Commit graph

280 commits

Author SHA1 Message Date
Nutomic dc327652a5
Add db table for login tokens which allows for invalidation (#3818)
* wip

* stuff

* fmt

* fmt 2

* fmt 3

* fix default feature

* use Authorization header

* store ip and user agent for each login

* add list_logins endpoint

* serde(skip) for token

* fix api tests

* A few suggestions for login_token (#3991)

* A few suggestions.

* Fixing SQL format.

* review

* review

* rename cookie

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-09 12:46:12 +02:00
Nutomic b7d570cf35
Make input length checks consistent with HTML maxlength attribute (#4009)
* Make input length checks consistent with HTML maxlength attr (fixes #3688)

* ci

* Extricating min and max length checks (#4018)

* revert string change

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-05 16:39:07 -04:00
Dessalines a5b8583aab Version 0.19.0-beta.7 2023-10-05 16:01:12 -04:00
Nutomic 0115613f90
Specify password length limits in error (fixes #3284) (#4007)
* Specify password length limits in error (fixes #3284)

* convert to comment
2023-10-05 07:40:22 -04:00
Nutomic 6950dd90e5
Return HTTP status 503 to all requests during startup (fixes #3780) (#4005)
* Return HTTP status 503 to all requests during startup (fixes #3780)

* add message

* fmt

* remove err

* dont run startup server if http disabled

* ci
2023-10-04 18:19:58 -04:00
Nutomic 626c7ebc85
Handle empty reason for registration application denial (fixes #3485) (#4008)
* Handle empty reason for registration application denial (fixes #3485)

* clippy

* clippy
2023-10-04 15:20:22 +02:00
Nutomic 50b7322ff3
Mention max length for site name in config (fixes #3006) (#4010)
* Mention max length for site name in config (fixes #3006)

* ci
2023-10-04 15:09:25 +02:00
Nutomic 9bb99bec5e
Increase default database connections (fixes #3394) (#3994) 2023-09-28 09:56:39 -04:00
Dessalines 9275041f42 Version 0.19.0-rc.1 2023-09-26 23:01:19 -04:00
Nutomic 50589115e0
Fix federation of admin actions (fixes #3980) (#3988)
* Fix federation of admin actions (fixes #3980)

* clippy

---------

Co-authored-by: Dessalines <tyhou13@gmx.com>
2023-09-25 21:39:18 -04:00
SleeplessOne1917 bee6b7a1bb Update translations 2023-09-25 06:38:23 -04:00
SleeplessOne1917 ed8dae99f1 Merge branch 'main' into bearer-token 2023-09-24 17:47:17 -04:00
SleeplessOne1917 37655f0f18 chore: Run rust format 2023-09-22 21:39:03 -04:00
SleeplessOne1917 519e800b33 feat: Replace ad hoc auth header with internet standard bearer token
auth header
2023-09-22 21:26:27 -04:00
SleeplessOne1917 bb552d7659
Merge branch 'main' into comment-fix 2023-09-20 17:38:47 +00:00
Nutomic 22608ae983
Rework the way 2FA is enabled/disabled (fixes #3309) (#3959)
* Rework the way 2FA is enabled/disabled (fixes #3309)

* postgres format

* change algo to sha1 for better compat

* review comments

* review

* clippy

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-09-20 10:49:54 -04:00
Nutomic 50f81cf157
User can block instances (fixes #2397) (#3869)
* User can block instances (fixes #2397)

* update comments

* review comments

* use route

* update

* add api test

* update tests

* fix

* fix test

* ci

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-09-20 11:56:13 +02:00
SleeplessOne1917 6d02a9914c Update translation 2023-09-18 07:38:00 -04:00
phiresky 375d9a2a3c
Persistent, performant, reliable federation queue (#3605)
* persistent activity queue

* fixes

* fixes

* make federation workers function callable from outside

* log federation instances

* dead instance detection not needed here

* taplo fmt

* split federate bin/lib

* minor fix

* better logging

* log

* create struct to hold cancellable task for readability

* use boxfuture for readability

* reset submodule

* fix

* fix lint

* swap

* remove json column, use separate array columns instead

* some review comments

* make worker a struct for readability

* minor readability

* add local filter to community follower view

* remove separate lemmy_federate entry point

* fix remaining duration

* address review comments mostly

* fix lint

* upgrade actitypub-fed to simpler interface

* fix sql format

* increase delays a bit

* fixes after merge

* remove selectable

* fix instance selectable

* add comment

* start federation based on latest id at the time

* rename federate process args

* dead instances in one query

* filter follow+report activities by local

* remove synchronous federation

remove activity sender queue

* lint

* fix federation tests by waiting for results to change

* fix fed test

* fix comment report

* wait some more

* Apply suggestions from code review

Co-authored-by: SorteKanin <sortekanin@gmail.com>

* fix most remaining tests

* wait until private messages

* fix community tests

* fix community tests

* move arg parse

* use instance_id instead of domain in federation_queue_state table

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: SorteKanin <sortekanin@gmail.com>
2023-09-09 12:25:03 -04:00
dullbananas 5b5ac0f37d
Remove left joins and use only one call to select method in post_view.rs (#3865)
* Use same joins for read and list in post_view.rs

* fmt

* rerun ci

* rerun ci

* Update post_view.rs

* rerun ci

* rerun ci

* Update post_view.rs

* Use `exists`

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* rerun ci

* Update post_view.rs

* person_id_join parameter

* rerun ci

* fmt

* Update post_view.rs

* rerun ci

* Update post_view.rs

* rerun ci

* fmt

* Update post_view.rs

* fmt

* Use into_sql

* Update post_view.rs

* Use inferred query source for BoxableExpression

* Update post_view.rs

* Update post_view.rs

* Update community.rs

* Update community.rs

* Update post_view.rs

* fmt

* Update community.rs

* Update community.rs

* Update community.rs

* Update community.rs

* Update community.rs

* Update post_view.rs

* Update community.rs

* fmt

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* fmt

* Update post_view.rs

* Update post_view.rs

* fix

* trigger ci

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: phiresky <phireskyde+git@gmail.com>
2023-09-04 11:05:00 +02:00
Nick Webster a57658d99c
Adding a new config flag to disable pictrs caching for thumbnails (#3897)
* add logic to prevent downloading remote pictrs images

* apply formatting

* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance

* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance and cache_federated_images is false

* Generalising the no caching option to handle all remote images

* rustfmt

* Return None if the URL is not an image

* Updating defaults.hjson

* fixing typo

* Fixing typo

* Skip cloning the Url unless we need to

* using a HEAD request for checking the content type, saving bandwidth/improving perf

* Removing early returns

* Switching back to GET requests for Content-Type because pictrs does not handle HEAD requests

* Simplifying logic and using metadata_image instead of url if we do not get a pictrs thumbnail

* Removing unused import

* Return None as a thumbnail if caching is disabled

* formatting

---------

Co-authored-by: Djones4822 <david.jones4822@gmail.com>
2023-08-31 10:36:39 -04:00
Dessalines 56e26fc3d4
Adding a post_view mode. Fixes #3730 (#3731)
* Adding a post_view mode. Fixes #3730

* Fix test.

* Addressing PR comments.

* Adding a post_view mode. Fixes #3730

* Fix test.

* Addressing PR comments.

* Fixing column order.

* Fix default Ok returns.

* Removing return Err(... where feasible.
2023-08-31 09:01:08 -04:00
Nutomic fed6542055
Implement remote follow (#3738)
* Add remote follow url to webfinger response

* update apub lib
2023-08-31 09:00:41 -04:00
Nutomic b2aee565f3
Allow passing auth via header or cookie (#3725)
* Allow passing auth via header or cookie

* revert submodule

* taplo

* fix build

* working

* convert apub api methods

* also set cache-control header

* opt

* clippy

* deduplicate code, ignore invalid auth

* clippy

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-08-29 10:47:57 -04:00
phiresky 514f2222e0
Fix time zone handling (#3496)
* convert naive time to utc time

* compounding fixes

* cargo fmt

* fix the rest

* fix down migration

* fix migrations

* fix after merge

* clippy fix

* ap-fed 0.5.0

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-08-24 11:27:00 -04:00
Freakazoid182 ee7b35a04a
Add person name to PersonIsBannedFromSite error (#3786) (#3855)
* Add person name to PersonIsBannedFromSite error (#3786)

* Log PersonId instead of Person name (#3850)

* Log actor_id for PersonIsBannedFromSite (#3850)

---------

Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
2023-08-16 11:36:58 +02:00
Piotr Juszczyk 2ad3450004
Allow filtering posts and comments by whether they were liked/disliked - fixes #3401 (#3523)
* Allow filtering posts and comments by whether they were liked/disliked

* Switch to 2 args - liked_only, disliked_only - taking bools

* Make liked_only and disliked_only Option<bool>

* Fix unrelated is_profile_view compilation error
2023-08-08 11:40:28 +02:00
Felix Ableitner 91c024fd98 Revert "Version 0.18.4-rc.2"
This reverts commit 48466b6826.
2023-08-07 17:12:09 +02:00
Felix Ableitner 48466b6826 Version 0.18.4-rc.2 2023-08-07 17:09:10 +02:00
Nutomic 37998b3398
Rewrite some API handlers to remove Perform trait (#3735)
* Rewrite some API handlers to remove Perform trait

* Convert CreateComment

* ci
2023-07-28 10:39:38 -04:00
Freakazoid182 9a1f9aad45
detailed error message for blocked domains (#3698) (#3701)
* detailed error message for blocked domains (#3698)

* Pass the domain as an error param

Not formatting the error message to support i18n

---------

Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
2023-07-25 13:26:54 -04:00
Joel Beckmeyer ea7f83c4dc
disable rustfmt feature on rosetta-build (#3679) 2023-07-21 11:50:47 +02:00
cetra3 1f21bdb2f9
Add http cache for webfingers (#3317)
* Add http cache for webfingers

* Remove the outgoing cache middleware & adjust the cache headers directive

* Use 1h & 3day cache header

* Update routes and adjust the cache headers location

* revert apub caching

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
2023-07-19 06:09:04 -04:00
cetra3 9256895635
Cache & Optimize Woodpecker CI (#3450)
* Try using drone cache plugin

* Try another path

* Include volume

* Fix formatting

* Include fmt

* Exclude cargo dir from prettier

* Don't override cargo

* Just do check

* Add cache key

* Use different cache plugin

* Add clippy

* Try minio

* Add quotes

* Try adding secrets

* Try again

* Again

* Use correct secret formation

* Add back clippy

* Use secret for the root bucket name

* Try drone cache instead

* Add region

* Add path-style option

* Include cargo clippy

* Include everything again

* Fix formatting

* Don't run clippy twice

* Add `allow` statements for tests to pass

* Adjust endpoint to be a secret

* Fix prettier

* Merge & fix tests

* Try to restart the woodpecker test

* Change the ENV var name

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-17 11:04:14 -04:00
Manuel Bleichner c0b7865896
Fix wrong SMTP port when TLS is being used (fixes #3574) (#3607)
Co-authored-by: Manuel Bleichner <manuel.bleichner@bvu.de>
2023-07-13 13:10:14 +02:00
dullbananas 73492af4b0
Shrink capacity in RateLimitStorage::remove_older_than (#3536)
* Shrink capacity in `RateLimitStorage::remove_older_than`

* Update rate_limiter.rs

* rerun ci

* rerun ci

* rerun ci

* Update rate_limiter.rs
2023-07-10 22:52:37 +02:00
Pawan Hegde ef9dc5d0b6
Fix #3366: Wrap plain-text error responses from the API in JSON (#3559)
* Fix #3366: API does return plain HTML errors

* Fix Clippy errors

* Improve api response times by doing send_activity asynchronously (#3493)

* do send_activity after http response

* move to util function

* format

* fix prometheus

* make synchronous federation configurable

* cargo fmt

* empty

* empty

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>

* Updating `login.rs` with generic `incorrect_login` response. (#3549)

* Adding v0.18.1 and v0.18.0 release notes. (#3530)

* Update RELEASES.md (#3556)

added instruction to find the location of your docker directory (especially useful for those who used ansible since they never had to setup docker manually)

* Use async email sender (#3554)

* Upgrade all dependencies (#3526)

* Upgrade all dependencies

* as base64

* Adding phiresky to codeowners. (#3576)

* Error enum fixed (#3487)

* Create error type enum

* Replace magic string slices with LemmyErrorTypes

* Remove unused enum

* Add rename snake case to error enum

* Rename functions

* clippy

* Fix merge errors

* Serialize in PascalCase instead of snake_case

* Revert src/lib

* Add serialization tests

* Update translations

* Fix compilation error in test

* Fix another compilation error

* Add code for generating typescript types

* Various fixes to avoid breaking api

* impl From<LemmyErrorType> for LemmyError

* with_lemmy_type

* trigger ci

---------

Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>

* Only update site_aggregates for local site (#3516)

* Fix #3501 - Fix aggregation counts for elements removed and deleted (#3543)

Two bugs were found and fixed:
- previously elements removal and deletion were counted as two separate disappearances
- removing comments did not affect post aggregations

* Use LemmyErrorType also make error_type compulsory

* Add missing import for jsonify_plain_text_errors

* Fix formatting

* Trying to make woodpecker run again

---------

Co-authored-by: phiresky <phireskyde+git@gmail.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: rosenjcb <rosenjcb@gmail.com>
Co-authored-by: nixoye <12674582+nixoye@users.noreply.github.com>
Co-authored-by: dullbananas <dull.bananas0@gmail.com>
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
Co-authored-by: Sander Saarend <sander@saarend.com>
Co-authored-by: Piotr Juszczyk <74842304+pijuszczyk@users.noreply.github.com>
2023-07-10 22:44:14 +02:00
Nutomic 93225e5ddf
Error enum fixed (#3487)
* Create error type enum

* Replace magic string slices with LemmyErrorTypes

* Remove unused enum

* Add rename snake case to error enum

* Rename functions

* clippy

* Fix merge errors

* Serialize in PascalCase instead of snake_case

* Revert src/lib

* Add serialization tests

* Update translations

* Fix compilation error in test

* Fix another compilation error

* Add code for generating typescript types

* Various fixes to avoid breaking api

* impl From<LemmyErrorType> for LemmyError

* with_lemmy_type

* trigger ci

---------

Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
2023-07-10 16:50:07 +02:00
Nutomic ff26bc21af
Upgrade all dependencies (#3526)
* Upgrade all dependencies

* as base64
2023-07-10 15:00:55 +02:00
dullbananas 934f72511e
Use async email sender (#3554) 2023-07-10 14:04:39 +02:00
phiresky b35757b429
Improve api response times by doing send_activity asynchronously (#3493)
* do send_activity after http response

* move to util function

* format

* fix prometheus

* make synchronous federation configurable

* cargo fmt

* empty

* empty

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-10 12:27:49 +02:00
Dessalines 0c82f4e660 Version 0.18.1 2023-07-07 09:24:49 -04:00
Felix Ableitner 22cdcc6b60 Version 0.18.1-rc.10 2023-07-06 14:46:46 +02:00
Nutomic 00f9f79a44
Only allow http(s) scheme for urls (ref #3505) (#3508)
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
2023-07-06 08:29:51 -04:00
phiresky 2158621bda
upgrade markdown-it to fix panic (#3490)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 13:08:53 -04:00
Andrew Fields 1e99e8b9dc
Add Prometheus endpoint (#3456)
Add a server for serving Prometheus metrics. Include a configuration
block in the config file. Provide HTTP metrics on the API, along with
process-level metrics and DB pool metrics.
2023-07-05 13:25:19 +02:00
Josephos cdc5b47886
Improved validation of display names (Fixes #3436) (#3437)
* Fixed validation of display names

Fixed validation of display names: reject names beginning with invisible unicode characters.

* Formatting

Formatting fix.

* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.

* Formatting

* Added a comment detailing source of the list of invisible chars.
2023-07-04 12:41:58 +02:00
Dessalines 7a04971ecd Version 0.18.1-rc.9 2023-07-03 17:16:48 -04:00
Nutomic e1494d4683
Dont compare db string errors (fixes #1393) (#3424)
* Dont compare db string errors (fixes #1393)

* cargo fmt

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 11:59:49 -04:00
Felix Ableitner fc60b82f82 Fix formatting for latest nightly (#ref 3467) 2023-07-03 11:45:53 +02:00