Thomas Lynch
058d7b1dbb
Eslint and bugfix unused crossBoardMovePages
2 years ago
Thomas Lynch
a3a6199332
Should probably update that
2 years ago
Thomas Lynch
516884cf3e
Cross board post move bugfixes/changes
...
Make rebuilds work for both baords
2 years ago
Thomas Lynch
344ed5f662
Cross board post move bugfixes/changes
2 years ago
Thomas Lynch
379e7b6287
update CHANGELOG
2 years ago
Thomas Lynch
b391c0cb66
Make post editing a GET endpoint with perm check like editstaff/editcustompages, much more sensible
2 years ago
Thomas Lynch
1191ec4dc8
Mostly functional cross board post moving
2 years ago
Thomas Lynch
0d6323669f
Start on cross board thread moves #250
2 years ago
Thomas Lynch
48f5651175
README updates & improvements
2 years ago
Thomas Lynch
43c33017be
Update dependencies
2 years ago
Thomas Lynch
9039466d6e
Update actionfooter to hide_name=1 by default close #498
2 years ago
Thomas Lynch
713dcc222e
Add migration to support ip type display change and update changelog, close #503
2 years ago
Thomas Lynch
bdf5da0adc
Ban type ip display and storage improvement
2 years ago
Thomas Lynch
1bba36b48e
Make label form of url/link posting regex support mailto
2 years ago
Thomas Lynch
da7696b6c4
npm audit fix, engine.io CVE crashing bug
2 years ago
Thomas Lynch
dc739b3cff
Bugfix, make editrole route actually allow you edit BYPASS_CAPTCHA perm
2 years ago
Thomas Lynch
5235e7b33c
Merge branch 'master' into develop
2 years ago
Thomas Lynch
3debad4917
update instance link to 94chan and add wip golang api client link in related projects
2 years ago
Thomas Lynch
326c11b95c
Close #503 attach ip version to cloak
2 years ago
Thomas Lynch
a93a4d7f55
Make saveoverboard.js more general so it works on overboard index AND catalog view
2 years ago
Thomas Lynch
6b394aca69
Bugfix to 2fa, code-reuse prevention was blocking all codes rather than only a recently used correct code.
2 years ago
Thomas Lynch
e521844123
Hotfix nginx for twofactor
2 years ago
Thomas Lynch
f26632f2a3
Merge branch 'develop' into 'master'
...
v0.10.0
See merge request fatchan/jschan!275
2 years ago
Thomas Lynch
0fca6a3d69
Update CHANGELOG, update dependencies
2 years ago
Thomas Lynch
d51bef9d37
Merge branch 'feature/2fa-totp' into 'develop'
...
Two Facor Authentication
See merge request fatchan/jschan!274
2 years ago
Thomas Lynch
f4328812f2
Add e2e tests for twofactor
...
Remove some cruft from package-lock from speakeasy
Add guard in dotwofactor for no/null (not blank) twofactor
2 years ago
Thomas Lynch
9a6c5ba9f8
.noselect class to twofactor on page
2 years ago
Thomas Lynch
29bb4856ab
2fa improvements
...
- Don't allow code re-use, successfully used codes will be invalid on repeated use for the window time
- Don't attach the full twofactor secret to user object in session for security. Only store a boolean if it's enabled for rendering, checks, etc. The full account should be fetched first before doTwoFactor()
- Better names for some keys of twofactor redis stuff
2 years ago
Thomas Lynch
e6346f9f53
Add twofactor input validation in changepassword controller
2 years ago
Thomas Lynch
d9288a137a
Refactor new OTPAuth...validate pattern, remove await -- it isn't and shouldn't be async
2 years ago
Thomas Lynch
e5d0f9871f
Add text version of secret to twofactor.html for people without/who dont want to use a camera or screenshot the image
...
Add warning to twofactor.html that other sessions will be logged out and they have to log in again
Change cache-control header to no-cache, even though private is secure (prevent showing cached page without outdated secret)
2 years ago
Thomas Lynch
b93bab7faf
Switch speakeasy -> otpauth (maintained, more modern, actively developed)
...
Remove dev debug skip of 2fa generation ratelimit
Shorten totp validity window
Remove ugly stuff from login/changepassword forms, change wording
2 years ago
Thomas Lynch
4d86406483
Initial commit of 2FA for accounts, TOTP-based
2 years ago
Thomas Lynch
f482156f8e
Merge branch 'develop' into 'master'
...
v0.9.4
Closes #493 and #502
See merge request fatchan/jschan!273
2 years ago
Thomas Lynch
d3507e6ae3
Merge branch 'master' into develop
2 years ago
Thomas Lynch
1e774a5b46
update CHANGELOG
2 years ago
Thomas Lynch
4c90d03dfa
update CHANGELOG, version bump, npm audit fix
2 years ago
Thomas Lynch
6db781e8b8
Limit ban note length to global limits log_message length
2 years ago
Thomas Lynch
78bd713274
Hide note from dynamicresponse in filteractions, and make seen default to true
2 years ago
Thomas Lynch
b69337e2f1
Show ban notes in mod view tables and allow editing them
2 years ago
Thomas Lynch
3b08cc684b
Start on ban notes
2 years ago
Thomas Lynch
6d2249c13a
Close #502 add some margin+padding to tabs area of settings to address strange firefox only css issue
2 years ago
Thomas Lynch
cada8600e0
Merge branch 'develop' into 'master'
...
v0.9.3
See merge request fatchan/jschan!271
2 years ago
Thomas Lynch
b8a260b0d6
typo
2 years ago
Thomas Lynch
9de7754c3b
update CHANGELOG, version bump, and npm audit
2 years ago
Thomas Lynch
868a59667c
Add mongodb and redis installation scripts (with authentication) and update secrets example with the same dummy passwords
...
Add direct nvm install instruction instead of github link only
Fix lokinet config overwriting tor by mistake
2 years ago
Thomas Lynch
33daee16db
Merge branch 'nginx-improvement' into develop
2 years ago
Thomas Lynch
e3e3609e33
Make nvm link go straight to installation section
2 years ago
Thomas Lynch
5967a0a430
Make lokinet SNApp key permanent
2 years ago
Thomas Lynch
da3709ddb1
INSTALLATION.md lokinet/tor section improvements
2 years ago