about summary refs log tree commit diff
path: root/kittybox-rs/src
Commit message (Collapse)AuthorAgeFilesLines
* database/memory: cleaner update_post implementationVika2023-07-091-1/+70
| | | | | | | | | | | | This one manages to avoid extraneous allocations as much as possible, by deconstructing the update into pieces and using a mutable reference taken directly from the hashmap in which the posts are stored. Now if only this hashmap were to be serialized on Drop, we could even have persistence in the database and therefore gain another backend that requires no dependencies to run, just like FileStorage, but avoids extraneous file access (or maybe shunts it into the background?)
* frontend: filter out privacy-sensitive information from postsVika2023-07-091-2/+124
| | | | | This was the job of the database before. Now the frontend should do it before passing the post to the templates.
* database{,/file}: clean up code, add documentation and loggingVika2023-07-092-206/+215
| | | | | | | | | | | | `filter_post` is now out of here and moved into the frontend. This kind of non-intrusive filtering can be done on the frontend, and the database need not concern itself with this. It can still be done as an optimisation... probably? but the frontend is going to sanitize things like location in the post by itself now, so it is not required anymore (and might be harmful, if frontend starts indicating that there are some hidden fields by replacing them with placeholders that ask one to log in to view information).
* fixup! database: add add_to_feed and remove_from_feedVika2023-07-081-2/+2
|
* onboarding: fix improper usage of the put_post APIVika2023-07-081-1/+5
|
* micropub: use the new, better typed updates internallyVika2023-07-014-172/+53
|
* Better Micropub update object typingVika2023-06-221-4/+13
|
* database: more realistic pagination testVika2023-06-221-1/+7
| | | | | | We insert published time into all objects anyway, and expect feeds to be ordered by publishing time. We should let databases rely on that assumption when returning feeds.
* database: add add_to_feed and remove_from_feedVika2023-06-222-2/+9
| | | | | Some database backends may have optimized ways of tracking feed contents. Others might just use the "children" property directly.
* database: use domains instead of authorities as owner keyVika2023-06-225-41/+65
| | | | | This allows disregarding http/https comparisons and simplifies some database designs.
* database: introduce read_feed_with_cursorVika2023-06-224-9/+39
| | | | | read_feed_with_cursor allows using an arbitrary string as a cursor, unlike read_feed_with_limit, which uses last post's UID as a cursor.
* StorageError: use std::borrow::Cow for msg fieldVika2023-06-223-21/+36
| | | | | This allows avoiding an unnecessary allocation whenever the error message is static.
* main: refactor Kittybox constructionVika2023-06-225-192/+204
| | | | | | This allows proper separation of backend initialization and Kittybox construction code. Some boilerplate is still present, but there's much less of it now thanks to functions being generic.
* Notes on how to replace lazy_static! with a LazyCellVika2023-06-151-0/+6
| | | | should've been a LazyLock tho
* Smallish code tweaksVika2023-06-151-1/+3
| | | | | | - cleaner format!() - syndication links - broke up a long line
* Add support for the IndieWeb Webring πŸ•ΈπŸ’Vika2023-06-153-1/+29
| | | | Optional at first. Onboarding UI not yet exposed.
* Database: use newtypes to represent settingsVika2023-06-155-57/+113
| | | | This allows much for a cleaner and idiomatic settings interface.
* tempfile -> tempdir, remove mockitoVika2023-02-272-3/+3
|
* Clarity improvementsVika2023-02-272-2/+3
|
* media: get rid of an extraneous Arc over BytesVika2022-11-071-5/+9
| | | | | Bytes buffers are already reference-counted and cheaply clonable; there is no need to wrap them further.
* indieauth: parse application metadataVika2022-10-243-30/+82
|
* media: implement file range requests for backendsVika2022-10-142-16/+274
| | | | | | | For now it is not yet exposed on the frontend, but that is merely a matter of time. TODO possibly remove the legacy methods, since they're obsoleted
* templates: move static assets to the templates crateVika2022-10-076-279/+10
| | | | | | | | | | | | It makes more sense to keep CSS near the templates, and the client-side JavaScript code too, since it depends on the DOM structure to work. Additionally, the overhead of `include_dir!()` is almost completely mitigated by the fact that this is a separate crate that isn't recompiled often. The linking stage, however, is still expected to take a little bit long. But I doubt it'd be longer than what it was before, since it's the same exact files that get linked into the app.
* media: Use ETag and If-None-MatchVika2022-10-043-4/+38
| | | | | | | | | | | | | | | | | | | | Note: this requires a reindex of the media database. For the default CAS backend, use the following: ```bash for i in */*/*/*/*.json; do etag="$(echo $i | sed -e 's/\///g' -e 's/\.json$//')"; mv "$i" "$i.bak" cat "$i.bak" | jq '. + { "etag": '\""$etag"\"'}' > "$i" rm "$i.bak" done ``` This change is backwards compatible, but caching headers won't be emitted without etags present in the metadata. Actual etags are backend-specific and might differ from backend to backend.
* LibreJS compatibilityVika2022-10-031-0/+3
| | | | | | I don't know how worthwhile that was, given that LibreJS developers themselves don't care to properly declare licenses on the Bazaar frontend they use to host the extension's source code on the Web 🀑
* companion-lite: rewrite to use IndieAuthVika2022-10-022-1/+6
| | | | | This is a naive implementation that doesn't have some security checks. It's ok tho, should work fine... can refine it later
* companion-lite: port to TypeScriptVika2022-09-292-5/+14
|
* Switch to TypeScriptVika2022-09-283-196/+2
| | | | | | | | This neccesitates installing TypeScript to build Kittybox, but thankfully Nix actually takes care of that. Build Kittybox with Nix and you won't have problems. Also now I can safely do stuff.
* fix param name for media endpointVika2022-09-281-1/+1
| | | | AAAAAAAAAAAAAAAAAAAAAAAAA
* Use tokens from the auth backend to authenticate for MicropubVika2022-09-287-120/+196
|
* Fix some clippy errorsVika2022-09-281-0/+3
|
* indieauth: add "token_type" and "scope" to token grant responseVika2022-09-281-1/+5
| | | | | | | It looks like some badly-behaved apps require "scope" even though it is optional according to OAuth2. Additionally, both of these fields are not present in the IndieAuth spec (this is an error in the spec, tracked here: https://github.com/indieweb/indieauth/issues/116
* frontend: fix indieauth page crashing if no scopes requestedVika2022-09-201-1/+1
| | | | JavaScript is a hellpit i want out of it please help me
* Make webauthn and openssl optionalVika2022-09-193-7/+34
|
* Small optimizations to frontend codeVika2022-09-192-27/+38
| | | | | | There is a possibility of refactoring some of the companion code to act as a generic embedded asset framework and put it in the `util` crate.
* feat: indieauth supportVika2022-09-1910-161/+1271
| | | | | | | | | | Working: - Tokens and codes - Authenticating with a password Not working: - Setting the password (need to patch onboarding) - WebAuthn (the JavaScript is too complicated)
* NixOS module fixes and temporary fixes to the legacy configurationVika2022-08-131-36/+7
|
* tokenauth: migrate tests to WiremockVika2022-08-131-54/+45
| | | | Wiremock doesn't require external C dependencies.
* kittybox-templates: split out MF2 rendering and get rid of log crateVika2022-07-276-16/+6
| | | | | Kittybox now uses tracing instead of log. Why would I keep an unneccesary dependency in my Cargo.lock?
* indieauth: replace numerous placeholders in the prototypeVika2022-07-271-25/+150
| | | | | | Fetching profiles is now fully implemented. The only missing pieces are the frontend template and the persistent store for tokens and codes.
* FileStorage: save memory by taking children instead of cloningVika2022-07-231-16/+22
|
* kittybox-indieauth: axum helpers for responsesVika2022-07-221-13/+13
| | | | Some responses need to set Cache-Control and Pragma: no-cache headers according to RFC 6749.
* media: improve Metadata typingVika2022-07-213-14/+24
| | | | | | | | | | | | | content_type is now optional; if not specified, it will remain empty. `application/octet-stream` will be put on read in the frontend. Length is now represented as NonZeroUsize - why would you upload a zero-byte file when you can just conjure one from the void whenever you need one? This should save me a little bit of memory. Representing content_type as a typed MIME value would be the next logical step.
* media: fix small files not being saved to disk properlyVika2022-07-191-11/+21
| | | | | It turns out that BufWriter requires calling `flush()` manually and doesn't do it on `drop()`. I forgot about that.
* indieauth: Indicate refresh token grant as supportedVika2022-07-191-1/+1
|
* kittybox-indieauth: convert Error into axum::response::ResponseVika2022-07-191-22/+22
| | | | | | This requires the `axum` feature to be enabled, to prevent unwanted dependencies (e.g. in client apps or when using a different framework, since the library doesn't concern itself with I/O)
* indieauth: improve security checksVika2022-07-191-2/+29
| | | | | Client ID and the redirect URI must match those that were used to create the grant.
* Implement /.well-known/oauth-authorization-serverVika2022-07-192-24/+39
| | | | | This may help non-IndieAuth-aware clients to integrate better into the flow.
* kittybox-indieauth: improve docs and the Error typeVika2022-07-191-14/+60
| | | | | | | `kittybox_indieauth::Error` now represents errors in the IndieAuth process itself. `IndieAuthError` got renamed to `ResourceErrorKind` to reflect errors that a resource server (i.e. IndieAuth consumer) might return to a client who somehow didn't authorize themselves properly.
* Catch panics on requestsVika2022-07-191-3/+4
| | | | | | | | | This will allow to display a prettier error page in the future. There is a possibility of instantiating the panic handler per-module to allow for custom panic messages expressed in the same form the module itself gives error messages (e.g. pretty HTML for frontend, MicropubError for Micropub messages etc.)