Patrick Figel
15b393201e
Add recovery code support for two-factor auth ( #1773 )
...
* Add recovery code support for two-factor auth
When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.
The two-factor prompt during login now accepts both OTP codes and
recovery codes.
The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.
Fixes #563 and fixes #987
* Set OTP_SECRET in test enviroment
* add missing .html to view file names
2017-04-15 13:26:03 +02:00
ThibG
626e7d1548
Refresh webfinger ( #1323 )
...
* Refresh local info for remote accounts when webfinger returns new values
It only refreshes account info if one of the URLs or the public-key changes,
in which cases it refreshes the full info, re-downloading the feeds from that
user.
Some special handling should probably be done when the public key changes,
but I have been unable to find any use for it in Mastodon yet.
* Re-fetch remote users we aren't subscribed to.
This might induce performance issues, we might want to only do that for users
we explicitly attempted to subscribe but failed to.
* Refactor changes
* Do not refresh existing remote account details more than once a day
* Avoid re-fetching webfinger info in tests unless otherwise specified
2017-04-15 03:16:05 +02:00
Eugen Rochko
b184c13102
Low-hanging fruit of query optimization, these indices were missing
2017-04-07 00:04:38 +02:00
Eugen Rochko
6687c4a114
Add index on mentions status_id
2017-04-05 13:32:57 +02:00
Eugen Rochko
c9ffa7ab1d
Add basic logging of who resolved report
2017-04-03 19:35:00 +02:00
Eugen Rochko
244da78105
Import feature for following/blocking lists (addresses #62 , #177 , #201 , #454 )
2017-03-30 19:42:33 +02:00
Eugen Rochko
f1a3855f30
Fix up null values on latest migration, add notes
2017-03-30 16:06:27 +02:00
Eugen Rochko
03245e1a72
Do NOT try to update the new fields from the migration. Takes too long on a live DB
...
Needs to be a separate task with no locking
2017-03-30 15:50:34 +02:00
Eugen Rochko
96e58cf289
Add counter caches for a large performance increase on API requests
2017-03-30 15:06:59 +02:00
Eugen Rochko
1b4583ca91
Fix full-text search query quotation, improve tag search performance with an index,
...
add ability to open status by URL from search (fix #53 )
2017-03-22 17:36:34 +01:00
Eugen Rochko
52f940fba9
Upgrade status IDs to bigint
2017-03-22 15:46:58 +01:00
Eugen Rochko
afd53467eb
More efficient single account retrieval (0.9ms vs 50ms before)
2017-03-22 03:21:38 +01:00
Eugen Rochko
a19062b726
Federate header images, fix open-uri http->https redirection error
2017-03-18 22:51:20 +01:00
Eugen Rochko
64be072702
Make account search blazing fast and rank followers/followees higher in the results
2017-03-17 20:48:14 +01:00
Eugen Rochko
4b93cf88e5
Fix #431 - convert gif to webm during upload. Web UI treats them like it did
...
before. In the API, attachments now can be either image, video or gifv. Gifv
is to be treated like images in terms of behaviour, but are videos by file
type.
2017-03-04 23:02:24 +01:00
Eugen Rochko
0cb5a2a0a7
Add digest e-mails
2017-03-04 00:00:48 +01:00
Kit Redgrave
4554ccd5d0
Mute button progress so far. WIP, doesn't entirely work correctly.
2017-03-01 22:31:21 -06:00
Eugen Rochko
60cc2a32c2
Add foreign key to prevent reblogs of non-existent (after race conditions) statuses from happening
...
Fix issue with detailed status view not supporting unreblogging/unfavouriting
2017-02-17 02:33:10 +01:00
Eugen Rochko
2cc31b3194
Adding POST /api/v1/reports API, and a UI for submitting reports
2017-02-14 20:59:26 +01:00
Eugen Rochko
81be690f95
Fix #614 - extra reply-boolean on statuses to account for cases when replied-to
...
status is not in the system at time of distribution; fix #607 - reset privacy
settings to defaults when cancelling replies
2017-02-09 20:25:39 +01:00
Eugen Rochko
d384845469
Fix #61 - Add list of blocked users to the UI; clean up failed push notifications API
...
Try to fix Travis CI setup
2017-02-05 19:18:11 +01:00
Eugen Rochko
9327d05bf7
API for apps to register for push notifications
2017-01-29 01:30:32 +01:00
Eugen Rochko
bcfa0d4d64
Fix #569 - seeds.rb
2017-01-29 00:12:27 +01:00
Eugen Rochko
9b8670c939
Added optional two-factor authentication
2017-01-27 20:35:16 +01:00
Eugen Rochko
096ff9ba38
Removed accidental n+1 query from notifications, updated some deps,
...
improved how "show more" link looks
2017-01-26 14:52:07 +01:00
Effy Elden
26756a48e7
Seed a default, confirmed, admin account on development environments
2017-01-26 19:22:00 +11:00
Eugen Rochko
f751e16e2a
Fix spoiler_text not having "not null" constraint
2017-01-25 15:24:19 +01:00
Eugen Rochko
30abab790e
Fix order of migrations
2017-01-25 15:01:00 +01:00
Eugen Rochko
959e064186
Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
...
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
2017-01-25 01:29:16 +01:00
blackle
e25fc71c2c
Implement a click-to-view spoiler system
2017-01-23 21:07:40 -05:00
Eugen Rochko
3710d18889
Optional domain block attribute that prevents media attachments from being downloaded
2017-01-23 21:36:08 +01:00
Eugen Rochko
77a76d5171
Domain blocks now have varying severity - auto-suspend vs auto-silence
2017-01-23 17:38:38 +01:00
Eugen Rochko
f748a91ec7
Fix #463 - Fetch and display previews of URLs using OpenGraph tags
2017-01-20 01:00:14 +01:00
Effy Elden
8e0c1914fb
Add tracking of OAuth app that posted a status, extend OAuth apps to have optional website field, add application details to API, show application name and website on detailed status views. Resolves #11
2017-01-15 08:58:50 +11:00
Eugen Rochko
f2667139ad
Adding about/more page with extended information that can be set up by an admin
2017-01-13 20:16:38 +01:00
Eugen Rochko
6d98465db2
Extend rails-settings-cached to merge db-saved hash values with defaults
2017-01-13 02:42:22 +01:00
Eugen Rochko
7e7c2bbb0f
Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings
...
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
2017-01-12 20:46:24 +01:00
Eugen Rochko
4293e132d1
Persist UI settings, add missing localizations for German
2017-01-09 14:00:55 +01:00
Eugen Rochko
0df070596e
Fix #416 - Generate random unique 14-byte (19 characters) shortcodes
...
for local attachments, use them in URLs. Check status privacy
before redirecting to actual file.
2017-01-06 00:29:12 +01:00
Eugen Rochko
bef225e5da
Add illustration to getting started column
2016-12-27 23:30:11 +01:00
Eugen Rochko
238233440f
Follow call on locked account creates follow request instead
...
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
2016-12-22 23:03:57 +01:00
Eugen Rochko
09a477c782
Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users
2016-12-22 21:34:19 +01:00
Eugen Rochko
d417da7d3a
Private visibility on statuses prevents non-followers from seeing those
...
Filters out hidden stream entries from Atom feed
Blocks now generate hidden stream entries, can be used to federate blocks
Private statuses cannot be reblogged (generates generic 422 error for now)
POST /api/v1/statuses now takes visibility=(public|unlisted|private) param instead of unlisted boolean
Statuses JSON now contains visibility=(public|unlisted|private) field
2016-12-21 20:04:13 +01:00
Eugen Rochko
ca0757a6cf
Add account suspension
2016-12-05 22:59:30 +01:00
Eugen Rochko
e5c39148d7
Keep timelines in the UI trimmed when possible
2016-12-03 21:04:57 +01:00
Eugen Rochko
047bdf6fe0
Improve notification model
2016-12-03 20:04:19 +01:00
Eugen Rochko
2d4ce8a867
Fix #248 - Reload all accounts when fetching from cache
2016-12-03 18:21:26 +01:00
Eugen Rochko
473470b119
Make data migration more merciful
2016-12-02 15:09:44 +01:00
Eugen Rochko
23a4f93345
Fix #323 - self-replies to appear in public timelines again
2016-12-02 14:33:20 +01:00
Eugen Rochko
8d4ef0b6c3
Per-status control for unlisted mode, also federation for unlisted mode
...
Fix #233 , fix #268
2016-11-30 21:34:59 +01:00