deblan-mirror/thelounge
deblan-mirror/thelounge
1
0
Fork 0
mirror of https://github.com/thelounge/thelounge.git synced 2024-06-01 21:32:17 +02:00
Code Issues Projects Releases Wiki Activity
2533 commits 47 branches 115 tags 36 MiB
Commit graph

125 commits

Author SHA1 Message Date
Élie Michel cfa6db10c7 Make new LDAP options backward compatible 
Also draft some kind of plugin system for auth, although it essentially consists in writing a function
and there is no mechanism to automatically fallback from one auth to another
 2017-09-03 23:00:23 +02:00
Élie Michel 19710b90c0 Merge branch 'master' into pr-proper-ldap 2017-08-29 08:42:26 +02:00
Jérémie Astori 684f1a641d
Make sure server is running before loading users 2017-08-23 13:21:14 -04:00
Pavel Djundik 0ac3ba28e1 Web Push Notifications 2017-08-22 10:54:18 +03:00
Pavel Djundik 3190fd00bf Refactor authentication flow 2017-08-13 21:37:12 +03:00
Pavel Djundik c14f7da1b2 Generate unique tokens for each login and session 2017-07-31 02:02:15 +03:00
Jérémie Astori 157289258a
Keep track of preview visibility on the server so it persists at page reload 2017-07-26 18:16:50 -04:00
Pavel Djundik f35a2809a7 Store preview images on disk for privacy, security and caching 2017-07-18 11:37:16 +03:00
Pavel Djundik b0efbf8a1e Parse x-forwarded-for header correctly 2017-06-21 14:34:06 +03:00
Pavel Djundik f6dd616d5e Update to eslint 4 and enforce extra rules 2017-06-19 09:58:29 +03:00
Pavel Djundik ca54c40d0f Merge pull request #1197 from thelounge/xpaw/socketio-transports 
Correctly configure client socket transports
 2017-06-08 20:19:49 +03:00
Pavel Djundik b46f92c7d8 Only update bcrypt password rounds if the password actually matches 2017-06-02 11:02:03 +03:00
Pavel Djundik 16fb118d02 Correctly configure client transports 
Fixes #848
 2017-06-01 22:43:23 +03:00
Alistair McKinlay b4310dbc03 Review changes 
(Should be squashed before merge)
 2017-04-21 09:26:02 +01:00
Alistair McKinlay cc85b2143c Change index.html to be rendered using handlebars 2017-04-21 09:16:24 +01:00
Metsjeesus fa51a2c281 Add CA bundle option in SSL 2017-04-15 19:12:21 +03:00
Pavel Djundik f645c32cb9 Use local variables to check length 2017-04-14 00:05:28 +03:00
Jérémie Astori fe7c570cc9 Use Referrer-Policy header instead of CSP referrer 
According to MDN:

> referrer
>   Used to specify information in the referer (sic) header for links away from a page.
>   Use the Referrer-Policy header instead.

See:

- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/referrer
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
 2017-04-06 02:25:43 -04:00
S 001f96035b Switch to bcryptjs and make password comparison async 
- PasswordCompareAsync prevents timeouts on resource constraint devices
- All password.compare calls are now async
- Updated tests to accept async functions
 2017-04-01 03:06:09 -04:00
Élie Michel ed3b4faa62 Fix eslint styling issues 2017-03-21 15:49:54 +01:00
Élie Michel 642442c041 Implement a proper LDAP authentication process 
The Lounge first log as a special user in order to search (as in LDAP's
'"search" verb) for the user's full DN. It then attempts to bind using the
found user DN and the user provided password.
 2017-03-21 15:15:33 +01:00
Pavel Djundik c409328ddf Fix variable shuffling around ident handler 
Fixes #965
 2017-03-17 22:24:40 +02:00
Pavel Djundik 9997aafec7 Rewrite identd server, combine with oidentd 2017-03-12 12:02:22 +02:00
Jérémie Astori bc8b699437 Add a basic check for bundled application when starting the server 
Note that this will not detect if the client application was built with an old version of the repo.
 2017-01-23 01:15:50 -05:00
Jérémie Astori 3e82994ae2 Make log style when referring user consistent with other places 2017-01-04 02:17:15 -05:00
Pavel Djundik fb87bd3a58 Webpack 2016-12-27 19:15:30 +02:00
Pavel Djundik 3a3eebd61d Do not use backticks in strings when unnecessary 2016-12-20 02:09:53 +02:00
Jérémie Astori b01517861d Remove autoload option and always autoload users 
Since @xPaw provided a really nice way to watch user config files, there is now no need to be cheap about it (it used to be run every second, possibly why it could be disabled via settings?).

This commit also improves the function a little bit by making use of ES6 syntax.

A warning gets displayed on the server console when the `autoload` option is still present in the config file.
 2016-12-11 03:29:30 -05:00
Jérémie Astori 303fab8519 Merge pull request #749 from thelounge/xpaw/hexip 
Add support for hexip ilines and fix storing client ip in config
 2016-12-10 19:50:33 -05:00
Pavel Djundik 463a63aed3 Avoid unnecessary disk writes if user object has not changed, make updateUser async 2016-12-10 11:05:34 +02:00
Jérémie Astori adf93f9fad Merge pull request #746 from thelounge/xpaw/update-deps 
Update depdencides to latest stable versions
 2016-11-20 14:46:16 -05:00
Pavel Djundik 00548e65d7 Update existing networks with ip and hostmask if null 2016-11-19 22:34:05 +02:00
Pavel Djundik 708788338c Add support for hexip ilines 2016-11-19 20:32:47 +02:00
Pavel Djundik 6023035838 Update depdencides to latest stable versions 2016-11-19 10:49:16 +02:00
Pavel Djundik b5db0abc18 Print node version and platform 2016-11-18 19:25:23 +02:00
William Boman 2f77d6981b src/server: log config path on start-up 2016-11-15 18:23:02 +01:00
Jérémie Astori 8ec6d969d1 Merge pull request #697 from cloudron-io/ldap_crashfix 
Fix crash when LDAP server is unreachable
 2016-10-23 10:10:48 -04:00
Pavel Djundik c5e0dee3a3 Change bcrypt rounds from 8 to 11 2016-10-22 09:24:27 +03:00
Pavel Djundik a1f56c7395 Improve support for opening multiple clients at once 
- Synchornize unread counter with the server
- Fix unread marker on no attached clients
- Increase unread counter for server messages
 2016-10-17 01:31:22 -04:00
Girish Ramakrishnan 09f2d069de Fix crash when LDAP server is unreachable 
Fixes #667
 2016-10-16 11:27:09 -07:00
William Boman 99218341ec consolidate version numbers throughout all interfaces 2016-10-10 21:56:57 +02:00
Pavel Djundik aa02fd5180 Enforce more eslint rules 2016-10-09 17:55:37 -04:00
Pavel Djundik 3b8a478e34 Fix loading fonts in Microsoft Edge 2016-10-09 12:29:17 +03:00
toXel 5b6f5d5dce Check if SSL key and certificate files exist 2016-10-08 14:56:12 +02:00
Pavel Djundik 396a9cffb1 Display extra loading messages 2016-09-25 09:52:16 +03:00
Jérémie Astori 2b3b4ea924 Explicitly authorize websockets in CSP header 
This follows a recent change in WebKit (see https://webkit.org/blog/6830/a-refined-content-security-policy/, section "More restrictive wildcard *") to remove websocket schemes from the connect-src directive.
Users of Safari v10 (to be publicly released in a few days) would be affected by this and could not load the app.
 2016-09-09 01:17:31 -04:00
Jérémie Astori b153d568a0 Add a theme selector in the settings 
Power to the people!

There is now 2 ways to set the theme: on the app config file (defaults
for all users) and in the user settings.
All CSS files present in the `client/themes` folder will be given as
choices to the users.

This is temporary (as in, temporary for a fairly long time) until we
have proper theme management.
 2016-09-06 01:11:31 -04:00
Jérémie Astori 40b8f0c293 Make sure users with wrong tokens are locked out instead of crashing the app 2016-08-18 00:02:40 -04:00
Jérémie Astori f824036225 Merge pull request #535 from thelounge/PR/fix-webirc-4in6 
Fix webirc and 4-in-6 addresses
 2016-08-12 00:39:26 -04:00
Maxime Poulin bec0c74772 Merge pull request #552 from thelounge/astorije/logger 
Use our logger instead of console.{log,error} for LDAP logs
 2016-08-11 01:44:54 -04:00