Commit graph

67 commits

Author SHA1 Message Date
FloatingGhost 502382da45 cherry-pick security from upstream 2022-06-22 16:25:05 +01:00
Alex Gleason 138f5a4517
EnsureStaffPrivilegedPlug: don't let non-moderators through 2021-12-27 17:18:26 -06:00
Alibek Omarov f02715c4b2 Fix lint errors 2021-12-27 03:42:03 +03:00
Alibek Omarov cd1041c3a4 API: optionally restrict moderators from accessing sensitive data 2021-12-27 02:27:48 +03:00
Alex Gleason 44ede0657f
Merge remote-tracking branch 'pleroma/develop' into staff-plug 2021-08-04 11:48:57 -05:00
Alex Gleason 9bc1e79c56
Moderators: add UserIsStaffPlug 2021-07-12 21:57:52 -05:00
Alex Gleason 595bca24ad
Merge remote-tracking branch 'pleroma/develop' into cycles-frontend-static 2021-05-30 12:12:58 -05:00
Alex Gleason 721c966842
FrontendStatic: make Router a runtime dep
Speeds up recompilation by removing compile-time cycles
2021-05-30 12:12:16 -05:00
Alex Gleason 39127f15eb
Merge remote-tracking branch 'pleroma/develop' into cycles-router-api-routes 2021-05-28 13:51:21 -05:00
Alex Gleason c23b81e399
Pleroma.Web.get_api_routes/0 --> Pleroma.Web.Router.get_api_routes/0
Reduce recompilation time by breaking compile-time cycles
2021-05-28 13:51:01 -05:00
Sean King 2b4f958b2a
Add opting out of Google FLoC to HTTPSecurityPlug headers 2021-04-18 14:00:18 -06:00
Mark Felder 1552179792 Improved recursion through the api route list 2021-02-25 10:07:29 -06:00
Mark Felder cea31df6a6 Attempt to filter out API calls from FrontendStatic plug 2021-02-24 15:27:53 -06:00
rinpatch 2ab9499258 OAuthScopesPlug: remove transform_scopes in favor of explicit admin scope definitions
Transforming scopes is no longer necessary since we are dropping
support for accessing admin api without `admin:` prefix in scopes.
2021-02-17 21:37:23 +03:00
Ivan Tashkinov df89b5019b [#2510] Improved support for app-bound OAuth tokens. Auth-related refactoring. 2021-02-11 15:02:50 +03:00
Egor Kislitsyn 793fc77b16
Add active user count 2021-01-27 18:20:06 +04:00
eugenijm 7fcaa188a0 Allow to define custom HTTP headers per each frontend 2021-01-21 21:55:23 +03:00
eugenijm 133644dfa2 Ability to set the Service-Worker-Allowed header 2021-01-21 21:55:11 +03:00
Lain Soykaf 39f3683a06 Pbkdf2: Use it everywhere. 2021-01-14 15:06:16 +01:00
lain 9106048c61 Password: Replace Pbkdf2 with Password. 2021-01-13 15:11:11 +01:00
Haelwenn (lanodan) Monnier c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Mark Felder 86dcfb4eb9 More places we should be using Upload.base_url 2021-01-08 17:32:42 -06:00
Mark Felder d69c78ceb9 Remove configurability of upload proxy opts, simplify 2021-01-05 15:06:00 -06:00
lain 713612c377 Cachex: Make caching provider switchable at runtime.
Defaults to Cachex.
2020-12-18 17:44:46 +01:00
Ivan Tashkinov e9859b68fc [#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 13:59:10 +03:00
Ivan Tashkinov 50e47a215f Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-28 21:51:27 +03:00
Alexander Strizhakov 6aadb1cb40
digest algorithm is taken from header 2020-11-27 08:10:52 +03:00
Ivan Tashkinov 12a5981cc3 Session token setting on token exchange. Auth-related refactoring. 2020-11-25 21:47:23 +03:00
Ivan Tashkinov ccc2cf0e87 Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 19:47:25 +03:00
Ivan Tashkinov 04f6b48ac1 Auth subsystem refactoring and tweaks.
Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs.
2020-10-31 13:38:35 +03:00
Maksim Pechnikov d28f72a55a FrontStatic plug: excluded invalid url 2020-10-27 22:59:27 +03:00
Alexander Strizhakov b081080dd9
fixes after rebase 2020-10-13 16:44:02 +03:00
Alexander Strizhakov 1d0e130cb3
fixes after rebase 2020-10-13 16:44:02 +03:00
Alexander Strizhakov 9f4fe5485b
alias alphabetically order 2020-10-13 16:43:59 +03:00
Alexander Strizhakov 3ef4e9d170
AdminSecretAuthenticationPlug module name 2020-10-13 16:43:58 +03:00
Alexander Strizhakov c497558d43
AuthenticationPlug module name 2020-10-13 16:43:58 +03:00
Alexander Strizhakov c1777e7479
BasicAuthDecoderPlug module name 2020-10-13 16:43:58 +03:00
Alexander Strizhakov 970932689f
DigestPlug rename 2020-10-13 16:43:57 +03:00
Alexander Strizhakov 66e0b0065b
Cache plug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov c6baa811d6
EnsureAuthenticatedPlug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov 011525a3d1
EnsurePublicOrAuthenticatedPlug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov 8e301a4c37
EnsureUserKeyPlug module name 2020-10-13 16:43:56 +03:00
Alexander Strizhakov d6cb1a3b46
ExpectAuthenticatedCheckPlug module name 2020-10-13 16:43:56 +03:00
Alexander Strizhakov 99e4ed21b1
ExpectPublicOrAuthenticatedCheckPlug module name 2020-10-13 16:43:56 +03:00
Alexander Strizhakov 8c993c5f63
FederatingPlug module name 2020-10-13 16:43:55 +03:00
Alexander Strizhakov abc3c7689b
HTTPSecurityPlug module name and filename 2020-10-13 16:43:55 +03:00
Alexander Strizhakov 5cd7030076
IdempotencyPlug module name 2020-10-13 16:43:55 +03:00
Alexander Strizhakov 8dfaa54ffc
InstanceStatic module name 2020-10-13 16:43:55 +03:00
Alexander Strizhakov e2332d92ce
LegacyAuthenticationPlug module name 2020-10-13 16:43:54 +03:00
Alexander Strizhakov 96d320bdfe
OAuthPlug module name 2020-10-13 16:43:54 +03:00