rinpatch
|
15ea75cd2a
|
Actually fix upload limit on OTP releases
Closes #1109
|
5 years ago |
rinpatch
|
c27d1d65bf
|
Merge branch 'fix/disable-rate-limiter-for-socket-localhost' into 'develop'
Disable rate limiter for socket/localhost
Closes #1380
See merge request pleroma/pleroma!2064
|
5 years ago |
rinpatch
|
5b62acf6e9
|
Merge branch 'develop' into fix/disable-rate-limiter-for-socket-localhost
|
5 years ago |
lain
|
774cba84f5
|
Merge branch 'reenable-rate-limit-and-remote-ip' into 'develop'
Re-enable rate limiter and enable remote ip
See merge request pleroma/pleroma!2164
|
5 years ago |
feld
|
36becd5573
|
Update http_security_plug.ex
|
5 years ago |
rinpatch
|
889965141a
|
RemoteIp: only trust X-Forwarded-For
Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the
client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway.
|
5 years ago |
Egor Kislitsyn
|
e07e7888d7
|
Fix credo warning
|
5 years ago |
Egor Kislitsyn
|
2bd4d6289b
|
Make the warning more scarier
|
5 years ago |
Egor Kislitsyn
|
6302b40791
|
Warn if HTTPSecurityPlug is disabled
|
5 years ago |
Maksim Pechnikov
|
108a39c876
|
updated error messages for authentication process
|
5 years ago |
Ivan Tashkinov
|
39ce894a07
|
Merge remote-tracking branch 'remotes/origin/develop' into 1478-oauth-admin-scopes-tweaks
# Conflicts:
# lib/pleroma/user.ex
|
5 years ago |
Ivan Tashkinov
|
6c94b7498b
|
[#1478] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests.
|
5 years ago |
Ivan Tashkinov
|
7973cbdb9f
|
OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage.
|
5 years ago |
Maxim Filippov
|
eb11c60289
|
Disable rate limiter for socket/localhost (unless RemoteIp is enabled)
|
5 years ago |
Ivan Tashkinov
|
3920244be5
|
[#1427] Fixed `:admin` option handling in OAuthScopesPlug, added tests.
|
5 years ago |
Ivan Tashkinov
|
835ac2157c
|
Merge remote-tracking branch 'remotes/upstream/develop' into 1427-oauth-admin-scopes
# Conflicts:
# CHANGELOG.md
|
5 years ago |
rinpatch
|
3c45ed4f47
|
OTP: Fix runtime upload limit config being ignored
Closes #1109
|
5 years ago |
Ivan Tashkinov
|
1770602747
|
[#1427] Extra check that admin OAuth scope is used by admin. Adjusted tests.
|
5 years ago |
Ivan Tashkinov
|
40e1817f70
|
[#1427] Fixes / improvements of admin scopes support. Added tests.
|
5 years ago |
Ivan Tashkinov
|
93a80ee915
|
[#1427] Bugfix for `enforce_oauth_admin_scope_usage`. Admin API documentation entry.
|
5 years ago |
Ivan Tashkinov
|
af42c00cff
|
[#1427] Reworked admin scopes support.
Requalified users.is_admin flag as legacy accessor to admin actions in case token lacks admin scope(s).
|
5 years ago |
Egor Kislitsyn
|
36686f5245
|
Support authentication via `x-admin-token` HTTP header
|
5 years ago |
rinpatch
|
22554ac5ca
|
Merge branch 'bugfix/1395-email-activation' into 'develop'
Bugfix/1395 email activation
Closes #1395
See merge request pleroma/pleroma!1965
|
5 years ago |
lain
|
f17e0f8e4f
|
OAuthPlug, Router: Handle deactivated users in the UserEnabledPlug
|
5 years ago |
kaniini
|
2cc043591c
|
Merge branch 'feature/static-fe' into 'develop'
Static frontend
See merge request pleroma/pleroma!1917
|
5 years ago |
Steven Fuchs
|
94627baa5c
|
New rate limiter
|
5 years ago |
lain
|
f6056e9c9c
|
UserEnabledPlug: Don't authenticate unconfirmed users.
|
5 years ago |
Phil Hagelberg
|
886a07ba57
|
Move static_fe config to its own section instead of in :instance.
|
5 years ago |
Phil Hagelberg
|
8969c5522d
|
Make many of the improvements suggested in review.
|
5 years ago |
Phil Hagelberg
|
e8bee35578
|
Static FE plug should only respond to text/html requests.
|
5 years ago |
Phil Hagelberg
|
dc3b87d153
|
Move static FE routing into its own plug.
Previously it was piggybacking on FallbackRedirectController for users
and OStatusController for notices; now it's all in one place.
|
5 years ago |
rinpatch
|
365657320c
|
Fix TrailingFormatPlug not being active for /api/oauth_tokens
|
5 years ago |
Ivan Tashkinov
|
10ff01acd9
|
[#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP.
|
5 years ago |
Ivan Tashkinov
|
64095961fe
|
[#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
# CHANGELOG.md
# lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
# lib/pleroma/web/router.ex
|
5 years ago |
minibikini
|
f9380289eb
|
Add `remote_ip` plug
|
5 years ago |
Ivan Tashkinov
|
e4f3d7f69d
|
Apply suggestion to lib/pleroma/plugs/oauth_scopes_plug.ex
|
5 years ago |
Ivan Tashkinov
|
01c1078015
|
[#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
# lib/pleroma/web/activity_pub/activity_pub_controller.ex
|
5 years ago |
Ivan Tashkinov
|
efbc2edba1
|
[#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
# lib/pleroma/web/activity_pub/activity_pub_controller.ex
# lib/pleroma/web/router.ex
|
5 years ago |
Ivan Tashkinov
|
e6f43a831b
|
[#1234] Permissions-related fixes / new functionality (Masto 2.4.3 scopes).
|
5 years ago |
rinpatch
|
b0e6058021
|
Parse http signature for request to objects/activities
|
5 years ago |
rinpatch
|
dabc4a00f5
|
Put the cache with the right key when using a tracking function
|
5 years ago |
rinpatch
|
769fb778d4
|
Track object/create activity fetches
|
5 years ago |
minibikini
|
11e12b5761
|
Add Pleroma.Plugs.Cache
|
5 years ago |
Ivan Tashkinov
|
b63faf9819
|
[#1234] Mastodon 2.4.3 hierarchical scopes initial support (WIP).
|
5 years ago |
rinpatch
|
3523bdcf26
|
Call TrailingFormatPlug for /api/pleroma/emoji
Apparently Pleroma-FE still calls it with trailing '.json'
|
5 years ago |
rinpatch
|
cc1d1ee406
|
Mastdon API: Add ability to get a remote account by nickname to
`/api/v1/accounts/:id`
|
5 years ago |
Maksim
|
55341ac717
|
tests WebFinger
|
5 years ago |
kaniini
|
716afc83ce
|
Merge branch 'refactor/http-signature-plug' into 'develop'
http signature plug: separation of concerns
See merge request pleroma/pleroma!1449
|
5 years ago |
Ariadne Conill
|
c947cfec5a
|
mapped signature plug: use `user` assign like authentication plug
|
5 years ago |
Maksim
|
f435217e50
|
tests for Plugs.AuthenticationPlug
|
5 years ago |