about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Reduce unwraps in u-ate and u-drank handlingVika2024-09-071-10/+10
|
* kittybox-frontend-renderer: use p-summary if availableVika2024-09-071-5/+15
|
* Introduce `Storage::update_with`Vika2024-08-284-7/+54
| | | | | | | | | This function takes a closure that modifies the post. This could be useful in maintenance utilities that scan and fixup posts. For now this isn't used anywhere within Kittybox, but once all backends implement this correctly, this could replace `Storage::update_post` calls. For supporting backends, `Storage::update_post` is implemented in terms of `Storage::update_with`.
* Check validity of Micropub updatesVika2024-08-281-6/+50
| | | | | | | | In Kittybox, Micropub updates cannot modify UIDs, since UIDs are used as a primary key. Additional constraints may be added later, and perhaps I'll add a Storage method that would check backend-specific constraints.
* kittybox-frontend-renderer: fix testsVika2024-08-281-3/+3
|
* Make Micropub update logic self-containedVika2024-08-283-35/+42
| | | | | | This allows for a separation of concerns between database backends and Micropub, unless such backend have special requirements, like the file backend storing children of a feed in an array.
* Add Last-Modified header to post pages to help heuristic cachingVika2024-08-261-0/+22
|
* Use `Cache-Control: private` whenever the user is authorizedVika2024-08-261-18/+31
|
* Explicitly allow caching IndieAuth client metadataVika2024-08-261-2/+23
| | | | | This might save a round-trip for clients that know how to cache things. Such as Kittybox's HTTP fetcher.
* Set MSRV to 1.75, remove #[async_trait] declarations whenever possibleVika2024-08-2614-100/+90
| | | | | | | Axum still uses `async_trait`, let them do whatever they want. I will no longer be subject to the humiliation of trying to dig through lifetime errors and unreadable declarations. Also I don't fucking care about MSRV, I'm not a library. If you don't have modern Rust, get one.
* Indicate `u-uid` as `rel=canonical`Vika2024-08-262-6/+6
| | | | | | | | | | | This only displays on top-level entries, not ones in feeds. This should help search indexers know which URI is the canonical for a given link. I wonder why Google doesn't bother to parse MF2 markup. Do they think themselves monarchs of the Internet, able to show peasants their place? their search results are shitty anyway, I'd rather ask GPT-2. Yes, GPT TWO. Not even 3, 4 or 4o!
* Fix kittybox-check-webmention CLI toolVika2024-08-262-109/+8
| | | | Now it uses the same code as Kittybox itself.
* Add HTTP fetcher cacheVika2024-08-2610-27/+233
| | | | | | | It just does its thing in the background, potentially speeding up things. Maybe I could also use the underlying in-memory cache implementation (Moka) to speed up my database. I heard crates.io got some good results from that.
* Appease most clippy warningsVika2024-08-2614-118/+38
| | | | | | The warnings only remain in places where I need them to remain, because I either need a reminder to implement something, or I need to refactor and simplify the code in question.
* Remove IndiewebEndpoints typeVika2024-08-261-10/+0
| | | | It was never used much anyway.
* FileStorage: appease clippy and use block_in_place for rewinding feedsVika2024-08-262-10/+15
| | | | | Using `tokio::task::block_in_place` downgrades the thread temporarily to avoid starvation.
* kittybox-indieauth: nicer Debug impl for MetadataVika2024-08-241-1/+23
| | | | Now the URLs are shown in their serialized form.
* indieauth_metadata -> indieauth-metadataVika2024-08-243-4/+4
|
* Add Caddyfile for reverse-proxying in-devVika2024-08-241-0/+9
|
* kittybox-indieauth: implement Display instead of ToStringVika2024-08-231-11/+12
|
* micropub: Suppress adding to default feeds on visibility="unlisted"Vika2024-08-231-2/+30
| | | | | | If the post has no explicit channels, normally Kittybox attempts to post to a channel that makes sense for the post type. Adding `unlisted` to `visibility` now suppresses this behavior.
* Fix private posts with no defined audience not being shown in feedsVika2024-08-232-7/+10
|
* util: implement Debug on ConfigVika2024-08-201-1/+1
|
* kittybox-util: 0.1.0 -> 0.2.0Vika2024-08-2013-168/+242
| | | | Micropub types are now more coherent and gathered in one place.
* kittybox-indieauth: switch to dep feature syntaxVika2024-08-191-1/+1
|
* kittybox-indieauth: fix failing doctestVika2024-08-181-1/+2
|
* oopsVika2024-08-181-2/+1
|
* Better match html content-typeVika2024-08-183-1/+3
|
* kittybox-indieauth-helper: ignore TLS in debug and xdg-open the pageVika2024-08-181-1/+14
|
* Parse redirect URIs from MF2 metadataVika2024-08-181-1/+3
|
* onboarding: attempt to fix the redirection bugVika2024-08-181-2/+2
|
* feat: logins!!Vika2024-08-1812-94/+530
| | | | | | | | yes you can finally sign in this is also supposed to show private posts intended for you! maybe i can also reveal my email to those who sign in! :3
* kittybox-indieauth: support transforming strings to PKCEVerifierVika2024-08-181-0/+5
| | | | for apps that can't hold state for long
* Don't log extraneous MF2 parsing dataVika2024-08-181-1/+1
|
* indieauth: Extension -> StateVika2024-08-181-10/+12
| | | | whoops
* indieauth: fix profile fetching if some properties are undeclaredVika2024-08-181-19/+23
|
* file auth backend: properly handle non-standard relative file:// urlsVika2024-08-181-4/+15
| | | | I use these in development.
* kittybox-indieauth: support OAuth2 Client MetadataVika2024-08-182-1/+115
| | | | Required for new revision of IndieAuth.
* kittybox-indieauth: separate ProfileUrl struct from GrantResponseVika2024-08-182-8/+12
| | | | Seems to be useful on its own.
* Don't verify TLS certificates when fetching things in devVika2024-08-182-1/+12
| | | | | | | When testing things, I don't test TLS verification, that's what reqwest unit tests should exist for. I test my things, and some of my things assume some form of TLS. I don't need it to be valid TLS, I need it to be TLS so I can use the `https://` links in dev.
* kittybox-frontend-renderer: add a notice to pester me on non-descriptive errorsVika2024-08-181-0/+5
|
* kittybox-frontend-renderer: fix onboarding CSS a littleVika2024-08-181-1/+4
|
* onboarding: provide official alternate onboarding flow for no-JSVika2024-08-181-0/+38
| | | | | | | | | | | | | This documents the onboarding request schema so somebody unwilling or unable to run JavaScript (why would you subject yourself to this?) is still able to use Kittybox. Since JavaScript is used to provide form interactivity and complex data structures in the onboarding flow, whoever cannot run JS will have to manually compose the onboarding request, and this will help them a little. I just need to remember to update this if the schema ever changes.
* kittybox-indieauth-helper: small cleanupsVika2024-08-181-44/+44
| | | | | | | - Properly catch IndieAuth errors when parsing grant responses - Use the new `into_query_pairs()` method to serialize the authorization request into the authorization endpoint URL - Migrate to `axum::serve` for simplicity in serving the callback hook
* Add caddy to the dev shellVika2024-08-171-2/+3
| | | | | | `caddy reverse-proxy -r --from https://localhost:8443 --to http://localhost:8080` can help meet Kittybox's security assumptions in development (and could be a good way to meet them in production too.)
* kittybox-indieauth: small code cleanupsVika2024-08-173-8/+15
|
* kittybox-indieauth: allow using custom RNGs for PKCEVika2024-08-171-1/+10
|
* kittybox-indieauth: allow using custom RNGs for stateVika2024-08-171-2/+14
|
* kittybox-indieauth: AuthorizationRequest::into_query_pairs()Vika2024-08-171-1/+37
| | | | | | | | This is a more efficient way of appending to a query string, as it avoids a needless copy and borrows most things instead. We can't really avoid copying here, since we'll need to write to the query string, but we can avoid an extra copy by borrowing most of our way through.
* kittybox-util: move out fs moduleVika2024-08-042-58/+57
|