mirrors/bookwyrm
1
0
Fork 1
mirror of https://github.com/bookwyrm-social/bookwyrm.git synced 2024-06-02 08:39:51 +00:00
Code Issues Projects Releases Wiki Activity
7719 commits 13 branches 35 tags 115 MiB
Commit graph

7719 commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mouse Reeve ccf091e42d
Merge pull request #2330 from bookwyrm-social/import-admin-table 
Adds more fields to import admin table and ticks version
 2022-11-03 11:49:57 -07:00
Mouse Reeve 40e9428b49 Adds more fields to import admin table and ticks version 2022-11-03 11:30:43 -07:00
Mouse Reeve 3f2f718878
Merge pull request #2329 from bookwyrm-social/import-admin-fixes 
Import admin fixes
 2022-11-03 11:06:29 -07:00
Mouse Reeve 14e61fa32d Adds extremely basic tests file 2022-11-03 10:55:21 -07:00
Mouse Reeve 0ba4dbbc6f Fixes pagination and user links on import admin 2022-11-03 10:54:59 -07:00
Mouse Reeve 91b935bc0a
Merge pull request #2327 from bookwyrm-social/imports-admin 
Imports admin
 2022-11-01 20:53:58 -07:00
Mouse Reeve 5af195de58 Python formatting 2022-11-01 20:43:27 -07:00
Mouse Reeve a8424f61f2 Mark imports as complete 
This will let the user debug the import, and should only be used when
the import is in a bad state (marked as incomplete but with no pending
tasks)
 2022-11-01 19:26:23 -07:00
Mouse Reeve 6eab1fdd6d Adds import admin view 2022-11-01 19:05:51 -07:00
Mouse Reeve 61c2d2a36a Use elided page range on user admin view 2022-11-01 18:45:21 -07:00
Mouse Reeve 641fc325b4
Merge pull request #2326 from bookwyrm-social/synchronous-confirmation-emails 
Send confirmation emails directly, rather than with celery
 2022-11-01 18:43:53 -07:00
Mouse Reeve 881d5682e3 Updates test mock 2022-11-01 18:20:56 -07:00
Mouse Reeve c16155aa41
Merge pull request #2325 from bookwyrm-social/author-page-editions 
Only show editions with the author on the author page
 2022-11-01 18:18:58 -07:00
Mouse Reeve 40ead41176 Fixes rate limiter 2022-11-01 18:17:37 -07:00
Mouse Reeve 1c949a5d71 Send confirmation emails directly, rather than with celery 
Whenver bookwyrm has an influx of new users, celery gets delayed and
the emails don't get sent out promptly, which causes people to first
resend the email multiple times, and then to email me, both of which
just create more work and confusion for everyone involved.
 2022-11-01 18:08:45 -07:00
Mouse Reeve 553f170f89 Only show editions with the author on the author page 2022-11-01 18:04:27 -07:00
Mouse Reeve 43202f5bb7
Merge pull request #2322 from obrenckle/menus_overlap 
Close dropdown menu when opening one of its modal
 2022-11-01 17:15:00 -07:00
Olivier Brencklé cfaec434c0 🚸 Close dropdown when opening modal item 2022-10-28 13:15:53 +02:00
Olivier Brencklé 474b78dad2 💄 Set dropdown menu below modals on mobile 2022-10-24 19:34:25 +02:00
Mouse Reeve 54a056f582
Merge pull request #2321 from bookwyrm-social/dependabot/pip/django-3.2.16 
Bump django from 3.2.15 to 3.2.16
 2022-10-21 14:14:21 -07:00
Mouse Reeve 2a0a67de5f Adds 2fa locales 2022-10-21 14:13:14 -07:00
Mouse Reeve 62a34c42a3
Merge branch 'main' into dependabot/pip/django-3.2.16 2022-10-20 20:57:05 -07:00
Mouse Reeve eb07deadf2
Merge pull request #2320 from bookwyrm-social/announcement-size 
Remove extra whitespace in announcements
 2022-10-20 20:56:52 -07:00
Mouse Reeve 6fb21b9e4b Disable wayward stylelint error 2022-10-20 20:44:27 -07:00
dependabot[bot] 09446def54
Bump django from 3.2.15 to 3.2.16 
Bumps [django](https://github.com/django/django) from 3.2.15 to 3.2.16.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.15...3.2.16)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-21 03:40:27 +00:00
Mouse Reeve c375e842ad
Merge pull request #2294 from hughrun/otp 
Enable optional 2FA
 2022-10-20 20:40:00 -07:00
Mouse Reeve b81a5faff7 Remove extra whitespace in announcements 2022-10-20 07:45:53 -07:00
Hugh Rundle 3d95916b55 handle 2fa user exception properly 2022-10-15 07:47:20 +11:00
Hugh Rundle 32e4f7718e pylint is being pedantic 2022-10-15 07:47:20 +11:00
Hugh Rundle cf1fae6af8 return Bad Request if 2fa user does not exist 2022-10-15 07:47:20 +11:00
Hugh Rundle 905aa66f38 add test_post_login_with_2fa 2022-10-15 07:47:20 +11:00
Hugh Rundle a1c3f15d80 remove unused import 2022-10-15 07:47:20 +11:00
Hugh Rundle f55adbadf4 fix 2fa tests 2022-10-15 07:47:20 +11:00
Hugh Rundle cffbf82ddb DRY footer for 2FA pages 2022-10-15 07:47:20 +11:00
Hugh Rundle f3768c3d92 code formatting fix 2022-10-15 07:47:20 +11:00
Hugh Rundle 79b04c2240 various 2fa improvements 
- cleaner code
- use TWO_FACTOR_LOGIN_MAX_SECONDS instead of hardcoded number
- render qrcode properly
- use nginx to rate limit login attempts
- do not throw error if session user is undefined
 2022-10-15 07:47:20 +11:00
Hugh Rundle aefc7a23bc fix 2fa templates 
- translate all strings
- do not embed svg element inside svg element
- fix sizing of input for confirming 2fa setup
 2022-10-15 07:47:20 +11:00
Hugh Rundle e1513bf98d amend nginx rate limiting urls 2022-10-15 07:47:20 +11:00
Hugh Rundle da613c9b26 ugh forgot to run black 2022-10-15 07:47:20 +11:00
Hugh Rundle fda150fa0d resolve migration conflict 2022-10-15 07:47:20 +11:00
Hugh Rundle 119b4bf2ff clean up tests 
- remove unnecessary crap
- add missing tests
 2022-10-15 07:47:20 +11:00
Hugh Rundle 9d36722783 code formatting 2022-10-15 07:47:20 +11:00
Hugh Rundle b63d4bec60 add tests for 2fa 2022-10-15 07:47:20 +11:00
Hugh Rundle 28329c1781 use string for datetime in session 
It seemed to work when testing manually, but both pytest and the django documentation indicate that you can't pass datetimes around as session values.
 2022-10-15 07:47:20 +11:00
Hugh Rundle e1b1bb20dc make password field less goofy in 2fa screen 2022-10-15 07:47:20 +11:00
Hugh Rundle 9b74c26742 backup codes 
- add hotp_secret to user model
- view to create backup codes in user prefs
- check backup code if otp doesn't work
- increment hotp count if used
- show correct errors if code wrong
 2022-10-15 07:47:20 +11:00
Hugh Rundle 9616abb6bd clean up 2fa prompt page 2022-10-15 07:47:20 +11:00
Hugh Rundle 5b244f06d6 fix error messages when setting up 2FA 2022-10-15 07:47:20 +11:00
Hugh Rundle 6db4fb39ed improve security and fix error msg 
- Instead of passing the user as a hidden form element, we use a session variable.
- Introduces a 60 second limit on completing the login, and an exponentially increasing delay to attempt to login with 2FA if the code is entered incorrectly.
- use proper Django form error when incorrect otp value entered
 2022-10-15 07:47:20 +11:00
Hugh Rundle 9d12b7caff make pylint stop grumbling 2022-10-15 07:47:20 +11:00