* Fix#3910 - Require OTP authentication to disable 2FA. Also, remove ability
to generate new OTP backup codes *after* initial backup codes were handed
out during activation
* Restore recovery code re-generation
* Improve display of some 2FA elements
* Add overview of active sessions
* Better display of browser/platform name
* Improve how browser information is stored and displayed for sessions overview
* Fix test
* Fix#2347 - Bind web UI access token to session
When you logout, session also destroys the access token, so it's no longer
valid. If access token is destroyed some other way, the session is also
destroyed, requiring a re-login.
Fix#1681 - Add scheduler to remove revoked access tokens and grants
* Fix test
* Add overview of active sessions
* Better display of browser/platform name
* Improve how browser information is stored and displayed for sessions overview
* Fix test
Setting ASSET_HOST to `http://0.0.0.0:8080` makes urls in manifest.json to
be invalid, e.g. `http://0.0.0.0:8080/packs/application.js`.
Anyway, we don't need set this on build:development because assets would
be delivered from same origin in development (and w/o dev-server).
Webpack seems to fail to import `react-intl/locale-data/*.js` if those
files has been proceed by babel, and this also breaks applying our translation.
Note that this won't be a problem on English locale, because react-intl
includes it as default and works fine without manually added locale-data.
Also this issue seems to only occurs on production build, but I'm not sure
about reason.
* Introduce domains method to Account relation
Account had followers_domains method, which was excessively specific.
Let relation of Account have domains method instead.
* Move follow_mapping in Account to AccountInteractions
* Introduce shared examples for AccountAvatar inclusion
* Cover Account more
* Fix regression from #3842
Simplify the query by omitting all direct statuses. Private statuses
are allowed because they are from accounts we are following (so
by definition)
Resolves#3887 (alternative)
* Adjust test
(This patch has been merged as bugfix and reverted, but still valuable as
improvement)
Previously, we've attached IntersectionObserver twice for boosted statuses:
wrapper Status and wrapped Status. but wrapped Status don't need to manage
intersection and visibility by itself, because it's a part of wrapper Status.
* Revert "Bump version to 1.4.4"
This reverts commit bd6bee29de.
* Revert "Fix conversations (fixes#3869) (#3870)"
This reverts commit ee7952c349.
* Revert "Fix streaming server. Redis connection subscribe for each channel. (#3828)"
This reverts commit 8f202bc639.
* Revert "Filter direct statuses in Status.as_home_timeline (#3842)"
This reverts commit 77dcf442e7.
* Revert "Fix RemoteFollow behavior (#3868)"
This reverts commit 1d2eba7a84.
* Revert "Update fabricator for MediaAttachment to attach a file according to type (#3862)"
This reverts commit baa248a801.
* Revert "Upgrade React Router (#3677)"
This reverts commit 9bc32eb267.
* Revert "Do not call setState from unmounted component (#3853)"
This reverts commit 59849b392d.
* Revert "Replace TextIconButton for SensitiveButton to IconButton (#3759)"
This reverts commit 47dceaded6.
* Revert "Fix RTL detection on Ruby side (#3867)"
This reverts commit 55376105f5.
* Revert "i18n: Fixed typo in Polish translation (#3864)"
This reverts commit 3c355ed26b.
* Revert "Don't attach IntersectionObserver for wrapped statuses (#3863)"
This reverts commit 79c04b0a2c.
The classes using Status.as_home_timeline, namely Feed and
PrecomputeFeedService are expected to filter direct statuses as
FanOutWriteService does, but their filtering were incomplete or missing.
This commit solves the problem by filtering direct statuses in
as_home_timeline as the other similar methods such as as_public_timeline
does.