Commit Graph

59 Commits

Author SHA1 Message Date
Tracker-Friendly d11e173f97 Updated JWT to maintained fork 2024-08-04 14:47:21 +01:00
Tracker-Friendly d55a4ea191 Fixed /api/auth not working because != wasn't ==, removed some debug functions 2024-07-28 14:29:44 +01:00
Tracker-Friendly 0f880980bc Fixed /api/auth's weird session issue and password migration 2024-07-28 14:19:12 +01:00
Tracker-Friendly 93cd8f3cdd a message doesn't cover this one. just read the code. it speaks for itself. 2024-07-26 19:25:41 +01:00
Tracker-Friendly 9cb2e309de Added example configuration, updated README.md, updated background image to Public Domain image, updated styles to be in accordance with the New Burgerware Design, fixed pages displaying poorly on phones, fixed server panics being caused by incorrect JSON, made it clear AESKeyShare is not in working order, made the application not hard-code the URL, made the application not hard-code the app name, updated the CAPTCHA module to the newest version and URL, removed crypto-js, removed unneeded broken code left over from Burgernotes, removed unneeded CSS left over from Burgernotes, made page titles consistant, changed some formatting to be using camel instead of snake case, fixed various JS bad-practices, used a really long commit message. 2024-07-10 18:43:17 +01:00
Tracker-Friendly 14deebd553 Fixed silly error in checkusernametaken 2024-06-25 16:29:40 +01:00
Tracker-Friendly d04785d2d3 Made /api/auth clear out the database of any ongoing login attempts before proceeding 2024-06-25 01:49:45 +01:00
Tracker-Friendly 277c343a1b Used the correct error 2024-06-25 01:44:53 +01:00
Tracker-Friendly 54f78cf36e Made it an else to prevent some problems with it returning 500 2024-06-25 01:43:58 +01:00
Tracker-Friendly c3eeee81ec Added some mitigations to spamming the login system by restricting it to one active login per user 2024-06-25 01:39:51 +01:00
Tracker-Friendly fb4b5ca57e Fixed typo 2024-06-25 01:35:05 +01:00
Tracker-Friendly b200da5453 Use a memory database to store logins instead of database.db 2024-06-25 01:32:47 +01:00
Tracker-Friendly 3752648c78 Revert "BETA: Use a session cookie rather than a SQL database for login"
This reverts commit 447fb7a4fa.
2024-06-25 01:19:49 +01:00
Tracker-Friendly 2f49361c76 Revert "Made the JSON marshal and unmarshal properly"
This reverts commit 10c6848c5c.
2024-06-25 01:19:44 +01:00
Tracker-Friendly 73506b8aee Revert "Accidentally got false and true mixed up in checkUsernameTaken"
This reverts commit 7dfa018fe6.
2024-06-25 01:16:46 +01:00
Tracker-Friendly d833d90c59 Revert "Put the longer codes into different cookies for easier storage"
This reverts commit 5f8bf52194.
2024-06-25 01:16:41 +01:00
Tracker-Friendly 7dfa018fe6 Accidentally got false and true mixed up in checkUsernameTaken 2024-06-25 00:34:32 +01:00
Tracker-Friendly 5f8bf52194 Put the longer codes into different cookies for easier storage 2024-06-25 00:22:41 +01:00
Tracker-Friendly 10c6848c5c Made the JSON marshal and unmarshal properly 2024-06-24 22:59:53 +01:00
Tracker-Friendly 447fb7a4fa BETA: Use a session cookie rather than a SQL database for login 2024-06-24 22:53:53 +01:00
Tracker-Friendly c7d213be87 Fix spelling errors, fixed a misuse of genSalt and fixed a SQL QueryRow using the incorrect schema 2024-06-24 20:58:55 +01:00
Tracker-Friendly 8bbbed7d2b Made some database optimizations and made logs consistent with Burgernotes & CTAMail 2024-06-21 19:17:45 +01:00
Tracker-Friendly fb0a298ae3 Accidentally put redirect uri check before scanning it in 2024-05-16 19:12:25 +01:00
Tracker-Friendly 650bd4fad9 Prevent open redirects from being possible 2024-05-16 19:07:54 +01:00
Tracker-Friendly 153b53f48a Added account management 2024-05-16 17:35:01 +01:00
Tracker-Friendly 852e19f93a Added 2 lines 2024-05-13 11:38:09 +01:00
Tracker-Friendly 469bd13b58 Finished CAPTCHA 2024-05-09 16:33:01 +01:00
Tracker-Friendly b43d48d997 CAPTCHA support 2024-05-09 17:27:47 +01:00
Tracker-Friendly 4191af1cbd Added Authorisation code header, set samesite on cookie to strict 2024-05-09 01:24:54 +01:00
Tracker-Friendly 780c614263 fixed aeskeyshare 2024-05-06 18:03:15 +01:00
Tracker-Friendly a904885023 Fixed names 2024-05-06 12:22:13 +01:00
Tracker-Friendly 66cd1defd8 Make name optional 2024-05-06 12:55:04 +01:00
Tracker-Friendly 85b2af8225 BETA: Add name support instead of relying on the appId 2024-05-06 12:53:04 +01:00
Tracker-Friendly 0db0bb5094 Fixed broken newlines 2024-05-06 10:24:18 +01:00
Tracker-Friendly 57128304c7 Fixed the sub being longer than 255 characters 2024-05-06 11:22:39 +01:00
Tracker-Friendly bef5624ff7 Made user return correctly from userinfo and make the sub correct in the id token 2024-05-04 19:18:15 +01:00
Tracker-Friendly 9c57a49f0c Added a sub to user for it to be more easily mappable to matrix 2024-05-04 19:01:51 +01:00
Tracker-Friendly 402c310677 Pass through the nonce in the /app proxy 2024-05-04 18:58:41 +01:00
Tracker-Friendly 22b50cba73 Make the nonce be based off the nonce specified by the app 2024-05-04 18:50:44 +01:00
Tracker-Friendly 1e797f5b5c Correctly display large integers instead of rounding off to base64 in the base64 encoding of the modulus 2024-05-04 18:36:39 +01:00
Tracker-Friendly 36123f3eee Made the m and e the PRIVKEY's n and e 2024-05-04 16:37:43 +01:00
Tracker-Friendly 606a0f18cc Add KID in tokens 2024-05-04 16:32:49 +01:00
Tracker-Friendly 94662329e1 Fixed openid, finally 2024-05-04 16:15:40 +01:00
Tracker-Friendly 59a4ef0994 Added the weird padding authlib needs 2024-05-03 20:38:08 +01:00
Tracker-Friendly 04af6c00fb Fixed RS256, again 2024-05-03 20:18:45 +01:00
Tracker-Friendly 728279ec63 Fixed RS256 2024-05-03 20:15:46 +01:00
Tracker-Friendly af9b94f3e1 Used JWT RS256 for matrix compatibility, fixed /userinfo endpoint 2024-05-03 19:07:28 +01:00
Tracker-Friendly 2f490ee3ee Fixed typo 2024-04-29 21:23:15 +01:00
Tracker-Friendly 8299915502 Added aeskeyshare and fixed html files to be more standard-complient 2024-04-29 01:45:22 +01:00
Tracker-Friendly a1ae521b56 Fixed various issues and added /api/loggedin 2024-04-29 01:18:56 +01:00