deblan-mirror/thelounge
deblan-mirror/thelounge
1
0
Fork 0
mirror of https://github.com/thelounge/thelounge.git synced 2024-05-23 16:42:15 +02:00
Code Issues Projects Releases Wiki Activity
6900 commits 45 branches 115 tags 36 MiB
Commit graph

262 commits

Author SHA1 Message Date
Pavel Djundik c06fb9a275 Clear storage folder after successful start and graceful exit 2017-12-18 16:59:05 +02:00
Jérémie Astori 844ca1fbe6
Merge pull request #1811 from thelounge/astorije/improve-helper 
Clean up path helpers, expand defaults location in `thelounge --help`, add tests for `expandHome`
 2017-12-08 21:53:14 -05:00
Jérémie Astori 0482747781
Only use helpers and not shared variables around path helpers 
This refactor has a few benefits, for example there cannot be a rogue update of `Helper.CONFIG_PATH` or something.
 2017-12-07 23:02:32 -05:00
Pavel Djundik fb0f68f8a5 Harden content security policy even further 2017-12-07 20:45:45 +02:00
Pavel Djundik 552f3da67e Implement manual network/channel cloning for better performance 2017-12-03 16:31:37 +02:00
Pavel Djundik 01f524b7c5 Don't send defaults if not displaying network 2017-11-19 19:46:04 +02:00
Pavel Djundik adab03f730 Fix test 2017-11-19 19:43:43 +02:00
Pavel Djundik e86a155ec2 Remove express-handlebars, read manifest.json to get theme-color 2017-11-19 19:43:43 +02:00
Pavel Djundik c30f4aaaeb Move help to view 2017-11-19 19:43:43 +02:00
Pavel Djundik 8d88779918 Fix options 2017-11-19 19:43:42 +02:00
Pavel Djundik 711b5e1d91 Make settings/options mostly work 
Fixes #1672
 2017-11-19 19:43:42 +02:00
Jérémie Astori f2d9ef62cf
Merge pull request #1715 from thelounge/astorije/deprecate-node-v4 
Deprecate support of Node v4 in preparation of The Lounge v3
 2017-11-19 01:05:57 -05:00
Jérémie Astori ef1c59072c
Deprecate support of Node v4 in preparation of The Lounge v3 2017-11-18 13:52:31 -05:00
Jérémie Astori 1dc92d8934
Enforce dangling commas with ESLint 
¯\_(ツ)_/¯
 2017-11-15 01:35:15 -05:00
Pavel Djundik 81e3e88391
Merge pull request #1636 from thelounge/xpaw/cleanup-clientmanager 
Cleanup client manager functions
 2017-10-29 10:25:42 +02:00
Pavel Djundik 3f2a017583 Create public folder with webpack 2017-10-18 21:20:12 +03:00
Pavel Djundik 50504ed09b Fix possible race condition when attaching clients 2017-10-17 12:45:18 +03:00
Pavel Djundik 280eea970a Get client ip address correctly 2017-10-17 10:35:28 +03:00
Pavel Djundik 5c45321cca Cleanup client manager functions 2017-10-15 19:05:19 +03:00
Pavel Djundik 44acc5cb00 Teardown sockets in tests 2017-10-06 12:53:08 +03:00
Pavel Djundik 2f15ab3999 Fix attached client not having token on login 2017-09-26 10:56:08 +03:00
Pavel Djundik 833bdfa2aa Fix session data not updating correctly 2017-09-26 10:56:08 +03:00
Pavel Djundik d7e6db92b5 Implement session list 2017-09-26 10:56:08 +03:00
Jérémie Astori 637949ea55 Merge pull request #1471 from thelounge/xpaw/client-reconnection 
Automatic client reconnection
 2017-09-20 00:05:37 -04:00
Pavel Djundik 21c9919fa1 Print compatibility theme setting warning on startup 2017-09-19 12:21:08 +03:00
Pavel Djundik cffa957e34 Only send messages newer than last seen id 2017-09-19 11:45:22 +03:00
Pavel Djundik 0c0df1efc9 Force reload the page if socket reconnects and server restarted 2017-09-19 11:45:22 +03:00
Alistair McKinlay 59d2f93f61
Allow themes from npm 2017-09-17 19:47:29 -04:00
Pavel Djundik 099fb058c6 Merge pull request #1478 from eliemichel/pr-proper-ldap--rebased 
Implement a proper LDAP authentication process
 2017-09-04 09:02:58 +03:00
Elie Michel 32e1a36980 Generalize auth plugin fallback mechanism 
@astorije this is for you ;)
https://github.com/thelounge/lounge/pull/1478#discussion_r136492534
 2017-09-03 23:00:25 +02:00
Elie Michel 00e54e49ac Add tests for LDAP auth plugin 2017-09-03 23:00:24 +02:00
Elie Michel 12ba10f688 Reorganize auth plugins 2017-09-03 23:00:23 +02:00
Élie Michel cfa6db10c7 Make new LDAP options backward compatible 
Also draft some kind of plugin system for auth, although it essentially consists in writing a function
and there is no mechanism to automatically fallback from one auth to another
 2017-09-03 23:00:23 +02:00
Pavel Djundik c845d5723d One line server startup errors 2017-09-03 15:13:56 +03:00
Pavel Djundik 9e1296d303 Merge pull request #1479 from thelounge/xpaw/unix-socket 
Add support for binding to unix sockets
 2017-09-01 11:25:00 +03:00
Jérémie Astori ad8ec4b1e6
Remove the "Stay signed in" checkbox at login 
This option is less and less the norm on modern webapps, it is fair to assume this is the default behavior. In fact, we were making it the default.

But more importantly, coming soon is the ability of remotely logging out of your other sessions, which is well handled through token deletion. That means we need to know about said tokens, which are not sent in no-"Stay signed in" version.
 2017-08-31 23:07:43 -04:00
Pavel Djundik b79a6cce0c Add support for binding to unix sockets 
Fixes #686.
Fixes #691.
 2017-08-31 21:56:20 +03:00
Pavel Djundik 0d57df81af Gracefully quit on Ctrl+C 
Fixes #268
 2017-08-30 20:26:45 +03:00
Élie Michel 19710b90c0 Merge branch 'master' into pr-proper-ldap 2017-08-29 08:42:26 +02:00
Jérémie Astori 684f1a641d
Make sure server is running before loading users 2017-08-23 13:21:14 -04:00
Pavel Djundik 0ac3ba28e1 Web Push Notifications 2017-08-22 10:54:18 +03:00
Pavel Djundik 3190fd00bf Refactor authentication flow 2017-08-13 21:37:12 +03:00
Pavel Djundik c14f7da1b2 Generate unique tokens for each login and session 2017-07-31 02:02:15 +03:00
Jérémie Astori 157289258a
Keep track of preview visibility on the server so it persists at page reload 2017-07-26 18:16:50 -04:00
Pavel Djundik f35a2809a7 Store preview images on disk for privacy, security and caching 2017-07-18 11:37:16 +03:00
Pavel Djundik b0efbf8a1e Parse x-forwarded-for header correctly 2017-06-21 14:34:06 +03:00
Pavel Djundik f6dd616d5e Update to eslint 4 and enforce extra rules 2017-06-19 09:58:29 +03:00
Pavel Djundik ca54c40d0f Merge pull request #1197 from thelounge/xpaw/socketio-transports 
Correctly configure client socket transports
 2017-06-08 20:19:49 +03:00
Pavel Djundik b46f92c7d8 Only update bcrypt password rounds if the password actually matches 2017-06-02 11:02:03 +03:00
Pavel Djundik 16fb118d02 Correctly configure client transports 
Fixes #848
 2017-06-01 22:43:23 +03:00
Alistair McKinlay b4310dbc03 Review changes 
(Should be squashed before merge)
 2017-04-21 09:26:02 +01:00
Alistair McKinlay cc85b2143c Change index.html to be rendered using handlebars 2017-04-21 09:16:24 +01:00
Metsjeesus fa51a2c281 Add CA bundle option in SSL 2017-04-15 19:12:21 +03:00
Pavel Djundik f645c32cb9 Use local variables to check length 2017-04-14 00:05:28 +03:00
Jérémie Astori fe7c570cc9 Use Referrer-Policy header instead of CSP referrer 
According to MDN:

> referrer
>   Used to specify information in the referer (sic) header for links away from a page.
>   Use the Referrer-Policy header instead.

See:

- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/referrer
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
 2017-04-06 02:25:43 -04:00
S 001f96035b Switch to bcryptjs and make password comparison async 
- PasswordCompareAsync prevents timeouts on resource constraint devices
- All password.compare calls are now async
- Updated tests to accept async functions
 2017-04-01 03:06:09 -04:00
Élie Michel ed3b4faa62 Fix eslint styling issues 2017-03-21 15:49:54 +01:00
Élie Michel 642442c041 Implement a proper LDAP authentication process 
The Lounge first log as a special user in order to search (as in LDAP's
'"search" verb) for the user's full DN. It then attempts to bind using the
found user DN and the user provided password.
 2017-03-21 15:15:33 +01:00
Pavel Djundik c409328ddf Fix variable shuffling around ident handler 
Fixes #965
 2017-03-17 22:24:40 +02:00
Pavel Djundik 9997aafec7 Rewrite identd server, combine with oidentd 2017-03-12 12:02:22 +02:00
Jérémie Astori bc8b699437 Add a basic check for bundled application when starting the server 
Note that this will not detect if the client application was built with an old version of the repo.
 2017-01-23 01:15:50 -05:00
Jérémie Astori 3e82994ae2 Make log style when referring user consistent with other places 2017-01-04 02:17:15 -05:00
Pavel Djundik fb87bd3a58 Webpack 2016-12-27 19:15:30 +02:00
Pavel Djundik 3a3eebd61d Do not use backticks in strings when unnecessary 2016-12-20 02:09:53 +02:00
Jérémie Astori b01517861d Remove autoload option and always autoload users 
Since @xPaw provided a really nice way to watch user config files, there is now no need to be cheap about it (it used to be run every second, possibly why it could be disabled via settings?).

This commit also improves the function a little bit by making use of ES6 syntax.

A warning gets displayed on the server console when the `autoload` option is still present in the config file.
 2016-12-11 03:29:30 -05:00
Jérémie Astori 303fab8519 Merge pull request #749 from thelounge/xpaw/hexip 
Add support for hexip ilines and fix storing client ip in config
 2016-12-10 19:50:33 -05:00
Pavel Djundik 463a63aed3 Avoid unnecessary disk writes if user object has not changed, make updateUser async 2016-12-10 11:05:34 +02:00
Jérémie Astori adf93f9fad Merge pull request #746 from thelounge/xpaw/update-deps 
Update depdencides to latest stable versions
 2016-11-20 14:46:16 -05:00
Pavel Djundik 00548e65d7 Update existing networks with ip and hostmask if null 2016-11-19 22:34:05 +02:00
Pavel Djundik 708788338c Add support for hexip ilines 2016-11-19 20:32:47 +02:00
Pavel Djundik 6023035838 Update depdencides to latest stable versions 2016-11-19 10:49:16 +02:00
Pavel Djundik b5db0abc18 Print node version and platform 2016-11-18 19:25:23 +02:00
William Boman 2f77d6981b src/server: log config path on start-up 2016-11-15 18:23:02 +01:00
Jérémie Astori 8ec6d969d1 Merge pull request #697 from cloudron-io/ldap_crashfix 
Fix crash when LDAP server is unreachable
 2016-10-23 10:10:48 -04:00
Pavel Djundik c5e0dee3a3 Change bcrypt rounds from 8 to 11 2016-10-22 09:24:27 +03:00
Pavel Djundik a1f56c7395 Improve support for opening multiple clients at once 
- Synchornize unread counter with the server
- Fix unread marker on no attached clients
- Increase unread counter for server messages
 2016-10-17 01:31:22 -04:00
Girish Ramakrishnan 09f2d069de Fix crash when LDAP server is unreachable 
Fixes #667
 2016-10-16 11:27:09 -07:00
William Boman 99218341ec consolidate version numbers throughout all interfaces 2016-10-10 21:56:57 +02:00
Pavel Djundik aa02fd5180 Enforce more eslint rules 2016-10-09 17:55:37 -04:00
Pavel Djundik 3b8a478e34 Fix loading fonts in Microsoft Edge 2016-10-09 12:29:17 +03:00
toXel 5b6f5d5dce Check if SSL key and certificate files exist 2016-10-08 14:56:12 +02:00
Pavel Djundik 396a9cffb1 Display extra loading messages 2016-09-25 09:52:16 +03:00
Jérémie Astori 2b3b4ea924 Explicitly authorize websockets in CSP header 
This follows a recent change in WebKit (see https://webkit.org/blog/6830/a-refined-content-security-policy/, section "More restrictive wildcard *") to remove websocket schemes from the connect-src directive.
Users of Safari v10 (to be publicly released in a few days) would be affected by this and could not load the app.
 2016-09-09 01:17:31 -04:00
Jérémie Astori b153d568a0 Add a theme selector in the settings 
Power to the people!

There is now 2 ways to set the theme: on the app config file (defaults
for all users) and in the user settings.
All CSS files present in the `client/themes` folder will be given as
choices to the users.

This is temporary (as in, temporary for a fairly long time) until we
have proper theme management.
 2016-09-06 01:11:31 -04:00
Jérémie Astori 40b8f0c293 Make sure users with wrong tokens are locked out instead of crashing the app 2016-08-18 00:02:40 -04:00
Jérémie Astori f824036225 Merge pull request #535 from thelounge/PR/fix-webirc-4in6 
Fix webirc and 4-in-6 addresses
 2016-08-12 00:39:26 -04:00
Maxime Poulin bec0c74772 Merge pull request #552 from thelounge/astorije/logger 
Use our logger instead of console.{log,error} for LDAP logs
 2016-08-11 01:44:54 -04:00
Jérémie Astori 14782a56b7 Use our logger instead of console.{log,error} 2016-08-10 02:40:28 -04:00
Jérémie Astori cf64cb04c4 Fix token persistency across server restarts 
This fixes a regression introduced by LDAP support addition
(https://github.com/thelounge/lounge/pull/477), which forces
users to re-login when the server restarts. This was originally
implemented in https://github.com/thelounge/lounge/pull/370.
 2016-08-10 02:26:47 -04:00
Maxime Poulin d42ac23c55
Fix webirc and 4-in-6 addresses 2016-07-30 20:54:09 -04:00
Johan Lindskogen 987474cfc1 implementing LDAP support 2016-07-29 21:28:00 -04:00
Jérémie Astori 9e188bad4b Make sure git commit check would not send stderr to the console 
Before that change, running a release would display this in the console:
```
fatal: Not a git repository (or any of the parent directories): .git
```

Also, this adds strict mode for that file, and make sure `gitCommit` never throws a `ReferenceError`.
 2016-07-18 21:35:02 -04:00
Jérémie Astori 71577cf55e Display whether instance is running from a release or from git on About section 2016-07-13 03:17:55 -04:00
Alistair McKinlay 9c07f2b0f2 Merge pull request #387 from thelounge/xpaw/config 
Cache loaded config and merge it with defaults
 2016-07-04 08:18:55 +01:00
William Boman 32b46bb32d src/client: make sure config is always an object 2016-06-30 15:06:14 +02:00
Pavel Djundik 100262ad1f Cache loaded config and merge it with defaults 
Fixes #249
 2016-06-26 19:30:25 +03:00
Maxime Poulin 1b9c5d8996
Fix default configuration for host. 
Similarly to kiwiirc/irc-framework#55, passing `undefined` there instead of `"0.0.0.0"` allows the OS to decide and use both IPv4 and IPv6.
 2016-06-24 06:25:51 -04:00
Pavel Djundik f0adee1700 Fix crash in public mode introduced by #370 (#413) 2016-06-19 10:59:10 +03:00
Maxime Poulin deba6f3aa1
Fix crash in public mode introduced by #370 2016-06-18 23:35:32 -04:00
Jérémie Astori 75c578c02c Merge pull request #369 from thelounge/xpaw/fix-losing-auth 
Do not lose authentication token when the connection gets lost
 2016-06-18 22:35:12 -04:00
Pavel Djundik 12551c06b6 Perform node version check as soon as possible 2016-06-16 11:13:34 +03:00
Pavel Djundik 2008abc0e8 Do not lose authentication token when the connection gets lost 2016-06-13 10:39:01 +03:00
Pavel Djundik 9384cd9ca6 Implement user token persistency 2016-06-13 10:33:39 +03:00
Daniel 084b269865 Rename package variable to pkg, as "package" is reserved. 2016-06-12 02:46:51 +01:00
Maxime Poulin 22d4f40613
Warn the user when both ident handlers are enabled 2016-06-03 00:11:20 -04:00
Maxime Poulin fabb758985 Add support for oidentd spoofing 2016-06-02 23:59:19 -04:00
Maxime Poulin 0b6d13d22d
Don't check for existing password emptyness 
Pointed out by @PugaBear, it's possible for a user to have an empty password. There isn't really a need to check for password emptyness, it will simply fail with wrong old password instead.
 2016-05-10 18:00:07 -04:00
Pavel Djundik d143542fe5 Add security headers to minimize XSS damage 2016-05-06 11:08:45 +03:00
Maxime Poulin 96d282e73c
Add WEBIRC support 
Fixes #181
 2016-05-02 00:45:19 -04:00
Maxime Poulin 6d1e81b324 Remove "trust proxy" as it does litterally nothing 2016-05-02 00:42:03 -04:00
Pavel Djundik e75a8f40a6 Stricter eslint rule for curly brackets 2016-05-01 12:41:17 +03:00
Jérémie Astori 177041c9bb Merge pull request #280 from thelounge/min-node-ver 
Document supported node version
 2016-04-27 10:03:43 -04:00
Maxime Poulin 96d180077c
Add support for ~ home folder expansion 2016-04-27 04:23:54 -04:00
Pavel Djundik d428bb7511 Document supported node version 2016-04-27 10:07:43 +03:00
Pavel Djundik ede3131168 Add global logging helper 2016-04-27 00:05:55 +03:00
Jérémie Astori 05be0ff57f Merge pull request #174 from thelounge/xpaw/http2 
Add support for HTTP2
 2016-03-19 18:06:34 -04:00
xPaw 9e8bc44e3a Fix default socket.io transports 2016-03-19 18:48:36 +02:00
Pavel Djundik 689b018079 Add support for HTTP2 2016-03-09 14:04:05 +02:00
Pavel Djundik 52bc324a63 Update eslint to 2.3.0 and add stricter rules 2016-03-09 10:50:20 +02:00
Jérémie Astori 5f11c26223 Fix complete crash when refreshing a public instance 2016-02-29 01:19:11 +00:00
Daniel Llewellyn b79a918be8 frontend password change functionality 
- refactor clientManager.js to allow configuration parsing as a serparate
  function.
  - refactor clientManager.js to add configuration writing function.
  - add server.js changes to allow for new password-change functionality
  - add password change ui to "settings" screen
  - refactor client.js to use new clientManager functionality for saving
    the configuration files
 2016-02-26 18:38:15 +00:00
Alistair McKinlay b2625aebae Merge pull request #38 from xPaw/lodash 
Update lodash
 2016-02-21 15:31:44 +00:00
Pavel Djundik 19bc4f37e0 Update lodash 2016-02-19 15:13:53 +02:00
Maxime Poulin 5bf205195d Only update the users list when needed 
Currently, for join/part/kick/nick/... the server will send an updated list of users and the client will re-render the list entirely. This ends up being a very expensive operation when joined on large channels and causes the client to slow down a lot.
 2016-02-17 04:35:55 -05:00
Jérémie Astori 39dc4e8957 Update name and link to repo to new project 2016-02-10 06:20:05 +00:00
William Boman 8fdfd70c7e Comply with ESLint 2015-10-26 03:01:47 +01:00
Mattias Erming 53faab2f41 Ignore query variables 2014-12-11 23:19:09 +01:00
Riku Rouvila 9416c492dd add socket.io transports to configuration 2014-11-01 22:06:01 +02:00
Mattias Erming 1a620e1d54 Change 'users/' folder structure 2014-10-14 22:05:16 +02:00
Mattias Erming 95bebfe12c Refactoring 2014-10-11 19:33:28 +02:00
Mattias Erming 3918c0ab61 Merge pull request #226 from wizardfrag/identd 2014-10-11 17:26:41 +02:00
Mattias Erming d1296abf12 Clean up server options 2014-10-11 14:35:28 +02:00
David White ea0e66afd0 Set up identd and make it work on connection 😎 2014-10-11 11:09:27 +01:00
XeonCore dbd423e5a1 Allow binding to a local IP 2014-10-11 17:17:41 +11:00
Mattias Erming 2e964ca629 Prevent multiple logins 2014-10-08 22:16:10 +02:00
Mattias Erming 2ed7d6364c Added '--home <path>' option 2014-10-03 16:33:44 -07:00
Mattias Erming 316fba3c08 Use 'bcrypt-nodejs' package 2014-10-03 02:57:35 -07:00
Shell Turner 7e4534afa9 Always go through the Helper object to load config 2014-10-01 18:53:54 +02:00
Mattias Erming 3e22b6e88a Added https support 2014-09-26 16:26:21 -07:00
Mattias Erming 4c94a67d49 Use express 2014-09-26 15:12:53 -07:00
Mattias Erming 4d9b58ecd5 Autoload users 2014-09-24 15:23:54 -07:00
Mattias Erming 8793551371 Sync sidebar order 2014-09-24 12:42:36 -07:00
Mattias Erming 11f3d452dd Server-side tracking of new message count 2014-09-21 09:46:43 -07:00
Mattias Erming 56b72071ec Fix login 2014-09-16 10:43:02 -07:00
Mattias Erming 78d36d6750 Added 'Remember' login option 2014-09-15 14:13:03 -07:00
Mattias Erming b52b860167 Fix login 2014-09-14 12:13:34 -07:00
Mattias Erming 221ed4b980 Change config.json to config.js 2014-09-13 09:41:11 -07:00
Sascha Depold aa2406eb4b Load home directory from helper and make it configurable. 2014-09-13 14:26:45 +02:00
Chris Moeller 1076ee4e06 Server correctly sends text/html MIME type and response code 200 for the root index. 2014-09-13 05:54:17 +01:00
Mattias Erming 428f63946b Added password hashing 2014-09-11 13:37:16 -07:00