Thomas Lynch
bb4c8be449
More explicitly set max-age=0 so that when the .html or .json location blocks fall back to @backend the intended "expires" applies for on-demand built pages
1 year ago
Thomas Lynch
7a9386102f
Board default language migration and globalmanage setting addition
1 year ago
Thomas Lynch
28f9afa0c1
makeanimated webps not break when thumbnailing, slight change to imagethumbnail code
1 year ago
Thomas Lynch
9b98d9f330
Make the error handling for "possible corrupt or unsupported file" catch more bad files and processing errors.
1 year ago
Thomas Lynch
3987e76935
add ip type prop in staff socket rooms to match json
2 years ago
Thomas Lynch
571b481a8c
add option to limit video/image sizes
2 years ago
Thomas Lynch
dfd509abd6
close #517 fix deletebanner count message
2 years ago
Thomas Lynch
9d695b902c
eslint fix
2 years ago
Thomas Lynch
3f53c60a73
Handle form submissions to login with no twofactor body field because otp moduel wants at least a string
2 years ago
Thomas Lynch
2a9d48ac3b
Make deleted post message count translated & pluralised
...
Fix marked posts having undefined marks if not OP
Update migration and fix editposts setting actions to non-array vs actions making it an array to fix modlog page array mapping/translation for actions
2 years ago
Thomas Lynch
a275b8620c
Finish actionhandler and fix unregistered/hidden user handlign in logs db and messages
2 years ago
Thomas Lynch
14a8d8cbee
Make modlog actions an enum, change actions and editing to use them, and map them into localised/translated in the templates
2 years ago
Thomas Lynch
157f9838d0
Finish the rest of models besides actionhandler, and change frontend post "marking" to be translated fe-side ref #396
2 years ago
Thomas Lynch
79c45eda4d
Change login flow to always check both 2FA, update CHANGELOG
2 years ago
Thomas Lynch
b233e7e63f
Translate a bunch of models ref #396
2 years ago
Thomas Lynch
48bf19a3d3
Translate a bunch more actionhandlers and form models, and imrpove error translations in server.js ref #396
2 years ago
Thomas Lynch
46358a3503
Add i18n to bumplock/lock/sticky/cycle, change board/globalsettings, changepassword, and create board pages
...
Update a bunch of middleware, pages and libs to destructure i18n funcs if used more than once to not repeat res.locals
ref #396 (going to try and remember this from now on)
2 years ago
Thomas Lynch
3f3e63f9c1
Add some i18n function calls to controllers for add*, update the models and make controllers destructure res.locals for less repetition of res.locals, and add more machine russian translation
2 years ago
Thomas Lynch
426bf4c4b3
add i18n functions to more models, machine translate for RU
2 years ago
Thomas Lynch
745b4a28b9
Add all the "Succes" calls so the frontend modal functions correctly on different langs while testing
2 years ago
Thomas Lynch
2eaad0da32
remove old unused editbans model since ban editing now has other options
2 years ago
Thomas Lynch
d20744d897
twofactor page model translation
2 years ago
Thomas Lynch
32066e3f47
translation calls in a bunch of middleware, code change pass ing new arg to name handler in makepost/editpost, and sync translation keys
2 years ago
Thomas Lynch
97e5ce53e8
Translate (just the template changes) for a ton of mixins and includes, and update country names to support multi language
2 years ago
Thomas Lynch
bc2816596d
remove excess whitespace
2 years ago
Thomas Lynch
00f6d3fdb0
convert relative times to support localisation
2 years ago
Thomas Lynch
571380e243
remove applying inheritance on setting, match editstaff/editaccount
2 years ago
Thomas Lynch
277745a5ca
Fix the completely fucked up "my permission", the board equivalent, and staff permissions page since a recent permission update. Upside is it now considers the "parent" thing, which is nice.
2 years ago
Thomas Lynch
7c9f6257f8
Add setQueryLanguage mw, Make bypass_minimal language aware, TODO make form submissions know language and redirect to blockbypass for board with language query string
2 years ago
Thomas Lynch
a360f09929
Bugfix changeboardsettings language
2 years ago
Thomas Lynch
e4dd53427e
Add language setting to global settings and board settings
2 years ago
Thomas Lynch
679d095d98
Start on localisation ref #396
2 years ago
Thomas Lynch
7a3095594f
Change permissions metadata to be keyed by the permission bits
...
Refactor form handling for permissions in editrole/editaccount, make mush shorter and more maintainable
2 years ago
Thomas Lynch
5a7368a0a4
Add a new property to permissions metadata and reflect on frontend inability for users without that "parent" permission to edit roles/accounts to have some permissions e.g. root, edit roles, edit accs
...
Put the metadata into permissions.js (also TODO: key the metadata by bits instead? i.e [Permisions.whatever]: {})
2 years ago
Thomas Lynch
bc53bc1e4a
Allow roles from globalmanage to be fetched as json
2 years ago
Thomas Lynch
f894ed34e1
fix email bug for staff
2 years ago
Thomas Lynch
a1ccd6f267
Try to integrate post moving a bit better into the existing combined actions flow
...
Bugfix some move issues
2 years ago
Thomas Lynch
058d7b1dbb
Eslint and bugfix unused crossBoardMovePages
2 years ago
Thomas Lynch
516884cf3e
Cross board post move bugfixes/changes
...
Make rebuilds work for both baords
2 years ago
Thomas Lynch
344ed5f662
Cross board post move bugfixes/changes
2 years ago
Thomas Lynch
b391c0cb66
Make post editing a GET endpoint with perm check like editstaff/editcustompages, much more sensible
2 years ago
Thomas Lynch
1191ec4dc8
Mostly functional cross board post moving
2 years ago
Thomas Lynch
0d6323669f
Start on cross board thread moves #250
2 years ago
Thomas Lynch
bdf5da0adc
Ban type ip display and storage improvement
2 years ago
Thomas Lynch
dc739b3cff
Bugfix, make editrole route actually allow you edit BYPASS_CAPTCHA perm
2 years ago
Thomas Lynch
f4328812f2
Add e2e tests for twofactor
...
Remove some cruft from package-lock from speakeasy
Add guard in dotwofactor for no/null (not blank) twofactor
2 years ago
Thomas Lynch
29bb4856ab
2fa improvements
...
- Don't allow code re-use, successfully used codes will be invalid on repeated use for the window time
- Don't attach the full twofactor secret to user object in session for security. Only store a boolean if it's enabled for rendering, checks, etc. The full account should be fetched first before doTwoFactor()
- Better names for some keys of twofactor redis stuff
2 years ago
Thomas Lynch
d9288a137a
Refactor new OTPAuth...validate pattern, remove await -- it isn't and shouldn't be async
2 years ago
Thomas Lynch
e5d0f9871f
Add text version of secret to twofactor.html for people without/who dont want to use a camera or screenshot the image
...
Add warning to twofactor.html that other sessions will be logged out and they have to log in again
Change cache-control header to no-cache, even though private is secure (prevent showing cached page without outdated secret)
2 years ago
Thomas Lynch
b93bab7faf
Switch speakeasy -> otpauth (maintained, more modern, actively developed)
...
Remove dev debug skip of 2fa generation ratelimit
Shorten totp validity window
Remove ugly stuff from login/changepassword forms, change wording
2 years ago