Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-01-24 00:09:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,835 Commits 71 Branches 489 Tags
48e8252099b977aa9b35d448a0ed9d927ff05ab6
Commit Graph

11219 Commits

Author SHA1 Message Date
Barış Soner Uşaklı
51b7eca119 fix: run every hour, dont show message if average_time is 0 2020-11-12 22:23:50 -05:00
Opliko
04f4429f72 Resolve #7514 - optional timer for registration queue (#8796) 
* feat: #7514 Optional timer for registration queue

* feat: show minutes in average time

* fix: don't show total number of minutes

* feat: implement requested changes

* fix: just store minutes instead of milliseconds

* feat: set default values
 2020-11-12 22:23:07 -05:00
Julian Lam
bcccb331db docs: openapi schema for user/group exist check, session deletion 2020-11-12 15:53:15 -05:00
Julian Lam
dc9668e417 fix: pass length to messaging checkContent hook 2020-11-11 19:53:59 -05:00
Barış Soner Uşaklı
567c5f2056 fix: #8869, dont escape category title,description twice 2020-11-11 12:48:22 -05:00
Julian Lam
f300c933a5 refactor: move session revocation route to write api 2020-11-10 14:27:38 -05:00
Barış Soner Uşaklı
9c5c32d4a5 feat: #8864, add action:events.log 2020-11-10 11:29:15 -05:00
Barış Soner Uşaklı
62c0454cfe feat: show db info side by side 2020-11-09 13:27:40 -05:00
Barış Soner Uşaklı
a0164b1c38 fix: use header/footer cache in prod 2020-11-08 19:46:36 -05:00
Barış Soner Uşaklı
05a92885f2 fix: add missing maxAge to cache 2020-11-08 08:35:40 -05:00
Barış Soner Uşaklı
2e44639210 fix: guest header/footer cache 
allow clearing individual caches
 2020-11-07 22:06:25 -05:00
Barış Soner Uşaklı
f1f9b225b0 feat: #8824, cache refactor (#8851) 
* feat: #8824, cache refactor

ability to disable caches
ability to download contents of cache
refactor cache modules to remove duplicated code

* fix: remove duplicate hit/miss tracking

check cacheEnabled in getUncachedKeys
 2020-11-06 23:13:12 -05:00
Barış Soner Uşaklı
6255874e32 feat: move mkdirp to beforeBuild so it doesnt get called twice 2020-11-06 13:44:29 -05:00
Barış Soner Uşaklı
74951f5967 fix: #8846, possible fix 2020-11-06 12:46:27 -05:00
Barış Soner Uşaklı
0b30efba31 Merge branch 'master' of https://github.com/NodeBB/NodeBB 2020-11-06 12:30:15 -05:00
Barış Soner Uşaklı
16d03975a0 fix: winston error message 2020-11-06 12:24:50 -05:00
Julian Lam
d263192271 feat: group exists API call in write api 2020-11-06 12:18:42 -05:00
Julian Lam
1446cec77f feat: user exist route in write api 2020-11-06 11:55:04 -05:00
Julian Lam
6b196a207f fix: permanent redirect on user api redirect shorthand 2020-11-06 11:54:46 -05:00
Julian Lam
f2bb42c076 fix: user exist route needs no authentication 2020-11-06 11:53:56 -05:00
Julian Lam
60e1e99b4f feat: new shorthand route /api/v3/users/bySlug/:userslug 
closes #8844
 2020-11-06 11:37:21 -05:00
Julian Lam
512f6de6de feat: allow passwords with length > 73 characters (#8818) 
* feat: allow passwords longer than 73 characters

Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.

https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords

* feat: add additional test for passwords > 73 chars

* fix: remove 'password-too-long' error message and all invocations

* test: added test to show that a super long password won't bring down NodeBB

* fix: remove debug log

* Revert "fix: remove 'password-too-long' error message and all invocations"

This reverts commit 1e312bf7ef.

* fix: added back password length checks, but at 512 chars

As processing a large string still uses a lot of memory
 2020-11-06 08:40:00 -05:00
Barış Soner Uşaklı
c61dee4b62 fix: #8840, don't crash if /compose route is called with no query params 2020-11-05 21:01:19 -05:00
Barış Soner Uşaklı
9e3eb5d41a feat: #8821, allow guest topic views 2020-11-05 20:52:43 -05:00
Julian Lam
f68bce86a9 fix: XSS in event:banned messaging modal 2020-11-05 19:18:17 -05:00
Barış Soner Uşaklı
76cd5b0fc1 fix: #8836, truncate fullname 2020-11-05 16:25:55 -05:00
psychobunny
eec630f1ef fix(acp): max-height for plugin menu list 2020-11-05 11:44:23 -05:00
Julian Lam
891a1ea2af fix: #8827, do not require admin:users privilege to ban users 2020-11-05 10:22:07 -05:00
Barış Soner Uşaklı
4b63f9937c fix: check is banned in buildHeader 
remove unused banReason
remove generateHeader function
 2020-11-04 13:23:10 -05:00
Barış Soner Uşaklı
a338f52780 feat: #8823, remove hardcoded write concern 2020-11-04 11:10:23 -05:00
Barış Soner Uşaklı
08ff4041aa fix: missing await 2020-11-03 17:13:05 -05:00
Julian Lam
c0f699e655 fix: disallow registration attempts with password length > 4096 
This is a stopgap measure for v1.15.0
 2020-11-03 09:54:04 -05:00
Barış Soner Uşaklı
4818ec377e fix: missing await 2020-11-02 15:13:22 -05:00
Barış Soner Uşaklı
6e85920cb6 feat: allow mods/admins to see deleted posts on user profile 2020-11-02 12:03:21 -05:00
Julian Lam
87bff6cd65 fix: broken test 2020-10-30 17:17:31 -04:00
Julian Lam
dda5d42610 fix: restore old behaviour of empty json w/ 401 code in admin middleware 2020-10-30 14:07:47 -04:00
Julian Lam
15e0731dd9 fix: deprecate middleware.isAdmin 
Also, handle admin logout timer in middleware.admin.checkPrivileges
 2020-10-30 12:30:58 -04:00
Julian Lam
4439864ce0 fix: post editing not taking plugin hook results into account 2020-10-30 10:05:26 -04:00
Barış Soner Uşaklı
a02ae6f5df refactor: simpler check in user.blocks.filter 2020-10-29 22:33:28 -04:00
Barış Soner Uşaklı
27016d221c feat: rearrange buttons on manage/users 2020-10-29 13:39:08 -04:00
Julian Lam
57ed6be78b fix: #8805 define our own name for write API v3 2020-10-29 12:51:36 -04:00
Julian Lam
266d7587b2 refactor: remove usage of middlewares 
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
 2020-10-29 07:56:28 -04:00
Julian Lam
a6a52430ce fix: remove setCategorySort and setTopicSort 2020-10-28 17:21:54 -04:00
Julian Lam
aa8faf58a0 refactor: remove /users/{uid}/settings/{setting} route 
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
 2020-10-28 17:21:54 -04:00
Barış Soner Uşaklı
6ac73ccb7e feat: #8801, disable express compression by default 2020-10-27 21:40:21 -04:00
Julian Lam
3c98cd3d95 fix: topic object in post editing data return 2020-10-27 20:37:23 -04:00
Julian Lam
1392d064a1 fix(writeapi): normalizing data 2020-10-27 20:37:23 -04:00
Julian Lam
ec03af7a38 feat: allow passing subset of user settings on update route 2020-10-27 20:37:23 -04:00
Julian Lam
618e098305 fix: bug where token generation route would fail on null case 2020-10-27 20:37:23 -04:00
Julian Lam
b156b8b573 feat: wip, write api tests framework 
re-using read api tests if possible
 2020-10-27 20:37:23 -04:00