Commit Graph

54 Commits

Author SHA1 Message Date
Trinity Pointard fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Bat 72fd9eb610 API: Filter posts in the list 2018-09-29 15:45:27 +01:00
Bat f893056d6d Mount the API endpoints 2018-09-25 20:45:32 +01:00
Bat 1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Bat 8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Bat 8879935925 Add the possibility to save an article as draft 2018-09-10 19:38:19 +01:00
Bat 2f53cb9122 Update rocket_csrf 2018-09-09 11:06:10 +01:00
Bat c0d0f98d1f Update rocket_csrf and enable protection again 2018-09-09 10:27:03 +01:00
Bat 995c173146 Downgrade Tera + Temporary disable CSRF protection
Bugs in these crates prevented articles from displaying correctly.
2018-09-08 23:09:59 +01:00
Thomas Letan 0ef4717a7f deps: Update to a more recent rocket and rust toolchain
With this patch, Plume will be use a more up-to-date revision of
Rocket, that works with nightly-2018-07-17. It may have been able to
make it work with a more recent revision, but it turns out rocket has
introduced several breaking changes so I’d rather fix those.

Besides updating rocket_i18n and rocket_csrf to use the same revision
than Plume, this patch deals with the new implementation of the
Uri<'_> type. It silents a class of warnings, to deal with a change in
rustc which affects diesel. This latter change should be reverted as
soon as diesel releases a new version of its crate.
2018-09-08 15:51:55 +02:00
Bat 772bb350ac Update rocket_csrf to support multipart forms 2018-09-03 10:21:33 +01:00
Bat f44b6fffa3 Media upload 2018-09-02 21:55:42 +01:00
Bat 97c0b533ab Add Atom feeds for blogs and users 2018-09-01 21:08:26 +01:00
Bat 5583029b07 Update the WebFinger crate
Fixes an issue with some Mastodon accounts
2018-07-26 21:35:35 +02:00
Bat 1e5ad2b086 Add a job pool 2018-07-26 17:32:52 +02:00
Trinity Pointard e9b2a20ad3 Update dependancie to rocket_csrf
fix #117
2018-07-20 17:24:34 +02:00
Baptiste Gelez 6fe70cd723
Merge pull request #111 from Plume-org/form-validation
Form validation
2018-07-08 14:28:47 +02:00
Bat 5f3afe900f Display errors on invalid forms
It will probably need a bit of styling…
2018-07-06 19:29:36 +02:00
Trinity Pointard ec4b791727 Update dependancy to rocket_csrf
fix #96
2018-06-30 09:38:44 +02:00
Bat b008e11fb0 Add validator 2018-06-29 14:22:43 +02:00
Baptiste Gelez ca07950100
Merge pull request #83 from Plume-org/csrf-protection
Csrf protection
2018-06-26 16:30:24 +02:00
Bat f805ec1d53 Introduce an environment variable to disable HTTPS, and use it when fetching WebFinger resources
You can now use USE_HTTPS=0 when debugging the federation locally.
2018-06-26 16:16:59 +02:00
Trinity Pointard 3b9c53bebc Use proper repository for rocket_csrf 2018-06-24 19:02:47 +02:00
Trinity Pointard 30e9620d0a Add csrf protection 2018-06-24 18:58:57 +02:00
Bat 68c7aad179 Big repository reorganization
The code is divided in three crates:
- plume-common, for the ActivityPub module, and some common utils
- plume-models, for the models and database-related code
- plume, the app itself

This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of
the code (for instance a Wordpress import tool, that would just use the plume-models crate)
2018-06-23 17:36:11 +01:00
Bat e7e557612e Rewrite User::from_activity to use the activitypub crate instead of raw JSON 2018-06-21 21:30:56 +01:00
Bat 4ea071e709 Switch to pulldown-cmark for markdown parsing + Try to parse mentions
It's not working correctly yet for some reason…
2018-06-20 15:29:19 +01:00
Bat d00688e526 Admin creation 2018-06-19 16:14:52 +01:00
Bat 54e2cea83b Start a setup script
For now, it checks if the instance is ready, and if it is not starts the actual setup script.

Only the first actual step of the script, checking for native dependencies, is implemented.
2018-06-19 14:08:44 +01:00
Bat 5415b70854 Use the webfinger crate 2018-06-18 22:50:40 +01:00
Bat 36bf2e114c Fix local notifications 2018-06-18 12:32:03 +01:00
Bat cafb0e2277 Use the rocket_i18n crate 2018-06-17 15:28:44 +01:00
Bat b18aa33c70 Update to the latest version of Rocket, to use rocket_contrib::Template::custom 2018-06-16 18:39:22 +01:00
Bat c9b4c40fa1 Add the gettext-rs crate 2018-06-15 14:08:38 +01:00
Bat 7d17751f50 Definitively get rid of the activitystreams crates 2018-06-11 13:30:14 +01:00
Trinity Pointard 7d9609671c change post.content and comment.content's types from String to SafeString 2018-06-11 12:22:43 +02:00
Bat 6ae1f405eb Remove unecessary dependencies 2018-06-10 12:17:31 +01:00
Bat 78362feffb Use the activitypub crate 2018-06-10 12:13:07 +01:00
Bat 93eb89bc77 Markdown!
Fixes #18
2018-05-24 11:42:45 +01:00
Bat 4a86af6fc1 Resolve activitystream TODOs 2018-05-18 23:04:30 +01:00
Bat c779b1c58a WIP: use the activitystreams crate 2018-05-16 19:20:44 +01:00
Bat fdc481e384 Use shared inbox when available
But it is not yet stored in the database, so it means never
2018-05-13 15:39:55 +01:00
Bat 3cf6836095 HTTP signature when sending activites 2018-05-04 16:18:00 +01:00
Bat 5f43f783b6 Use more env vars for config
It will make it easier to test federation
2018-05-02 12:53:42 +01:00
Bat 9a4f60cfe3 Accept follow requests 2018-05-01 19:02:29 +01:00
Bat 8047df6848 Display remote profiles! 2018-05-01 12:48:19 +01:00
Bat 59652e8655 Add a function to send activity to an inbox 2018-04-30 19:08:44 +01:00
Bat e93bb3a21f Add creation timestamps 2018-04-30 18:46:27 +01:00
Bat 5e6be0cf93 WIP: signing 2018-04-29 16:40:10 +01:00
Bat 721456de30 Actually start playing with ActivityPub
And Rust
2018-04-24 15:52:47 +01:00