diff options
author | ThibG <thib@sitedethib.com> | 2020-01-05 13:51:50 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-01-05 13:51:50 +0100 |
commit | bcfd6e3bb48f6e0eb88f7f3a650832842ab69166 (patch) | |
tree | 0e2bb7334c7954bee2962ed78565046e3b974725 /config | |
parent | 22daf24600d8e99e4569740ee5836d25c70c1e8b (diff) | |
parent | 83359fef2b04e81b35b047510ddb0c79bcf8ddaa (diff) |
Merge pull request #1259 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'config')
-rw-r--r-- | config/application.rb | 2 | ||||
-rw-r--r-- | config/initializers/doorkeeper.rb | 13 | ||||
-rw-r--r-- | config/initializers/paperclip.rb | 2 | ||||
-rw-r--r-- | config/initializers/rack_attack.rb | 3 | ||||
-rw-r--r-- | config/locales/en.yml | 4 |
5 files changed, 12 insertions, 12 deletions
diff --git a/config/application.rb b/config/application.rb index e1f7ae707..58e59fd51 100644 --- a/config/application.rb +++ b/config/application.rb @@ -7,6 +7,7 @@ require 'rails/all' Bundler.require(*Rails.groups) require_relative '../app/lib/exceptions' +require_relative '../app/middleware/handle_bad_encoding_middleware' require_relative '../lib/paperclip/lazy_thumbnail' require_relative '../lib/paperclip/gif_transcoder' require_relative '../lib/paperclip/video_transcoder' @@ -118,6 +119,7 @@ module Mastodon config.active_job.queue_adapter = :sidekiq + config.middleware.insert_before Rack::Runtime, HandleBadEncodingMiddleware config.middleware.use Rack::Attack config.middleware.use Rack::Deflater diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 7784bec62..e03380cec 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -8,20 +8,15 @@ Doorkeeper.configure do end resource_owner_from_credentials do |_routes| - if Devise.ldap_authentication - user = User.authenticate_with_ldap({ :email => request.params[:username], :password => request.params[:password] }) - end - - if Devise.pam_authentication - user ||= User.authenticate_with_ldap({ :email => request.params[:username], :password => request.params[:password] }) - end + user = User.authenticate_with_ldap(email: request.params[:username], password: request.params[:password]) if Devise.ldap_authentication + user ||= User.authenticate_with_pam(email: request.params[:username], password: request.params[:password]) if Devise.pam_authentication if user.nil? user = User.find_by(email: request.params[:username]) - user = nil unless user.valid_password?(request.params[:password]) + user = nil unless user&.valid_password?(request.params[:password]) end - user if !user&.otp_required_for_login? + user unless user&.otp_required_for_login? end # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below. diff --git a/config/initializers/paperclip.rb b/config/initializers/paperclip.rb index 5109baff7..8909678d6 100644 --- a/config/initializers/paperclip.rb +++ b/config/initializers/paperclip.rb @@ -1,5 +1,7 @@ # frozen_string_literal: true +Paperclip::DataUriAdapter.register + Paperclip.interpolates :filename do |attachment, style| if style == :original attachment.original_filename diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index 273cac9ca..3cd7ea3a6 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -46,10 +46,7 @@ class Rack::Attack PROTECTED_PATHS_REGEX = Regexp.union(PROTECTED_PATHS.map { |path| /\A#{Regexp.escape(path)}/ }) - # Always allow requests from localhost - # (blocklist & throttles are skipped) Rack::Attack.safelist('allow from localhost') do |req| - # Requests are allowed if the return value is truthy req.remote_ip == '127.0.0.1' || req.remote_ip == '::1' end diff --git a/config/locales/en.yml b/config/locales/en.yml index 43c24fc4e..74f397a3f 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -594,6 +594,10 @@ en: animations_and_accessibility: Animations and accessibility confirmation_dialogs: Confirmation dialogs discovery: Discovery + localization: + body: Mastodon is translated by volunteers. + guide_link: https://crowdin.com/project/mastodon + guide_link_text: Everyone can contribute. sensitive_content: Sensitive content toot_layout: Toot layout application_mailer: |