Thomas Lynch
bdf5da0adc
Ban type ip display and storage improvement
2 years ago
Thomas Lynch
1bba36b48e
Make label form of url/link posting regex support mailto
2 years ago
Thomas Lynch
da7696b6c4
npm audit fix, engine.io CVE crashing bug
2 years ago
Thomas Lynch
dc739b3cff
Bugfix, make editrole route actually allow you edit BYPASS_CAPTCHA perm
2 years ago
Thomas Lynch
5235e7b33c
Merge branch 'master' into develop
2 years ago
Thomas Lynch
3debad4917
update instance link to 94chan and add wip golang api client link in related projects
2 years ago
Thomas Lynch
326c11b95c
Close #503 attach ip version to cloak
2 years ago
Thomas Lynch
a93a4d7f55
Make saveoverboard.js more general so it works on overboard index AND catalog view
2 years ago
Thomas Lynch
6b394aca69
Bugfix to 2fa, code-reuse prevention was blocking all codes rather than only a recently used correct code.
2 years ago
Thomas Lynch
e521844123
Hotfix nginx for twofactor
2 years ago
Thomas Lynch
f26632f2a3
Merge branch 'develop' into 'master'
...
v0.10.0
See merge request fatchan/jschan!275
2 years ago
Thomas Lynch
0fca6a3d69
Update CHANGELOG, update dependencies
2 years ago
Thomas Lynch
d51bef9d37
Merge branch 'feature/2fa-totp' into 'develop'
...
Two Facor Authentication
See merge request fatchan/jschan!274
2 years ago
Thomas Lynch
f4328812f2
Add e2e tests for twofactor
...
Remove some cruft from package-lock from speakeasy
Add guard in dotwofactor for no/null (not blank) twofactor
2 years ago
Thomas Lynch
9a6c5ba9f8
.noselect class to twofactor on page
2 years ago
Thomas Lynch
29bb4856ab
2fa improvements
...
- Don't allow code re-use, successfully used codes will be invalid on repeated use for the window time
- Don't attach the full twofactor secret to user object in session for security. Only store a boolean if it's enabled for rendering, checks, etc. The full account should be fetched first before doTwoFactor()
- Better names for some keys of twofactor redis stuff
2 years ago
Thomas Lynch
e6346f9f53
Add twofactor input validation in changepassword controller
2 years ago
Thomas Lynch
d9288a137a
Refactor new OTPAuth...validate pattern, remove await -- it isn't and shouldn't be async
2 years ago
Thomas Lynch
e5d0f9871f
Add text version of secret to twofactor.html for people without/who dont want to use a camera or screenshot the image
...
Add warning to twofactor.html that other sessions will be logged out and they have to log in again
Change cache-control header to no-cache, even though private is secure (prevent showing cached page without outdated secret)
2 years ago
Thomas Lynch
b93bab7faf
Switch speakeasy -> otpauth (maintained, more modern, actively developed)
...
Remove dev debug skip of 2fa generation ratelimit
Shorten totp validity window
Remove ugly stuff from login/changepassword forms, change wording
2 years ago
Thomas Lynch
4d86406483
Initial commit of 2FA for accounts, TOTP-based
2 years ago
Thomas Lynch
f482156f8e
Merge branch 'develop' into 'master'
...
v0.9.4
Closes #493 and #502
See merge request fatchan/jschan!273
2 years ago
Thomas Lynch
d3507e6ae3
Merge branch 'master' into develop
2 years ago
Thomas Lynch
1e774a5b46
update CHANGELOG
2 years ago
Thomas Lynch
4c90d03dfa
update CHANGELOG, version bump, npm audit fix
2 years ago
Thomas Lynch
6db781e8b8
Limit ban note length to global limits log_message length
2 years ago
Thomas Lynch
78bd713274
Hide note from dynamicresponse in filteractions, and make seen default to true
2 years ago
Thomas Lynch
b69337e2f1
Show ban notes in mod view tables and allow editing them
2 years ago
Thomas Lynch
3b08cc684b
Start on ban notes
2 years ago
Thomas Lynch
6d2249c13a
Close #502 add some margin+padding to tabs area of settings to address strange firefox only css issue
2 years ago
Thomas Lynch
cada8600e0
Merge branch 'develop' into 'master'
...
v0.9.3
See merge request fatchan/jschan!271
2 years ago
Thomas Lynch
b8a260b0d6
typo
2 years ago
Thomas Lynch
9de7754c3b
update CHANGELOG, version bump, and npm audit
2 years ago
Thomas Lynch
868a59667c
Add mongodb and redis installation scripts (with authentication) and update secrets example with the same dummy passwords
...
Add direct nvm install instruction instead of github link only
Fix lokinet config overwriting tor by mistake
2 years ago
Thomas Lynch
33daee16db
Merge branch 'nginx-improvement' into develop
2 years ago
Thomas Lynch
e3e3609e33
Make nvm link go straight to installation section
2 years ago
Thomas Lynch
5967a0a430
Make lokinet SNApp key permanent
2 years ago
Thomas Lynch
da3709ddb1
INSTALLATION.md lokinet/tor section improvements
2 years ago
Thomas Lynch
7b830fe8fe
INSTALLATION.md update & improvement
2 years ago
Thomas Lynch
20e17ab2a5
put certbot first, and remove existing sites-available file so certbot doesnt fail to restart nginx
2 years ago
Thomas Lynch
bfafd2467b
more nginx improvement
2 years ago
Thomas Lynch
9bbe1ade7b
WIP improvement of nginx.sh to be smarter, fix a few broken things, and make it able to support self-signed or no https at all, support a subdomain hosted site, and make www optional
2 years ago
Thomas Lynch
91a842e43b
Merge branch 'develop'
2 years ago
Thomas Lynch
190410cc54
Bugfix issue with tor and renewing bypasses in some situations. Should be fetching *upserted* id from db or just using known ID.
2 years ago
Thomas Lynch
aed1abf36a
Merge branch 'develop' into 'master'
...
v0.9.1
Closes #489 and #495
See merge request fatchan/jschan!270
2 years ago
Thomas Lynch
45757dd51e
0.9.1, update CHANGELOG, move migration file, update package*.json
2 years ago
Thomas Lynch
568dd5f174
Allow providing file option overrides in addFile, use them to disable strip filename option for drawn tegaki
...
Bugfix checking if non existing box is checked
2 years ago
Thomas Lynch
caab78c0ef
Merge branch '489-more-captcha-customisation' into 'develop'
...
489-more-captcha-customisation
See merge request fatchan/jschan!269
2 years ago
Thomas Lynch
353926f44d
fix captcha tests, update to support new captchaOptions format with font
2 years ago
Thomas Lynch
32def31f76
update .gitlab-ci.yml
2 years ago