moon/sync
1
0
Fork 0
mirror of https://github.com/calzoneman/sync.git synced 2024-09-13 04:32:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
339 Commits 12 Branches 9 Tags
Commit Graph

23 Commits

Author SHA1 Message Date
calzoneman
52b88c0e40 Finish up 2013-05-30 14:34:54 -04:00
calzoneman
5205afb9cd Add password reset emailer 2013-05-30 14:07:29 -04:00
calzoneman
c8df4b036c More work 2013-05-29 21:04:22 -04:00
calzoneman
74203ad223 Continue work on account management and password reset 2013-05-29 14:19:43 -04:00
calzoneman
f3da02566c Start working on account management 2013-05-29 11:49:09 -04:00
calzoneman
a882f598d6 begin working on password reset 2013-05-28 11:40:06 -04:00
calzoneman
cc8c2d8463 Fixes 2013-05-27 15:43:37 -04:00
calzoneman
828b7e0381 Fix #149 and a couple other issues 2013-05-26 11:38:38 -04:00
calzoneman
d9ed665540 Show page title in channel list 2013-05-12 11:46:19 -04:00
calzoneman
3af35cb268 Add links to playlist entries and the index page 2013-05-12 11:41:14 -04:00
calzoneman
62e80cec63 Add password change (#88) 2013-05-04 13:01:04 -05:00
calzoneman
1b376d3177 Fix cross-domain policy for reading logs 2013-05-04 11:40:46 -05:00
calzoneman
e524fca989 Add logviewer to ACP 2013-05-03 15:53:10 -05:00
Calvin Montgomery
923ecc2bf3 Add API endpoints for global ban management 2013-05-03 21:52:14 +04:00
calzoneman
41de5c5d7a Add homepage channel list 2013-05-01 17:49:34 -05:00
calzoneman
ab3dd208c3 Alert on wrong credentials (#76) 2013-05-01 13:02:06 -05:00
calzoneman
d5fc0bb03d Fix 'that username is already taken' login bug 2013-04-26 12:50:31 -05:00
calzoneman
84fb4214d7 Fix cross-domain issues 2013-04-25 23:57:46 -05:00
calzoneman
087f612b37 Bugfixes for last commit 
- Fix race condition for login frame
- Fix guest logins
 2013-04-25 23:04:51 -05:00
calzoneman
3a7acd0526 Implement new session system 
I replaced the old login system with a more secure one.
Instead of storing cookies containing the username and plaintext password, the password
is submitted once to obtain a session hash, which is valid for a given length of time.
Registering and logging in is now done via an iframe, which prevents custom javascript from having access to the password field.
Site admins need to run the following SQL before updating, or else all of your logins/registrations will fail:

ALTER TABLE `registrations` ADD `session_hash` VARCHAR( 64 ) NOT NULL ,
ADD `expire` BIGINT NOT NULL
 2013-04-25 22:50:12 -05:00
calzoneman
ea4ed864c8 Fix content-length bug for api.js 
Well, it finally happened.  I made an assumption about text and it bit me in the butt.  Protip: not everything is 1 byte per character!
 2013-04-25 16:36:56 -05:00
calzoneman
a88088f2d6 Continue working on API 2013-04-25 16:16:53 -05:00
calzoneman
9786d7eff5 start working on API 2013-04-25 11:00:06 -05:00