about summary refs log tree commit diff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* indieauth/require_token(): reject with 401 when no headerVika2022-02-211-2/+34
|
* database/memory: restore, it is useful in test scenariosVika2022-02-212-0/+198
|
* database: code cleanupVika2022-02-212-48/+29
|
* database/file: use Authority instead of origin for directoriesVika2022-02-211-4/+4
|
* Add a module for IndieAuth bearer token authVika2022-02-212-207/+249
| | | | | | | | | | | | | require_token() uses a token endpoint URI and an HTTP client to query the token endpoint and return a User object if the user was authorized, or rejecting with IndieAuthError if not. It is recommended to use recover() and catch the IndieAuthError at the application level to show a "not authorized" error message to the user. This function is more intended for API consumption, but is general enough to permit using in other scenarios. TODO: make a variant that returns Option<User> instead of rejecting
* WIP: convert to Tokio and WarpVika2022-02-156-212/+416
| | | | | | | | | | | Warp allows requests to be applied as "filters", allowing to flexibly split up logic and have it work in a functional style, similar to pipes. Tokio is just an alternative runtime. I thought that maybe switching runtimes and refactoring the code might allow me to fish out that pesky bug with the whole application hanging after a certain amount of requests...
* FileBackend: introduce timeouts on operationsVika2021-12-311-34/+51
| | | | | | This is to prevent spinning in a loop waiting for a lock. This hangs often, though I suspect this should have been fixed in the previous commit.
* FileBackend: don't transfer locks over async boundariesVika2021-12-311-169/+188
| | | | | | | This may or may not be the cause for the app hanging while waiting for a lock. Now the operations with locks are never performed over an async boundary, excluding any shenanigans that can happen when accidentally leaving a file locked over async boundaries.
* Display pretty links in case there is more than one URL in a postVika2021-12-072-6/+22
|
* Migrate to Rust 2021Vika2021-12-072-24/+24
|
* Add protected locations that are visible only to logged-in usersVika2021-12-071-1/+3
|
* Small fixes for code block and vcard avatar CSSVika2021-12-071-0/+8
|
* Add indicators on private postsVika2021-12-071-0/+5
|
* Make rustfmt and clippy happyVika2021-12-069-119/+184
|
* Added support for IndieAuth client sign inVika2021-12-067-17/+387
| | | | | | | This will allow readers to view private posts intended just for them. Additionally fixed bugs in patterns due to which webmentions might not have been sent.
* Debug JSON renderer for postsVika2021-12-051-0/+12
| | | | Because sometimes seeing the problem is better than searching for it.
* Code cleanup and small bugfixing in templatesVika2021-12-0510-141/+252
|
* Added author mini-cards on h-entriesVika2021-12-053-41/+100
|
* frontend: Added listing feeds to the header barVika2021-12-055-16/+23
|
* Make the default feeds' UIDs pretty!Vika2021-12-051-5/+5
|
* Finally finish the migration toolVika2021-12-021-19/+25
| | | | | | | | | | It works. Launch it using the "kittybox-database-converter" command. First argument should be the old database URI, second should be the new one. It will migrate the DB for you. If you're doing this on a test machine, you can then migrate the database to production using `rsync -rl` to preserve symbolic links created by Kittybox's database backend.
* Get rid of the unsafe codeVika2021-12-021-7/+4
| | | | | | Thanks to @Kloenk I was able to get rid of the unsafety and tell the compiler how to properly check what I needed for the StorageError to be declared thread-safe.
* Deprecated Redis backend and added a database migration tool (untested, beware)Vika2021-10-277-44/+139
|
* Modified the module to use BACKEND_URIVika2021-09-282-1/+14
|
* Code cleanup and Cargo.lock updatesVika2021-09-272-4/+6
|
* Fix a bug in the error middlewareVika2021-09-273-2/+5
| | | | | | When an error is found, the site name passed to Storage::get_setting in the error handler is incorrect. The ASCII serialisation of the hostname should get used.
* Implemented support for channelsVika2021-09-273-65/+172
|
* Implemented FileStorage::delete_postVika2021-09-271-1/+4
|
* Finally figured out how to read without a BufReaderVika2021-09-271-14/+6
| | | | | BufReader was really unneccesary here, since I was batch-reading all of this in one go.
* Improved symlink creationVika2021-09-271-5/+78
| | | | | | Now symlink creation works on Windows and creates links relative to the posts, allowing for seamless migrations of the backing directory for true portability and no data lock-in.
* Implemented FileStorage::get_setting and FileStorage::set_settingVika2021-09-271-2/+53
|
* Moved integration tests and allowed the binary to use file backendVika2021-09-263-19/+87
| | | | | | Now the Redis dependencies are optional and only required if you want to test the backend or actually use it in production. The app displays a hint if you try to launch with an unsupported backend.
* Added file updates and fixed a bug with truncated JSON filesVika2021-09-262-3/+154
| | | | | | | | | | | There was a bug where `File::write()` would not write the entire buffer, and this condition was left unchecked by the code. All `File::write()` calls are now replaced with `File::write_all()` which ensures the whole buffer is written to the backing file. Additionally added a smoke check for the file updates. It is in no way comprehensive nor it is able to catch all the possible failures but it's a good way of testing the functionality without way too much hassle.
* Added a WIP file backendVika2021-08-152-30/+210
| | | | | | | Currently unavailable for use and only has basic GET and POST operations implemented. A lot more work is needed to make it truly usable. Locking is implemented using flock() system call on Linux.
* Improved Redis module code qualityVika2021-08-151-13/+10
|
* Added Prometheus instrumentationVika2021-08-062-0/+73
| | | | | | I need to instrument the mobc library used for the Redis connection pool, but that can be done later since I am somewhat tired. I don't remember how much I've worked and I need a break... >.<
* Added a default food channel for foodstuffsVika2021-08-061-12/+35
|
* Log sent webmentionsVika2021-08-061-0/+1
|
* Refactored the onboarding template into its own fileVika2021-08-062-193/+198
|
* Shortened a connection timeout and installed a lifetime limit for connectionVika2021-08-061-1/+4
|
* Trying to mitigate and log more about the HTTP 500sVika2021-08-051-10/+12
|
* Fixed a VERY WRONG way to handle stream errorsVika2021-08-042-31/+25
| | | | | | for future reference: stream operations returning Result satisfy conditions for the futures::stream::TryStreamExt trait, allowing you to use `TryStreamExt::try_collect::<T>()` and receive a Result<T>.
* Moved templates into their own moduleVika2021-08-032-586/+585
| | | | | | | frontend.rs was too hard to navigate. Additionally, this allows playing with the organizational structure of templates, since they only need to export a certain API and how exactly they work is an implementation detail.
* Appease rustfmt, clippy and cargo checkVika2021-07-299-104/+196
|
* Respect Link: headers when sending webmentionsVika2021-07-281-4/+32
|
* Added CORS middlewareVika2021-07-272-0/+23
| | | | | This prevents Micropub requests fired from web apps on other domains from being blocked by overzealous browsers.
* Added an internal token mechanismVika Shleina2021-07-273-0/+18
| | | | | | | | The internal token is a shared secret that can update and delete any posts stored in the database. It is intended for use in webmention endpoints to update posts with latest webmentions. Please keep it safe.
* Fixed security hole where other people could delete YOUR posts. Yes, yours. ↵Vika Shleina2021-07-212-0/+67
| | | | You're welcome.
* Don't show internal links on h-cardsVika Shleina2021-07-191-1/+1
|
* Fixed crash when h-card doesn't contain a p-noteVika Shleina2021-07-191-3/+4
|