* Initial Commit for OAuth API
This builds and run and return the right error.
Need to test it and then adding all users as possible client
* Added mising dependency
* just compile already...
* Fixing template test
* Imrpovements
Moved db stuff in models
Added some tests
Added form in modpanel to add/update a client
Added controllers for add/update of client
* Added Forms + speed improvements
Controller oauth client listing + html
Controller oauth client delete + messages
Messages on comment delete
New ES config that disable ES if set to false. Improve load speed on local development
Fix a load config bug
Fix index admin & translation string sign_out broken by @ewhal
* Sanitize empty strig in form array + css
Multiple empty array of strings are sanitized for the oauth client create form
Added some css for the form display
* Upload and Create form works
* Fix splitting response types
* Removing required on secret when updating
* fix travis error
* Fix travis template test
* Update dependency
* Moved to jinzhu instead of azhao
* randomizen secret on creation
* Final touch on oath api
improved display name
fix grant form csrf
fix login csrf on oauth
* Fix gorm test
* fix template test
* Fixing deleted dependency issue
* Make travis faster
* Fix typo
* Fix csrf for api calls
* This shouldn't be exempt
* Removing hard coded hash
@ewhal Don't forget to replace the hash in tokens.go with another one
* Added an example on how to use OAuth middleware
* Renamed fosite utils to oauth2 utils
* Added configor as a new library
Now config is a singleton. You only need to do config.Get() instead of doing config.Conf.
* Forgot godep save 🐤
* Fix accidental removal of }
Common is no more a thing
Use of TorrentParam instead of SearchParam now
Common structs for search are exported in utils/search/structs
Util has been renamed utils
* First batch of changes for the refactor
Added the support of gin in routes and other services/utils
Begining implementation of JetHTML
* Remove os folder
* Move scrapers to own repo
* Second batch of changes
All .jet.html are the working templates.
You can now test this PR, the index Page and upload works. If you want to complete the other html templates, you're welcome
* Move captcha to util
* Move uploadService to utils
* Use govalidator instead of regex
* Third batch of changes
All the front end should as previously.
I also fixed some minor things unrelated to the refactor (mostly style issues on static pages)
Now errors can be accessed by importing the "errors" helpers and using the `yield errors(name="xxx")` command in templates.
Same for infos.
Templates are now more hierarchized with a base template "base.jet.html" which is extended depending on the context in "index_site" or "index_admin" layouts. Those layouts are extended than in every pages.
Other helpers are captcha to render a captcha `yield captcha(captchaid="xxx")`
And also csrf, with the command `yield csrf_field()`
To translate, you don't have anymore to do `call $.T "xxx"`, you just have to do `T("xxx")`.
Pages for the website part are in folders in the folder "templates/site". Pages for the admin part are in "templates/admin". Layouts are separated in "templates/layouts". Helpers and menu are in "templates/layouts/helpers" and "templates/layouts/menu". Error pages should be put in "templates/errors"
* Added test on templates
When adding a new template, you have to tell to template_test.go, the context of the new template (if it doesn't use the common context)
* Panel admin works
Now the templating part should work. The PR can now be fully tested.
I think we should push the templating PR and do the routes/controllers/removal of services in another branch. So we know that this one is functional
* Updated dependencies
* Fixed test for modelhelper
* Fix testing for commentlist
* Fix travis :')
* Just renamed router and removed network
* Applying same SEO fix
* Update form_validator.go
* Added back regexp package
* Megacheck friendly
applied megacheck and fixed some unwanted behaviour (markdown)
* Forgot this file
* Captcha Audio
Should make #993 happen
* Fix style issue in comments
* Added margin auto and width on input
* Moved width on captcha div instead
* fixing width issue with audio tag
* Captcha final style fix
* Merge remote-tracking branch 'refs/remotes/origin/dev' into fix-for-csrf
Fix CSRF protection
Seems like it doesn't work anymore...
I tried to
fix it but couldn't get /api without csrf. So I changed the
dependency
for another csrf package (nosurf).
Behavior: Same as previously. You
just have to include the block
csrf_token
* changing dependency to nosurf
Main version can be set in config/default_config.yml
Build version need to be set by build command: go build -ldflags "-X
main.buildversion=$(date -u +.%Y%m%d.%H%M%S)"
Or by using package.sh
Or by using the godep command: godep go build -ldflags "-X
main.buildversion=$(date -u +.%Y%m%d.%H%M%S)"
* New config files
As decided, config files are parsed at runtime.
I decided to go for YAML config files because there can be comments in
it.
There are 2 files:
* config/default_config.yml <= which shouldn't be edited unless we add a
config parameter
* config/config.yml <= which is the user-defined config. This file
shouldn't be commited
Changed every call to config.XXX to config.Conf.XXX (look to the new
stucture of config in config/types.go)
Of course, putting config parameters in config.yml overrides config in
config_default.yml. You don't have to put everything in it, just add
what you want to override.
* Fixing test
Replacing conf.New by config.Conf
* Fixing call to config.Conf to config.Config{} in test files
* Might have fixed testing with this
Printf instead of Fatalf
* Renaming config.yml in example file
* Forbid commiting config.yml
* Should be now fixed
* Do not need this file anymore
As per suggestion of @yiiTT, CSRF is limited on users login,
registration, profile edit, comments post, torrent edit.
Uploads are not yet CSRF protected because api upload can't be used for
that
* Added new dep: gorilla/csrf
* CSRF field in forms
* CSRF variable in commontemplatevariables
* New key for messages and user context
Please change EnableSecureCSRF to false when testing locally and don't
merge config/env.go with the changes
http.Server.Shutdown gracefully closes listeners/clients, we do not have to
do it ourselves. Making util/signals accept func() instead of io.Closer
allowed for the removal of network/closer.go and util/signals/closers.go.
It is possible for an os.Interrupt signal to be raised after
signals.RegisterCloser() and before startup of goroutine signals.Handle().
Race is prevented by synchronously calling signal.Notify().
* added pagination
* cleanup
* indentation fix
* fix
* Loads theme from context
* Basic theme switching working
* working properly
* Fuck golint tbqh
* united language and theme into one settings page
* made the settings page a little nicer
* fixed it so it works properly now
* removed parts of inline js and fixed bug
* removed remains of other theme switching method
* fixed very minor bug
* fix
* Use ModeratorDir variable
* Rename cookieHelper to cookie_helper for consistency
* Use named constant instead of literals
* Fix ability to upload when uploads are disabled
The old code let people upload under the right conditions when uploads
were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is
false)
* Increase timeout (fixes#517)
* Fix inconsistent indentation *.{js, css} (fix#583)
* Fix negative page
Temporary fix. The issue was that going to a negative page caused the
sql query to have a negative offset. This caused an error in the
database query.
We need to cleanup this code, but this will work for now.
* Fix wrong PG_DATA directory due to upgrade to 9.6
* Add server status link to FAQ
* Fix failing tests
* Clarify group_vars/all and hosts doc
* Add a wrapper to protect /mod route
* Fix login page not showing form errors
This consolidates the places where a default language has to be set.
- Removed import of the 'userService' package into the 'languages' util
package
This was required to prevent a cyclic import between the two packages.
- Added a 'UserRetriever' interface to read the language setting of users
inside the 'languages' package
- Fixed an error in the spanish and chinese translation file
- Refactored reading the translation files
Instead of ignoring errors in the non-default language files
the error will now be returned and the remaining files will
not be loaded.
- Added a unit test to check if all translation files are valid
- Added an i18n config to specify the translations dir and the
default language
This allows users to change the default logging verbosity (errors)
to either *detailed* (prints SQL statements) or *silent*.
Also added support for using a custom logger function.
- Fixed the gorm unit test that checks the automigrations
They will actually fail if any errors were logged now.
- Added a postgres unit test
Currently disabled because it would need a running local
postgres db and a change to the .travis.yml file to work
inside the CI build.
This makes systemd not put unit into fail mode when stopping
INFO:
* make sure to use signals.RegisterCloser for everything that should be closed on interrupt
* for any net.Listeners created make sure to wrap them with network.WrapListener and register with signals.RegisterCloser
