9bd2b6be86
Make the streaming API also handle websockets (because trying to get the browser EventSource interface to
...
work flawlessly was a nightmare). WARNING: This commit makes the web UI connect to the streaming API instead
of ActionCable like before. This means that if you are upgrading, you should set that up beforehand.
2017-02-04 00:34:31 +01:00
557de8e24c
Update settings to re-use admin layout, one big navigation tree, improve settings forms
2017-01-28 03:56:10 +01:00
0bf8c1b5d8
Do not automatically login after password reset, as it would circumvent two-factor auth (if enabled)
...
Do not require e-mail address changes to be re-confirmed, it's only trouble for no real benefit
2017-01-27 20:35:16 +01:00
9b8670c939
Added optional two-factor authentication
2017-01-27 20:35:16 +01:00
8008b60324
Fix key names in statsd
2017-01-26 19:46:52 +01:00
fd23876e75
Improve StatsD instrumentation
2017-01-26 19:08:05 +01:00
4bd0286045
Fix up timeout, improve contrast on "show more", add responsive style
...
for extremely wide monitors
2017-01-26 18:48:56 +01:00
f80c55b591
Fix error
2017-01-22 23:07:31 +01:00
e161d2acdc
Override Rack::Request to use the same trusted proxy settings as Rails
2017-01-22 21:01:28 +01:00
f748a91ec7
Fix #463 - Fetch and display previews of URLs using OpenGraph tags
2017-01-20 01:00:14 +01:00
86264a950c
Add optional StatsD performance tracking
2017-01-18 23:44:29 +01:00
a898072d76
Add Heroku deployment support
2017-01-17 22:00:03 +11:00
db40fd4641
Change default S3 ACL string used by Paperclip from 'public' (which is invalid) to 'public-read'
2017-01-15 20:58:46 +11:00
f29df16eea
Fix Paperclip timeout setting. Fix bug introduced in #437
2017-01-08 19:12:54 +01:00
438446b397
Add read timeout to paperclip when it's downloading remote images
2017-01-07 15:43:56 +01:00
238233440f
Follow call on locked account creates follow request instead
...
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
2016-12-22 23:03:57 +01:00
7855a9b58b
Don't use rack timeout in any but production environments
2016-12-21 19:10:40 +01:00
9d4f96f440
Removing external hub completely, fix #333 fixing digit-only hashtags,
...
removing web app capability from non-webapp pages
2016-12-18 12:24:37 +01:00
4a167885b2
Fix paperclip config
2016-12-07 17:19:29 +01:00
311f2354cf
Update Paperclip config to allow plugging in Minio instead of AWS
2016-12-07 16:59:18 +01:00
5522606989
Add single user mode
2016-12-06 17:19:26 +01:00
e5e702a976
Adding configurable e-mail blacklist
2016-12-04 19:07:02 +01:00
f6b99b05d3
Do not use expiring links after all
2016-12-04 13:02:43 +01:00
595f592304
Do not autoplay videos, display play button instead. Use expiring links when using S3. Do not keep originals
...
for avatars/headers, resize avatars down to 120x120 instead of 300x300. Set cache headers on S3 stuff, also
make it private (aka only accessible via expiring links to prevent hotlinking)
2016-12-04 12:28:10 +01:00
e20d57a9e6
Fix cloudfront config
2016-12-03 22:12:22 +01:00
b245dc1575
Add Cloudfront support
2016-12-03 22:08:15 +01:00
67db2cd871
Upgrade Paperclip to 5, AWS-SDK to 2, do not generate medium/small versions of avatars
2016-11-29 14:20:15 +01:00
3c1c2b0e06
Adding rack timeout of 30sec, PuSH jobs moved to push queue so they
...
can be processed separately
2016-11-29 02:07:14 +01:00
56b9edd476
Don't rate-limit PuSH endpoints
2016-11-29 00:44:11 +01:00
79075e1303
Fix URLs in inline-rendered XML
2016-11-29 00:26:01 +01:00
4d3cd93221
Fix URLs in ApplicationController.renderer
2016-11-28 21:21:05 +01:00
de5764c372
Fix reset date format when rate limited
2016-11-25 18:20:47 +01:00
30f9e9e624
Remove Neo4J
2016-11-24 23:46:27 +01:00
8ab2fcbb2c
Mini Profiler not working well, remove it
2016-11-24 19:59:11 +01:00
30010a6dbd
Moving some counter queries out of subqueries in the API
2016-11-22 22:59:54 +01:00
0e0b4f9e59
i18n for devise mailer too
2016-11-16 18:25:21 +01:00
1b61e404b4
Localizations for most server-side strings
2016-11-16 00:55:33 +01:00
e71b152d89
Fix rubocop issues, introduce usage of frozen literal to improve performance
2016-11-15 16:56:29 +01:00
46191e7071
Adding Emoji One
2016-11-08 21:46:29 +01:00
9da30e31c8
Fix region setting for AWS gem
2016-11-08 18:55:46 +01:00
8f0869876b
Improved configuration from ENV, cleaned up timeline filter methods
...
to be more readable, add extra logging to process feed service
2016-11-07 23:20:52 +01:00
89e887b44a
Fix insecure S3 URLs
2016-11-06 20:59:06 +01:00
54b9a42b3a
Fix URL configuration when S3 is enabled
2016-11-06 20:43:16 +01:00
ec43fb73ed
Improve S3 config
2016-11-06 18:55:20 +01:00
eb6ad973d1
Adding optional S3, fail-mastodon
2016-11-06 18:35:46 +01:00
e7035a4d39
Make cookies https-only if LOCAL_HTTPS is true, set X-Frame-Options to DENY,
...
add permissive CORS to API controllers
2016-11-02 12:58:15 +01:00
ff0eca7337
Restrict access to oauth/applications to admins only
2016-10-23 12:08:52 +02:00
6657414266
Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting
...
to the API
2016-10-22 19:39:44 +02:00
be98addccc
Improving all forms
2016-10-18 16:37:15 +02:00
02613aef3b
Adding application/jrd+json webfinger resource
2016-10-18 02:54:49 +02:00
5860094354
Adding sync of follow relationships to Neo4J, accounts/suggestions API
2016-10-14 23:10:07 +02:00
10395fd275
Fix #72 - add follow/unfollow button to public profiles
2016-10-06 21:27:58 +02:00
f06f295890
Fix doorkeeper skip_authorization
2016-10-02 22:55:09 +02:00
4909bbf415
Add logging for outgoing http requests
2016-10-02 14:58:06 +02:00
492224b93f
Allow non-https redirect URIs for OAuth apps (AndStatus seems to require this)
2016-09-30 22:40:31 +02:00
7e14eefc81
Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app
...
registration API
2016-09-26 23:56:53 +02:00
3b56350121
Fix #6 - Rate limit GET reqs to 300/5min, POST to 100/5min
2016-09-24 13:53:54 +02:00
1022d682dc
Normalized data in Redux, fix for asset URLs when rendered outside request
2016-09-04 14:04:26 +02:00
92afd29650
The frontend will now be an OAuth app, auto-authorized. The frontend will use an access token for API requests
...
Adding better errors for the API controllers, posting a simple status works from the frontend now
2016-08-26 19:12:19 +02:00
44e57f64dd
Improving statuses, adding a composer drawer, which doesn't work yet
2016-08-25 19:52:55 +02:00
bc0692d75b
Removing mini-profiler that doesn't work, formatting timelines a bit better
2016-08-24 19:23:37 +02:00
68c93f8b85
Final fix for ActionCable origin issues
2016-08-18 18:51:50 +02:00
8985f8e66c
Fixing more configuration issues with ActionCable
2016-08-18 18:39:35 +02:00
5a8c149f6b
Fix ActionCable origin checking
2016-08-18 18:08:25 +02:00
6426819b6f
Fix tests
2016-08-18 17:22:44 +02:00
6deb9f966e
Live timelines using ActionCable
2016-08-18 15:49:51 +02:00
10ba09f546
Upgrade to Rails 5.0.0.1
2016-08-17 17:58:00 +02:00
85b00d19b8
Moving Salmon notifications to background processing, fixing mini-profiler
...
behaviour with Turbolinks enabled, optimizing Rabl for production
2016-03-26 13:42:10 +01:00
5764d52b04
Fix Sidekiq pooling issues. Remove API docs from homepage, replace with
...
a basic home timeline
2016-03-25 16:10:14 +01:00
318886287b
Fixing some stuff for Turbolinks, adding gzip on top, fixing a n+1 query
2016-03-25 15:09:40 +01:00
36f3da3cde
Adjust down the number of Sidekiq threads to 5 (default of 25 is way too high)
2016-03-25 14:20:31 +01:00
e24bfbde1a
Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections
...
in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding
admin status to users
2016-03-25 14:12:24 +01:00
42dcb0d4cb
Adding Sidekiq for background processing (firstly just of mailers)
2016-03-25 02:50:48 +01:00
b640f35621
Writing out more tests, fixed some bugs
2016-03-20 13:03:06 +01:00
e2b846f630
Adding letter opener for development and Rack::Attack for future rate limiting implementations
2016-03-19 14:57:30 +01:00
9cb690c706
Access tokens no longer expire, case-insensitive local username validation, as well as case-insensitive Webfinger look-up
2016-03-16 18:29:52 +01:00
2c374cd97c
Adding e-mail configuration
2016-03-16 12:13:40 +01:00
6fec8afc3f
Bind oauth applications to users
2016-03-14 17:49:13 +01:00
3441361568
Adding simple_form, adding profile settings, header image
2016-03-12 20:47:22 +01:00
1aa477ac2f
Customized more doorkeeper views, only logged in users can create oauth apps
2016-03-12 19:46:06 +01:00
aab9f57e36
Adding config for puma, dashboard layout, fixing some queries
2016-03-12 16:21:53 +01:00
447cfef62d
Improving feed queries, switching API to doorkeeper authentication
2016-03-11 16:47:36 +01:00
b919f39b31
Customizing doorkeeper views for authorizing app
2016-03-11 01:58:55 +01:00
6c4c84b161
Distrubute statuses as a fan-out-on-write system, with optional precomputing
2016-03-08 20:20:45 +01:00
ab6696e855
Adding doorkeeper, adding a REST API
...
POST /api/statuses Params: status (text contents), in_reply_to_id (optional)
GET /api/statuses/:id
POST /api/statuses/:id/reblog
GET /api/accounts/:id
GET /api/accounts/:id/following
GET /api/accounts/:id/followers
POST /api/accounts/:id/follow
POST /api/accounts/:id/unfollow
POST /api/follows Params: uri (e.g. user@domain)
OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
2016-03-07 12:42:33 +01:00
7e93da3f8d
Removing grape and adding devise
2016-03-05 13:12:24 +01:00
23d08c6749
Changing the use of config constants to the Rails configuration object
2016-02-29 20:06:39 +01:00
ee73d35eea
Incoming Salmon requests can be turned into follows and unfollows
2016-02-23 22:17:07 +01:00
1dad72bf13
Fixes and general progress
2016-02-22 18:10:30 +01:00
709c6685a9
Made some progress
2016-02-22 16:00:20 +01:00
9c4856bdb1
Initial commit
2016-02-20 22:53:20 +01:00
Eugen Rochko