Commit Graph

715 Commits

Author SHA1 Message Date
Alex Gleason b2fed59209
Handle User.post_register_action/1 in steps 2020-10-11 18:52:35 -05:00
Maksim Pechnikov b867f9d7ae Merge branch 'develop' into issue/2099 2020-09-17 08:41:35 +03:00
Alexander Strizhakov 7dd986a563
expire mfa tokens through Oban 2020-09-10 16:01:19 +03:00
Maksim Pechnikov 5ae56aafb2 added import mutes 2020-09-06 21:42:51 +03:00
Mark Felder cbf7f0e029 Disallow password resets for deactivated accounts.
Ensure all responses to password reset events are identical.
2020-09-02 09:09:13 -05:00
Alex Gleason f688c8df82
Fix User.registration_reason HTML sanitizing issues 2020-07-27 20:36:31 -05:00
Alex Gleason 5e74556703
Sanitize `reason` param in POST /api/v1/accounts 2020-07-16 20:25:53 -05:00
Alex Gleason 0d004a9d04
Email admins when a new unapproved account is up for review 2020-07-14 20:31:20 -05:00
Alex Gleason 5ddf0415c4
Accept `reason` in POST /api/v1/accounts and store in DB 2020-07-14 00:22:12 -05:00
Mark Felder d23804f191 Use the Pleroma.Config alias 2020-07-09 10:53:51 -05:00
Egor Kislitsyn 67d92ac7b7
Remove `/statusnet/config` 2020-06-29 17:00:37 +04:00
Egor Kislitsyn 8693e01799
Fix warning 2020-06-29 16:29:51 +04:00
Egor Kislitsyn 4a306720e8
Merge branch 'develop' into remove-twitter-api 2020-06-29 16:09:49 +04:00
stwf 3b8180d7d1 add status_net/config 2020-06-03 16:34:03 -04:00
lain d15aa9d950 Merge branch 'develop' into 'remove-twitter-api'
# Conflicts:
#   lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
2020-05-16 17:07:09 +00:00
Maksim 3d0c567fbc Pleroma.Web.TwitterAPI.TwoFactorAuthenticationController -> Pleroma.Web.PleromaAPI.TwoFactorAuthenticationController 2020-05-07 08:14:54 +00:00
Egor Kislitsyn 7b0c8f0fde
Add tests for account registration with captcha enabled and improve errors 2020-04-29 21:26:07 +04:00
Egor Kislitsyn 2f77842bd3
Fix account registration when captcha is enabled but not provided 2020-04-29 21:26:07 +04:00
Ivan Tashkinov 908cf22a6c Merge remote-tracking branch 'remotes/origin/develop' into automatic-authentication-and-instance-publicity-checks
# Conflicts:
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
2020-04-28 19:56:20 +03:00
Ivan Tashkinov 00e62161f6 [#2409] Tested all auth setup configs in AuthTestControllerTest. Adjusted :skip_plug definitions for some endpoints. 2020-04-24 16:52:38 +03:00
Egor Kislitsyn 6c26feed01
Merge branch 'develop' into openapi/account 2020-04-22 20:18:12 +04:00
Ivan Tashkinov 0062116e07 Merge remote-tracking branch 'remotes/origin/develop' into automatic-authentication-and-instance-publicity-checks
# Conflicts:
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
2020-04-22 18:51:59 +03:00
Ivan Tashkinov 2958a7d246 Fixed OAuth restrictions for :api routes. Made auth info dropped for :api routes if OAuth check was neither performed nor explicitly skipped. 2020-04-22 18:50:25 +03:00
Egor Kislitsyn e7771424a8 Fix blocks import 2020-04-22 19:27:28 +04:00
Egor Kislitsyn 88b82e5c3e Fix follow import 2020-04-22 19:27:28 +04:00
Ivan Tashkinov f685cbd309 Automatic checks of authentication / instance publicity. Definition of missing OAuth scopes in AdminAPIController. Refactoring. 2020-04-21 16:29:19 +03:00
Egor Kislitsyn 736fead494 Merge branch 'develop' into openapi/account 2020-04-20 18:40:02 +04:00
Haelwenn a17bfb5fab Merge branch 'feature/1584-client-captcha-options' into 'develop'
Creating trusted app from adminFE & mix task

Closes #1584

See merge request pleroma/pleroma!2252
2020-04-17 09:19:35 +00:00
Egor Kislitsyn b08ded6c2f
Add spec for AccountController.create 2020-04-13 17:38:59 +04:00
Ivan Tashkinov fc81e5a49c Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled). 2020-04-06 10:20:44 +03:00
Egor Kislitsyn 94a6590e3c
Partially restore `/api/statusnet/config.json` 2020-03-26 17:59:45 +04:00
Egor Kislitsyn 3189c44a0c
Remove some TwitterAPI endpoints 2020-03-24 15:21:40 +04:00
Alexander Strizhakov a6ee6784bc
creating trusted app from adminFE & mix task 2020-03-23 10:44:47 +03:00
Ivan Tashkinov 027714b519 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-06 11:48:30 +03:00
lain 6f7a8c43a2 Merge branch 'fix/no-email-no-fail' into 'develop'
Do not fail when user has no email

See merge request pleroma/pleroma!2249
2020-03-04 12:43:06 +00:00
Mark Felder 05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Ivan Tashkinov 99a6c660a9 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-02 18:41:12 +03:00
Haelwenn (lanodan) Monnier 6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Egor Kislitsyn cb60a9c42f
Do not fail when user has no email 2020-02-27 17:27:49 +04:00
Ivan Tashkinov 0cf1d4fcd0 [#1560] Restricted AP- & OStatus-related routes for non-federating instances. 2020-02-22 19:48:41 +03:00
Haelwenn (lanodan) Monnier 7bfb8ed14d
remote_follow_controller.ex: Redirect to the user page on success
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1245
2020-01-21 16:46:16 +01:00
Mark Felder 2f5b8fbeb3 Merge branch 'develop' into issue/1354 2020-01-12 12:12:15 -06:00
Maksim Pechnikov 933dc12043 added code of mr#2067 2019-12-25 15:12:43 +03:00
Maksim Pechnikov bdd71669da update test 2019-12-22 21:21:31 +03:00
Maksim 4c505bc615 Apply suggestion to lib/pleroma/web/twitter_api/views/remote_follow_view.ex 2019-12-22 17:58:54 +00:00
Maksim c9a44ec4a6 Apply suggestion to lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex 2019-12-22 17:58:45 +00:00
Maksim Pechnikov 5b84156013 moved remote follow in separate controller 2019-12-21 21:27:42 +03:00
Ivan Tashkinov ead2d18826 Merge remote-tracking branch 'remotes/origin/develop' into oauth-scopes-tweaks-and-tests 2019-12-19 17:24:08 +03:00
Thomas Citharel d2f1c4f658
Add ActivityPub Object Event type support
Adds Event support in the same way Video objects are handled, with the
name of the object as message header.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-12-17 16:16:21 +01:00
Ivan Tashkinov 7973cbdb9f OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage. 2019-12-15 22:32:42 +03:00