Trinity Pointard
ba4695f490
Add support for signature verification on pseudo header
...
Add support for pseudo-header '(request-target)'
Add some logging for denied request
2018-10-10 21:10:43 +02:00
Trinity Pointard
3466e55548
Implement JSON-ld signature verification
...
Implement JSON-ld signature verification
Move signature verification functions to the proper file
2018-10-06 10:06:06 +02:00
Trinity Pointard
62c94ed463
Refactor and verify http signature on personnal inbox
...
Verify signature on personnal inbox
Reduce code duplication
Put Headers in plume-models
2018-10-03 20:48:25 +02:00
Bat
d8ca1d70b7
Fix CSRF issues
...
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.
Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Bat
10da8f31b6
Hide articles on public pages
...
Only show them in the dashboard
2018-09-10 20:06:00 +01:00
Bat
de3707983a
Account deletion
...
Fixes #182
2018-09-09 20:49:24 +01:00
Bat
f66ddf6ef2
Actually implement blocks
2018-09-08 22:05:48 +01:00
Baptiste Gelez
fe7f87c47f
Merge pull request #205 from lthms/recent_rocket
...
Update to a more recent rocket and rust toolchain
2018-09-08 19:06:52 +01:00
Thomas Letan
0ef4717a7f
deps: Update to a more recent rocket and rust toolchain
...
With this patch, Plume will be use a more up-to-date revision of
Rocket, that works with nightly-2018-07-17. It may have been able to
make it work with a more recent revision, but it turns out rocket has
introduced several breaking changes so I’d rather fix those.
Besides updating rocket_i18n and rocket_csrf to use the same revision
than Plume, this patch deals with the new implementation of the
Uri<'_> type. It silents a class of warnings, to deal with a change in
rustc which affects diesel. This latter change should be reverted as
soon as diesel releases a new version of its crate.
2018-09-08 15:51:55 +02:00
Bat
2822f8efe9
Don't show the "Registrations closed" message if there is an error when creating a new user
2018-09-07 20:13:14 +01:00
Bat
7653551d57
Fix some compilation errors
2018-09-04 11:45:41 +01:00
Bat
dcebc4653a
Make it possible to unfollow someone
...
I was sure it was already implemented, but it looks like it wasn't
2018-09-04 11:37:58 +01:00
Bat
32a4949f25
Update user information if needed
...
When a remote is displayed, if it has not been updated since at least 24 hours, newer informations are fetched.
Fixes #135
2018-09-03 19:53:20 +01:00
Bat
ac631627ab
Make it possible to disable registrations
...
Fix #41
2018-09-03 17:05:45 +01:00
Bat
3013eec579
Redesign menu items
2018-09-03 14:59:02 +01:00
Bat
97c0b533ab
Add Atom feeds for blogs and users
2018-09-01 21:08:26 +01:00
Bat
38d99ad5af
Try to fetch followers
2018-07-27 12:53:21 +02:00
Bat
0314629d99
Improve the background article fetching code
2018-07-26 22:59:41 +02:00
Bat
bd259891f3
Try to fetch remote articles
2018-07-26 22:23:53 +02:00
Bat
a9f95c91e2
Sent activities in other threads
2018-07-26 17:51:41 +02:00
Bat
4e07fdbd05
Paginate followers too
2018-07-25 15:50:29 +02:00
Bat
3764e295b8
Fix the link of the follow/unfollow button so that it is always working, even without a trailing slash
2018-07-20 17:59:16 +02:00
Bat
b95e384ed7
Use the ApRequest guard for routes that need it + Fix a few issues with its impl
...
Also fixes some Rocket warnings!
2018-07-11 17:30:01 +02:00
Bat
3775d3a9c9
HTML validation + Actually associate messages to errors + Fix inverted behavior on new blog and post form
2018-07-07 22:51:48 +02:00
Bat
5f3afe900f
Display errors on invalid forms
...
It will probably need a bit of styling…
2018-07-06 19:29:36 +02:00
Bat
153400959c
Actually validate forms
2018-07-06 11:51:19 +02:00
Bat
c81bb9ec25
Make forms validatable
2018-06-29 14:56:00 +02:00
Trinity Pointard
30e9620d0a
Add csrf protection
2018-06-24 18:58:57 +02:00
Bat
68c7aad179
Big repository reorganization
...
The code is divided in three crates:
- plume-common, for the ActivityPub module, and some common utils
- plume-models, for the models and database-related code
- plume, the app itself
This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of
the code (for instance a Wordpress import tool, that would just use the plume-models crate)
2018-06-23 17:36:11 +01:00
Bat
e7fd12ae6f
Set to and cc for new Follow activities
2018-06-23 13:47:53 +01:00
Didier Link
b153a9ce2b
add an argument in the macro may_fail to have the account linked in the error template
2018-06-22 00:50:06 +02:00
Bat
e34d12922c
Serialize publicKey in Person representation
2018-06-21 22:12:24 +01:00
Bat
f5f2aa7c59
Get rid of the activity_pub::actor::Actor trait
2018-06-21 18:53:57 +01:00
Bat
b2e8d54161
Drop activity_pub::activitypub and activity_pub::ActivityPub and only use the ActivityStream responder
2018-06-21 18:09:18 +01:00
Bat
3fe2625e86
Simplify the Inbox trait
...
If we want to add, for instance, streams in the future, we could introduce
a new trait for that, similar to FromActivity or Notify
We also display inbox errors to the "client" if something fails,
which could be useful for debugging.
2018-06-21 17:00:37 +01:00
Bat
2217ec0d56
Remove PgConnection when we don't need it
...
Massive simplification in the ActivityPub module!
2018-06-21 16:31:42 +01:00
Bat
5457a80eec
Avoid calling compute_id when we shouldn't
...
It should only be used at initialization, after we should prefer ap_url,
as not everybody is using the same URLs as Plume.
2018-06-21 15:53:58 +01:00
Bat
3551bef895
Simplify the activity_pub::inbox::Notify trait + Fix notifications
...
Also fix a bug with the list of mentions that was returned
2018-06-20 22:51:47 +01:00
Bat
635ac6cf42
Merge branch 'master' into setup-script
2018-06-19 22:26:31 +01:00
Bat
8ab25b1ca2
Use uri! as much as possible instead of directly writing URLs
2018-06-19 22:20:27 +01:00
Bat
dd152f2607
Remove old configuration code
2018-06-19 18:29:34 +01:00
Bat
51571d6320
may_fail! macro
...
Returns an error template if an Option is None, else runs the given block
2018-06-18 18:28:28 +01:00
Bat
7e3cdec0b6
Add some to_json functions to models for serialization in templates
2018-06-18 17:34:29 +01:00
Bat
36bf2e114c
Fix local notifications
2018-06-18 12:32:03 +01:00
Bat
0b9515645c
De-duplicate some parts of the users templates
2018-06-17 18:48:22 +01:00
Bat
b18aa33c70
Update to the latest version of Rocket, to use rocket_contrib::Template::custom
2018-06-16 18:39:22 +01:00
Bat
c9b4c40fa1
Add the gettext-rs crate
2018-06-15 14:08:38 +01:00
Bat
a4a8446d45
Make the follow button a bit smarter
2018-06-13 19:06:14 +01:00
Bat
1c287c6dfe
View remote profiles locally
...
Add a link to the profile on the real instance
2018-06-13 18:48:37 +01:00
Bat
edbeeef640
Add a dashboard
2018-06-10 18:55:08 +01:00