The api has been tested and works as intended.
Now users do not have to go on the website to get back their token, they
just have to register.
Torrents show the right stats and username on api request when search is
done
User model when converted to JSON gives us the apitoken and md5 hash of
email (for gravatar)
Verification on upload is done by token and username instead of token
only
Errors are now given in json format in the api
Global api response handler for less code redundancy and same response
pattern
Moved user auth check in cookie_helper to user.go
Fixed bug with CSRF prevention in /api
Added translation strings
Status for scrapped user
They can't log in and an explicit error message is shown when they try
explaining that they need to contact the moderators
They are displayed as simple members on the front-end however
This allows changing the cookie domain, maxage and the hash/encryption
keys via the config file.
If no key is provided a new one is generated on each reboot.
But if both keys are provided the session cookies are now valid even
after a server reboot.
* New config files
As decided, config files are parsed at runtime.
I decided to go for YAML config files because there can be comments in
it.
There are 2 files:
* config/default_config.yml <= which shouldn't be edited unless we add a
config parameter
* config/config.yml <= which is the user-defined config. This file
shouldn't be commited
Changed every call to config.XXX to config.Conf.XXX (look to the new
stucture of config in config/types.go)
Of course, putting config parameters in config.yml overrides config in
config_default.yml. You don't have to put everything in it, just add
what you want to override.
* Fixing test
Replacing conf.New by config.Conf
* Fixing call to config.Conf to config.Config{} in test files
* Might have fixed testing with this
Printf instead of Fatalf
* Renaming config.yml in example file
* Forbid commiting config.yml
* Should be now fixed
* Do not need this file anymore
* Fix login when running on localhost
* Translatable edit/delete buttons on view page
* Bold completed count on view page
* Don't create global variables in report button js
* Update german translation
* Update trackers (#803)
Remove baka-sub.cf as it's always broken
Add IPv6 version of leechers-paradise
* Added new dep: gorilla/csrf
* CSRF field in forms
* CSRF variable in commontemplatevariables
* New key for messages and user context
Please change EnableSecureCSRF to false when testing locally and don't
merge config/env.go with the changes
* Gofmt friendly
Keeping Go source code in line with what they preconize
* Golint Friendly Next
So I have made some variables unexported
Added comments in every function that I know what it does
Removed some deprecated stuff that I was sure of
Added a comment on possible deprecated methods "Is it deprecated?"
Changed some variable/method name according to golint recommendations
* Update filelist.go
* Added support of UGC without div tag for torrents
* Added support of basic html tags for comments (a, img, b, em, u)
Fixed:
* Bug with r *request becoming a nul pointer when loading from contextin
messages.go
* Use ModeratorDir variable
* Rename cookieHelper to cookie_helper for consistency
* Use named constant instead of literals
* Fix ability to upload when uploads are disabled
The old code let people upload under the right conditions when uploads
were disabled. (ie: User is banned and config.AdminAreStillAllowedTo is
false)
* Increase timeout (fixes#517)
* Fix inconsistent indentation *.{js, css} (fix#583)
* Fix negative page
Temporary fix. The issue was that going to a negative page caused the
sql query to have a negative offset. This caused an error in the
database query.
We need to cleanup this code, but this will work for now.
* Fix wrong PG_DATA directory due to upgrade to 9.6
* Add server status link to FAQ
* Fix failing tests
* Clarify group_vars/all and hosts doc
* Add a wrapper to protect /mod route
* Fix login page not showing form errors
