat
4ea071e709 Switch to pulldown-cmark for markdown parsing + Try to parse mentions
It's not working correctly yet for some reason…
2018-06-20 15:29:19 +01:00
Bat
d00688e526 Admin creation 2018-06-19 16:14:52 +01:00
Bat
54e2cea83b Start a setup script
For now, it checks if the instance is ready, and if it is not starts the actual setup script.

Only the first actual step of the script, checking for native dependencies, is implemented.
2018-06-19 14:08:44 +01:00
Bat
5415b70854 Use the webfinger crate 2018-06-18 22:50:40 +01:00
Bat
cdb8aba6ec Update rocket_i18n 2018-06-17 23:04:46 +01:00
Bat
cafb0e2277 Use the rocket_i18n crate 2018-06-17 15:28:44 +01:00
Bat
b18aa33c70 Update to the latest version of Rocket, to use rocket_contrib::Template::custom 2018-06-16 18:39:22 +01:00
Bat
c9b4c40fa1 Add the gettext-rs crate 2018-06-15 14:08:38 +01:00
Bat
7d17751f50 Definitively get rid of the activitystreams crates 2018-06-11 13:30:14 +01:00
Trinity Pointard
7d9609671c change post.content and comment.content's types from String to SafeString 2018-06-11 12:22:43 +02:00
Bat
6ae1f405eb Remove unecessary dependencies 2018-06-10 12:17:31 +01:00
Bat
78362feffb Use the activitypub crate 2018-06-10 12:13:07 +01:00
Bat
93eb89bc77 Markdown!
Fixes #18
2018-05-24 11:42:45 +01:00
Bat
4a86af6fc1 Resolve activitystream TODOs 2018-05-18 23:04:30 +01:00
Bat
c779b1c58a WIP: use the activitystreams crate 2018-05-16 19:20:44 +01:00
Bat
fdc481e384 Use shared inbox when available
But it is not yet stored in the database, so it means never
2018-05-13 15:39:55 +01:00
Bat
3c868e1289 Fix Cargo.toml 2018-05-04 16:21:33 +01:00
Bat
3cf6836095 HTTP signature when sending activites 2018-05-04 16:18:00 +01:00
Bat
5f43f783b6 Use more env vars for config
It will make it easier to test federation
2018-05-02 12:53:42 +01:00
Bat
9a4f60cfe3 Accept follow requests 2018-05-01 19:02:29 +01:00
Bat
8047df6848 Display remote profiles! 2018-05-01 12:48:19 +01:00
Bat
59652e8655 Add a function to send activity to an inbox 2018-04-30 19:08:44 +01:00
Bat
e93bb3a21f Add creation timestamps 2018-04-30 18:46:27 +01:00
Bat
5e6be0cf93 WIP: signing 2018-04-29 16:40:10 +01:00
Bat
721456de30 Actually start playing with ActivityPub
And Rust
2018-04-24 15:52:47 +01:00
Bat
7b3a884ec6 Add ActivityPub endpoint for actors 2018-04-23 16:09:05 +01:00
Bat
9130f4d848 Basic blog creation 2018-04-23 11:54:37 +01:00
Bat
a7774444fe User creation 2018-04-22 19:13:12 +01:00
Bat
f060fa08af Initial commit
With instance configuration
2018-04-22 14:35:37 +01:00