about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Remove IndiewebEndpoints typeVika2024-08-261-10/+0
| | | | It was never used much anyway.
* FileStorage: appease clippy and use block_in_place for rewinding feedsVika2024-08-262-10/+15
| | | | | Using `tokio::task::block_in_place` downgrades the thread temporarily to avoid starvation.
* kittybox-indieauth: nicer Debug impl for MetadataVika2024-08-241-1/+23
| | | | Now the URLs are shown in their serialized form.
* indieauth_metadata -> indieauth-metadataVika2024-08-243-4/+4
|
* Add Caddyfile for reverse-proxying in-devVika2024-08-241-0/+9
|
* kittybox-indieauth: implement Display instead of ToStringVika2024-08-231-11/+12
|
* micropub: Suppress adding to default feeds on visibility="unlisted"Vika2024-08-231-2/+30
| | | | | | If the post has no explicit channels, normally Kittybox attempts to post to a channel that makes sense for the post type. Adding `unlisted` to `visibility` now suppresses this behavior.
* Fix private posts with no defined audience not being shown in feedsVika2024-08-232-7/+10
|
* util: implement Debug on ConfigVika2024-08-201-1/+1
|
* kittybox-util: 0.1.0 -> 0.2.0Vika2024-08-2013-168/+242
| | | | Micropub types are now more coherent and gathered in one place.
* kittybox-indieauth: switch to dep feature syntaxVika2024-08-191-1/+1
|
* kittybox-indieauth: fix failing doctestVika2024-08-181-1/+2
|
* oopsVika2024-08-181-2/+1
|
* Better match html content-typeVika2024-08-183-1/+3
|
* kittybox-indieauth-helper: ignore TLS in debug and xdg-open the pageVika2024-08-181-1/+14
|
* Parse redirect URIs from MF2 metadataVika2024-08-181-1/+3
|
* onboarding: attempt to fix the redirection bugVika2024-08-181-2/+2
|
* feat: logins!!Vika2024-08-1812-94/+530
| | | | | | | | yes you can finally sign in this is also supposed to show private posts intended for you! maybe i can also reveal my email to those who sign in! :3
* kittybox-indieauth: support transforming strings to PKCEVerifierVika2024-08-181-0/+5
| | | | for apps that can't hold state for long
* Don't log extraneous MF2 parsing dataVika2024-08-181-1/+1
|
* indieauth: Extension -> StateVika2024-08-181-10/+12
| | | | whoops
* indieauth: fix profile fetching if some properties are undeclaredVika2024-08-181-19/+23
|
* file auth backend: properly handle non-standard relative file:// urlsVika2024-08-181-4/+15
| | | | I use these in development.
* kittybox-indieauth: support OAuth2 Client MetadataVika2024-08-182-1/+115
| | | | Required for new revision of IndieAuth.
* kittybox-indieauth: separate ProfileUrl struct from GrantResponseVika2024-08-182-8/+12
| | | | Seems to be useful on its own.
* Don't verify TLS certificates when fetching things in devVika2024-08-182-1/+12
| | | | | | | When testing things, I don't test TLS verification, that's what reqwest unit tests should exist for. I test my things, and some of my things assume some form of TLS. I don't need it to be valid TLS, I need it to be TLS so I can use the `https://` links in dev.
* kittybox-frontend-renderer: add a notice to pester me on non-descriptive errorsVika2024-08-181-0/+5
|
* kittybox-frontend-renderer: fix onboarding CSS a littleVika2024-08-181-1/+4
|
* onboarding: provide official alternate onboarding flow for no-JSVika2024-08-181-0/+38
| | | | | | | | | | | | | This documents the onboarding request schema so somebody unwilling or unable to run JavaScript (why would you subject yourself to this?) is still able to use Kittybox. Since JavaScript is used to provide form interactivity and complex data structures in the onboarding flow, whoever cannot run JS will have to manually compose the onboarding request, and this will help them a little. I just need to remember to update this if the schema ever changes.
* kittybox-indieauth-helper: small cleanupsVika2024-08-181-44/+44
| | | | | | | - Properly catch IndieAuth errors when parsing grant responses - Use the new `into_query_pairs()` method to serialize the authorization request into the authorization endpoint URL - Migrate to `axum::serve` for simplicity in serving the callback hook
* Add caddy to the dev shellVika2024-08-171-2/+3
| | | | | | `caddy reverse-proxy -r --from https://localhost:8443 --to http://localhost:8080` can help meet Kittybox's security assumptions in development (and could be a good way to meet them in production too.)
* kittybox-indieauth: small code cleanupsVika2024-08-173-8/+15
|
* kittybox-indieauth: allow using custom RNGs for PKCEVika2024-08-171-1/+10
|
* kittybox-indieauth: allow using custom RNGs for stateVika2024-08-171-2/+14
|
* kittybox-indieauth: AuthorizationRequest::into_query_pairs()Vika2024-08-171-1/+37
| | | | | | | | This is a more efficient way of appending to a query string, as it avoids a needless copy and borrows most things instead. We can't really avoid copying here, since we'll need to write to the query string, but we can avoid an extra copy by borrowing most of our way through.
* kittybox-util: move out fs moduleVika2024-08-042-58/+57
|
* flake.lock: UpdateVika2024-08-031-3/+3
| | | | | | | | Flake lock file updates: • Updated input 'nixpkgs': 'github:nixos/nixpkgs/9f4128e00b0ae8ec65918efeba59db998750ead6' (2024-07-03) → 'github:nixos/nixpkgs/9f918d616c5321ad374ae6cb5ea89c9e04bf3e58' (2024-07-31)
* Migrate from naersk to craneVika2024-08-033-57/+84
| | | | | Naersk has been creating problems for me, and crane seems better maintained.
* kittybox-html: raise recursion limit to 512Vika2024-08-022-0/+2
| | | | I'm not sure why this is required.
* Upgrade dependencies and fix deprecated functionalityVika2024-08-0217-760/+1442
| | | | | | | I think I managed to not lose any functionality from my dependencies. sqlparser remains unupgraded, but that's mostly because it is only used in one example and it's not worth it to upgrade right now.
* cargo updateVika2024-08-011-900/+871
|
* Get cookie key from the environmentVika2024-08-015-4/+18
|
* Move Kittybox router composition into the libraryVika2024-08-012-53/+51
| | | | | | | | Since Kittybox router composition is entirely generic, we can move it into the library. I feel like I could also split database types into their own crates, too.
* Simplify jobset creation a littleVika2024-08-011-1/+2
|
* Migrate from axum::Extension to axum::extract::StateVika2024-08-019-372/+378
| | | | | This somehow allowed me to shrink the construction phase of Kittybox by a huge amount of code.
* treewide: create a common method for state initializationVika2024-08-0110-65/+53
| | | | | Now the database objects can be uniformly created from a URI. They can also optionally do sanity checks and one-time initialization.
* indieauth: remove unnecessary cloning of MF2 itemsVika2024-08-011-5/+11
| | | | | | | | | Per clippy suggestion. While they're behind a reference counter, and thus cloning is cheap, we can avoid increasing the reference counter by borrowing here. Also now the code is a bit prettier.
* Start working on login functionalityVika2024-07-096-3/+57
|
* database: use Url to represent user authoritiesVika2024-07-098-91/+93
| | | | This makes the interface more consistent and resistant to misuse.
* kittybox-indieauth: 0.1.0 -> 0.2.0Vika2024-07-097-14/+119
| | | | | | | | | Added fundamental AutoAuth types. This library can now be used to augment existing authorization and token endpoints with AutoAuth capabilities. See https://github.com/sknebel/AutoAuth/blob/master/AutoAuth.md for the latest spec draft.