Commit graph

101 commits

Author SHA1 Message Date
Thomas Citharel a7da5ab269
Improve JWT tokens expiration
- Reduce access tokens TTL to 15 minutes
- Set refresh tokens TTL to 60 days
- Set Guardian.DB to only track refresh tokens
- Remove refresh token when logging out

Closes #710 #705 #706

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:22 +02:00
Thomas Citharel 27928ce8ef
Remove inet6 declaration in config.exs
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:21 +02:00
Thomas Citharel 3abd97fc91
Add missing config for absinthe
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:20 +02:00
Thomas Citharel 86c2512c62
WIP
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:32:05 +02:00
Thomas Citharel a282275026
Refresh group actors once per day
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-28 18:06:27 +02:00
Thomas Citharel 0210b677c5
Expose maximum picture sizes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-04-12 12:01:52 +02:00
Thomas Citharel 1aa699fef0
Introduce instance ICS & Atom feeds (disabled by default)
And refactor the feed modules

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-26 16:19:58 +01:00
Thomas Citharel b002d905cb
Handle calling .well-known/host-meta with "application/xrd+xml" accept
header

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-23 19:28:19 +01:00
Thomas Citharel 239457a219
Releases fixes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-15 10:34:03 +01:00
Thomas Citharel 74e0e009d1
Add cron job to clean old activities
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-03-02 14:34:52 +01:00
Thomas Citharel 3fe64a4389
Introduce the group activity section
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-02-26 09:37:06 +01:00
Thomas Citharel 496debd6f3
Change everything for releases
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-02-10 14:39:09 +01:00
Thomas Citharel ad74234ab4
Upgrade to use latest Sentry
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-02-05 15:19:16 +01:00
Thomas Citharel 882661e22c
Clean some unused config key
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-02-05 15:19:15 +01:00
Thomas Citharel d0e28c6308
Add Oban.Plugins.Pruner to clear done jobs
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-01-27 17:06:09 +01:00
Thomas Citharel 43c694be72
Upgrade Oban
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-01-27 17:06:09 +01:00
Thomas Citharel 88707ff729
Add Sentry
We use Sentry 7.x for now because Sentry 8.0 requires Elixir 1.10

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-01-27 17:06:09 +01:00
Thomas Citharel a8e58547fd
Add back media proxy for resources pictures
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-01-26 12:15:53 +01:00
Thomas Citharel e0e46a81e3
Refactor CSP config by using Pleroma's HTTPSecurityPlug
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-01-25 18:06:49 +01:00
ty kayn 5c57f1ce3c if an event has geo coordinates, add links to routing on OSM, with correct place and zoom of 14, 3 buttons to get routig as car, bike, and by feet.
Signed-off-by: Baptiste Lemoine <contact@cipherbliss.com>
2020-12-17 11:26:25 +01:00
Thomas Citharel 9b27e70eb0
Save remote profiles avatars & banners locally
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-12-15 17:17:42 +01:00
Thomas Citharel d6d9309784
[LDAP] Allow to filter users by memberOf
Closes #528

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-12-01 09:16:41 +01:00
Thomas Citharel 0f5941a046
[LDAP] Allow to bind to an admin with a different FQDN
By directly providing the full DN

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-12-01 09:16:28 +01:00
Thomas Citharel 207d5c0eb0
Use better upstream deps
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-30 12:48:23 +01:00
Thomas Citharel 0e1dc0df8d
Clean unconfirmed users
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-27 11:10:12 +01:00
Thomas Citharel c9457fe0d3
Track usage of media files and add a job to clean them
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-26 17:53:33 +01:00
Thomas Citharel a115b49b4c
Only load all locales in prod mode
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-17 15:42:03 +01:00
Thomas Citharel eafc9ab658
Hide tokens inside logs
Especially from Websockets logs which contains auth token

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-16 12:30:06 +01:00
Thomas Citharel 90ee9d7d72
Activate missing languages
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-14 13:49:13 +01:00
Thomas Citharel 7c11807c14
Allow to join an open group
Also:

* Refactor interacting with a remote event so that you can interact with
  a remote group as well
* Add a setting for group admins to pick between an open and invite-only
  group
* Fix new groups without posts/todos/resources/events/conversations URL
  set
* Repair local groups that haven't got their
  posts/todos/resources/events/conversations URL set
* Add a scheduled job to refresh remote groups every hour
* Add a user setting to pick when to receive notifications when there's
  new members to approve (will be used when this feature is available)
* Fix pagination for members

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-06 15:19:36 +01:00
Thomas Citharel 7baad7cafc
Load only a few locales in dev environment
No need to load everything

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-11-06 12:03:20 +01:00
Thomas Citharel 67b906cc96
Fix language change
- Load the language files correctly when language is changed
- Save user language in localstorage so that we can have it even if disconnected (but still load it from user settings eventually since
user might be on a different device)
- Load all locales from Cldr with Gettext
- Fix pt-PT -> pt-BR
- Clean some obsolete config.exs comments

Later changes will allow to set the language without an account
https://framagit.org/framasoft/mobilizon/-/issues/375

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-10-28 19:57:57 +01:00
Thomas Citharel e80aece1dd
Add a comment in docs and config for recommended email port values
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-10-21 10:10:44 +02:00
Thomas Citharel dad9623482
Make sure only proper pictures are uploaded
Closes #384

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-10-09 19:29:12 +02:00
Thomas Citharel 07a5d10421
Introduce support for custom nginx error pages
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-10-09 14:48:49 +02:00
Thomas Citharel 586d8c440d
Add languages to admin settings
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-10-07 16:38:24 +02:00
Thomas Citharel 49a5725da3
Improve and activate groups
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-09-29 10:25:00 +02:00
Thomas Citharel f11e1b948e
Also respond AS payload to application/ld+json
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-09-23 09:23:06 +02:00
Thomas Citharel 69faeec14c
Allow to disable event creation
And change the group toggle

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-09-02 15:08:47 +02:00
Thomas Citharel 7c0b813dce
Fix getting remote IP behind reverse proxy
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-08-27 15:54:43 +02:00
Thomas Citharel 0f82363878
Move crontab for sitemap to hourly
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-08-12 17:55:20 +02:00
Thomas Citharel c56fb710b6
Introduce Sitemaps
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-08-12 16:29:34 +02:00
Thomas Citharel 9a0068dfea
Upgrade oban to 2.0
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-08-12 16:06:09 +02:00
Thomas Citharel 9c9f1385fb
Introduce group posts
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-07-30 16:55:35 +02:00
Thomas Citharel 9a080c1f10
Introduce support for 3rd-party auth (OAuth2 & LDAP)
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-07-06 15:42:59 +02:00
Thomas Citharel dac47d2abb
Add config option to allow anonymous reporting
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-06-09 14:07:49 +02:00
Thomas Citharel 7dbabcf15f
Add toggle to disable groups
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-06-08 16:47:57 +02:00
Thomas Citharel 4144e9ffd0
Introduce group basic federation, event new page and notifications
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-06-03 16:01:26 +02:00
Thomas Citharel 39b7afd1cd
Blind key rotation and stale duration for profiles
See https://blog.dereferenced.org/the-case-for-blind-key-rotation

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-02-14 18:21:18 +01:00
Thomas Citharel 9e3df495dc
Move configuration to traditional way
️ This is the way.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2020-02-06 16:12:13 +01:00