Commit graph

712 commits

Author SHA1 Message Date
Alexander Strizhakov
7dd986a563
expire mfa tokens through Oban 2020-09-10 16:01:19 +03:00
Mark Felder
cbf7f0e029 Disallow password resets for deactivated accounts.
Ensure all responses to password reset events are identical.
2020-09-02 09:09:13 -05:00
Alex Gleason
f688c8df82
Fix User.registration_reason HTML sanitizing issues 2020-07-27 20:36:31 -05:00
Alex Gleason
5e74556703
Sanitize reason param in POST /api/v1/accounts 2020-07-16 20:25:53 -05:00
Alex Gleason
0d004a9d04
Email admins when a new unapproved account is up for review 2020-07-14 20:31:20 -05:00
Alex Gleason
5ddf0415c4
Accept reason in POST /api/v1/accounts and store in DB 2020-07-14 00:22:12 -05:00
Mark Felder
d23804f191 Use the Pleroma.Config alias 2020-07-09 10:53:51 -05:00
Egor Kislitsyn
67d92ac7b7
Remove /statusnet/config 2020-06-29 17:00:37 +04:00
Egor Kislitsyn
8693e01799
Fix warning 2020-06-29 16:29:51 +04:00
Egor Kislitsyn
4a306720e8
Merge branch 'develop' into remove-twitter-api 2020-06-29 16:09:49 +04:00
stwf
3b8180d7d1 add status_net/config 2020-06-03 16:34:03 -04:00
lain
d15aa9d950 Merge branch 'develop' into 'remove-twitter-api'
# Conflicts:
#   lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
2020-05-16 17:07:09 +00:00
Maksim
3d0c567fbc Pleroma.Web.TwitterAPI.TwoFactorAuthenticationController -> Pleroma.Web.PleromaAPI.TwoFactorAuthenticationController 2020-05-07 08:14:54 +00:00
Egor Kislitsyn
7b0c8f0fde
Add tests for account registration with captcha enabled and improve errors 2020-04-29 21:26:07 +04:00
Egor Kislitsyn
2f77842bd3
Fix account registration when captcha is enabled but not provided 2020-04-29 21:26:07 +04:00
Ivan Tashkinov
908cf22a6c Merge remote-tracking branch 'remotes/origin/develop' into automatic-authentication-and-instance-publicity-checks
# Conflicts:
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
2020-04-28 19:56:20 +03:00
Ivan Tashkinov
00e62161f6 [#2409] Tested all auth setup configs in AuthTestControllerTest. Adjusted :skip_plug definitions for some endpoints. 2020-04-24 16:52:38 +03:00
Egor Kislitsyn
6c26feed01
Merge branch 'develop' into openapi/account 2020-04-22 20:18:12 +04:00
Ivan Tashkinov
0062116e07 Merge remote-tracking branch 'remotes/origin/develop' into automatic-authentication-and-instance-publicity-checks
# Conflicts:
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
2020-04-22 18:51:59 +03:00
Ivan Tashkinov
2958a7d246 Fixed OAuth restrictions for :api routes. Made auth info dropped for :api routes if OAuth check was neither performed nor explicitly skipped. 2020-04-22 18:50:25 +03:00
Egor Kislitsyn
e7771424a8 Fix blocks import 2020-04-22 19:27:28 +04:00
Egor Kislitsyn
88b82e5c3e Fix follow import 2020-04-22 19:27:28 +04:00
Ivan Tashkinov
f685cbd309 Automatic checks of authentication / instance publicity. Definition of missing OAuth scopes in AdminAPIController. Refactoring. 2020-04-21 16:29:19 +03:00
Egor Kislitsyn
736fead494 Merge branch 'develop' into openapi/account 2020-04-20 18:40:02 +04:00
Haelwenn
a17bfb5fab Merge branch 'feature/1584-client-captcha-options' into 'develop'
Creating trusted app from adminFE & mix task

Closes #1584

See merge request pleroma/pleroma!2252
2020-04-17 09:19:35 +00:00
Egor Kislitsyn
b08ded6c2f
Add spec for AccountController.create 2020-04-13 17:38:59 +04:00
Ivan Tashkinov
fc81e5a49c Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled). 2020-04-06 10:20:44 +03:00
Egor Kislitsyn
94a6590e3c
Partially restore /api/statusnet/config.json 2020-03-26 17:59:45 +04:00
Egor Kislitsyn
3189c44a0c
Remove some TwitterAPI endpoints 2020-03-24 15:21:40 +04:00
Alexander Strizhakov
a6ee6784bc
creating trusted app from adminFE & mix task 2020-03-23 10:44:47 +03:00
Ivan Tashkinov
027714b519 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-06 11:48:30 +03:00
lain
6f7a8c43a2 Merge branch 'fix/no-email-no-fail' into 'develop'
Do not fail when user has no email

See merge request pleroma/pleroma!2249
2020-03-04 12:43:06 +00:00
Mark Felder
05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Ivan Tashkinov
99a6c660a9 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-02 18:41:12 +03:00
Haelwenn (lanodan) Monnier
6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Egor Kislitsyn
cb60a9c42f
Do not fail when user has no email 2020-02-27 17:27:49 +04:00
Ivan Tashkinov
0cf1d4fcd0 [#1560] Restricted AP- & OStatus-related routes for non-federating instances. 2020-02-22 19:48:41 +03:00
Haelwenn (lanodan) Monnier
7bfb8ed14d
remote_follow_controller.ex: Redirect to the user page on success
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1245
2020-01-21 16:46:16 +01:00
Mark Felder
2f5b8fbeb3 Merge branch 'develop' into issue/1354 2020-01-12 12:12:15 -06:00
Maksim Pechnikov
933dc12043 added code of mr#2067 2019-12-25 15:12:43 +03:00
Maksim Pechnikov
bdd71669da update test 2019-12-22 21:21:31 +03:00
Maksim
4c505bc615 Apply suggestion to lib/pleroma/web/twitter_api/views/remote_follow_view.ex 2019-12-22 17:58:54 +00:00
Maksim
c9a44ec4a6 Apply suggestion to lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex 2019-12-22 17:58:45 +00:00
Maksim Pechnikov
5b84156013 moved remote follow in separate controller 2019-12-21 21:27:42 +03:00
Ivan Tashkinov
ead2d18826 Merge remote-tracking branch 'remotes/origin/develop' into oauth-scopes-tweaks-and-tests 2019-12-19 17:24:08 +03:00
Thomas Citharel
d2f1c4f658
Add ActivityPub Object Event type support
Adds Event support in the same way Video objects are handled, with the
name of the object as message header.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-12-17 16:16:21 +01:00
Ivan Tashkinov
7973cbdb9f OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage. 2019-12-15 22:32:42 +03:00
Ivan Tashkinov
e8843974cb [#1304] Moved remaining fields from User.Info to User.
Misc. fixes / improvements.
2019-10-20 13:42:42 +03:00
Ivan Tashkinov
10ff01acd9 [#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. 2019-10-16 21:59:21 +03:00
Ivan Tashkinov
b93856874d [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-06 17:12:17 +03:00