about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Add test password hasherVika2022-09-191-0/+33
|
* Small optimizations to frontend codeVika2022-09-192-27/+38
| | | | | | There is a possibility of refactoring some of the companion code to act as a generic embedded asset framework and put it in the `util` crate.
* feat: indieauth supportVika2022-09-1921-204/+2244
| | | | | | | | | | Working: - Tokens and codes - Authenticating with a password Not working: - Setting the password (need to patch onboarding) - WebAuthn (the JavaScript is too complicated)
* kittybox-indieauth: Allow converting more types to/from stringsVika2022-09-193-0/+41
| | | | | Sometimes it is needed, for example, to construct an HTML form pre-filled with the request data.
* NixOS module fixes and temporary fixes to the legacy configurationVika2022-08-134-64/+26
|
* Add a placeholder template for the authorization request pageVika2022-08-131-0/+7
|
* tokenauth: migrate tests to WiremockVika2022-08-135-661/+130
| | | | Wiremock doesn't require external C dependencies.
* fix flake not reloadingVika2022-08-072-3/+3
|
* kittybox-templates: split out MF2 rendering and get rid of log crateVika2022-07-2712-975/+513
| | | | | Kittybox now uses tracing instead of log. Why would I keep an unneccesary dependency in my Cargo.lock?
* indieauth: replace numerous placeholders in the prototypeVika2022-07-272-28/+156
| | | | | | Fetching profiles is now fully implemented. The only missing pieces are the frontend template and the persistent store for tokens and codes.
* FileStorage: save memory by taking children instead of cloningVika2022-07-231-16/+22
|
* kittybox-indieauth: fix AuthorizationRequest doctestVika2022-07-221-2/+3
|
* kittybox-indieauth: document the entire crateVika2022-07-223-23/+333
| | | | I am procrastinating very hard right now.
* kittybox-indieauth: axum helpers for responsesVika2022-07-222-13/+53
| | | | Some responses need to set Cache-Control and Pragma: no-cache headers according to RFC 6749.
* media: improve Metadata typingVika2022-07-213-14/+24
| | | | | | | | | | | | | content_type is now optional; if not specified, it will remain empty. `application/octet-stream` will be put on read in the frontend. Length is now represented as NonZeroUsize - why would you upload a zero-byte file when you can just conjure one from the void whenever you need one? This should save me a little bit of memory. Representing content_type as a typed MIME value would be the next logical step.
* .gitignore build artifacts and test dataVika2022-07-191-2/+3
|
* media: fix small files not being saved to disk properlyVika2022-07-193-11/+46
| | | | | It turns out that BufWriter requires calling `flush()` manually and doesn't do it on `drop()`. I forgot about that.
* indieauth: Indicate refresh token grant as supportedVika2022-07-191-1/+1
|
* kittybox-indieauth: convert Error into axum::response::ResponseVika2022-07-195-22/+52
| | | | | | This requires the `axum` feature to be enabled, to prevent unwanted dependencies (e.g. in client apps or when using a different framework, since the library doesn't concern itself with I/O)
* indieauth: improve security checksVika2022-07-191-2/+29
| | | | | Client ID and the redirect URI must match those that were used to create the grant.
* Implement /.well-known/oauth-authorization-serverVika2022-07-192-24/+39
| | | | | This may help non-IndieAuth-aware clients to integrate better into the flow.
* kittybox-indieauth: improve docs and the Error typeVika2022-07-193-36/+157
| | | | | | | `kittybox_indieauth::Error` now represents errors in the IndieAuth process itself. `IndieAuthError` got renamed to `ResourceErrorKind` to reflect errors that a resource server (i.e. IndieAuth consumer) might return to a client who somehow didn't authorize themselves properly.
* Catch panics on requestsVika2022-07-192-4/+5
| | | | | | | | | This will allow to display a prettier error page in the future. There is a possibility of instantiating the panic handler per-module to allow for custom panic messages expressed in the same form the module itself gives error messages (e.g. pretty HTML for frontend, MicropubError for Micropub messages etc.)
* PoC for modularity and WIP built-in Micropub client reworkVika2022-07-1510-244/+402
| | | | | | | | | | | | | | | | | | | | | | | | | This is the living, breathing proof that Kittybox can be split into independent components without sacrificing any functionality. Just make sure all neccesary backing storage components are available to the modules that need them. Also the Micropub client was split into several files, because it's about to get much bigger and more full-featured. Yes, I am going to write it in vanilla JavaScript. I don't trust anything from NPM to run on my computer. Not anymore. Not after the node-ipc malware fiasco. And I am definitely not going to spin up a VM or a Docker container (who uses Docker containers as a security measure?) to hack on my own code. Cargo can at least be sandboxed inside Nix, where it can't do much harm. NPM basically requires unrestricted network access to download dependencies, and it runs arbitrary code upon **downloading** them. Cargo and rust-analyzer, on the other hand, can be configured to not trust the source code and its dependencies (for example, Cargo doesn't execute code on fetching dependencies - only on building, and rust-analyzer's proc-macro expansion support can be sacrificed for more security).
* README.md: Update according to current project statusVika2022-07-151-7/+6
|
* WIP: IndieAuth progressVika2022-07-155-4/+398
| | | | | | | | | | | | - Some kittybox-indieauth crate bugs were fixed - Things should mostly work... - ...if you somehow supply your own backend store - YES I MADE IT MODULAR AGAIN - NO I AM NOT SORRY - YOU WILL THANK ME LATER - DO NOT DENY THE HEAVENLY GIFT OF GENERICS IN RUST - Retrieving profiles doesn't work for now because I am unsure how to implement it best
* Add enum for requests that the authorization endpoint may encounterVika2022-07-151-1/+8
| | | | | | Really, it should be `Either<AuthorizationRequest, GrantRequest>` but either serde or axum got iffy about me deserializing it from a form. Not sure which one.
* kittybox-indieauth: add From impls for TokenIntrospectionResponseVika2022-07-151-0/+16
| | | | | | | | | This makes converting Option<TokenData> into a response and vice versa a breeze, and hide the complexity of TokenIntrospectionResponse forced upon this library by the IndieAuth standard. Really, this type should've been represented as Option<TokenData>, I just don't know how to add the "active" field to it properly.
* media: buffer disk I/O and add debug loggingVika2022-07-142-11/+36
| | | | It looks like buffering reads can double my performance. Nice.
* kittybox-indieauth: improve types and make more of them publicVika2022-07-105-15/+51
|
* kittybox-indieauth: implement FromStr for ScopesVika2022-07-101-3/+12
|
* media: fix failing testVika2022-07-101-1/+1
|
* Security bugfix: fix Scopes::has_all() incorrectly checking scopesVika2022-07-101-2/+15
| | | | | Turns out it was comparing the list of required scopes with **itself**. Oops, that's a major security issue.
* kittybox-indieauth: initVika2022-07-106-2/+535
| | | | | | | | | | This crate is the base framework-agnostic implementation of all data structures and methods required for IndieAuth protocol. Anything that can deserialize HTTP request payloads with serde can utilize this crate. This is a good candidate to independently release on crates.io when the interface becomes stable enough.
* database: use .path().to_path_buf() to prevent dropping the tempdirVika2022-07-101-1/+3
| | | | | I'm afraid this might've caused me to do some weird stuff with the tempdir. Better do it like this.
* micropub: handle invalid/empty query properlyVika2022-07-101-6/+16
| | | | On query parsing error, this will return a MicropubError.
* micropub: move MicropubError into kittybox-utilVika2022-07-106-87/+112
| | | | | Looks like this shared data structure will be useful to me later when splitting off the media endpoint into its own crate.
* indieauth: rename to tokenauthVika2022-07-107-12/+12
| | | | | | | | | | | | This frees up the name for the future in-house IndieAuth implementation and also clarifies the purpose of this module. Its future is uncertain - most probably when the token endpoint gets finished, it will transform into a way to query that token endpoint. But then, the media endpoint also depends on it, so I might have to copy that implementation (that queries an external token endpoint) and make it generic enough so I could both query an external endpoint or use internal data.
* media: media endpoint PoCVika2022-07-108-154/+350
| | | | | | | | | | Supported features: - Streaming upload - Content-addressed storage - Metadata - MIME type (taken from Content-Type) - Length (I could use stat() for this one tho) - filename (for Content-Disposition: attachment, WIP)
* .envrc: watch shell.nix for changesVika2022-07-071-0/+1
|
* .envrc: update nix-direnv install invocationVika2022-07-071-3/+6
|
* Add rustfmt to shell.nixVika2022-07-071-2/+2
|
* format using rustfmtVika2022-07-0712-202/+228
|
* treewide: rewrite using AxumVika2022-07-0718-2859/+2075
| | | | | | | | | | | | | | Axum has streaming bodies and allows to write simpler code. It also helps enforce stronger types and looks much more neat. This allows me to progress on the media endpoint and add streaming reads and writes to the MediaStore trait. Metrics are temporarily not implemented. Everything else was preserved, and the tests still pass, after adjusting for new calling conventions. TODO: create method routers for protocol endpoints
* flake.lock: UpdateVika2022-07-071-9/+9
| | | | | | | | | | | | | | Flake lock file updates: • Updated input 'flake-utils': 'github:numtide/flake-utils/f7e004a55b120c02ecb6219596820fcd32ca8772' (2021-06-16) → 'github:numtide/flake-utils/7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249' (2022-07-04) • Updated input 'naersk': 'github:nmattia/naersk/f21309b38e1da0d61b881b6b6d41b81c1aed4e1d' (2022-05-03) → 'github:nmattia/naersk/cddffb5aa211f50c4b8750adbec0bbbdfb26bb9f' (2022-06-12) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/dfd82985c273aac6eced03625f454b334daae2e8' (2022-05-20) → 'github:nixos/nixpkgs/71a4f0dc3d80ba76f437c888c1c3d59f1df98163' (2022-07-05)
* feat: group endpoints under `.kittybox`Vika2022-06-026-74/+57
| | | | | Actually got the idea from https://xeiaso.net/, who groups xer website's endpoints under the `.within` folder.
* direnv: move .envrc to kittybox-rsVika2022-05-281-0/+0
|
* frontend: fix onboarding sending the request to the wrong placeVika2022-05-261-2/+2
|
* flake.nix: move the devShell into its own fileVika2022-05-262-13/+20
|
* Remove redundant naersk-lib overrideVika2022-05-262-6/+5
|