about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2020-01-15work around sprockets 4 being a jerkmultiple creatures
2020-01-14make the external login (ldap/pam/saml/etc) error informative for ↵multiple creatures
non-technical users
2020-01-14skip duplicate redis checkmultiple creatures
2020-01-14behave like `block anon` when checking whether local users can read a ↵multiple creatures
community or public post made in invisible mode
2020-01-14fix check for "filter if in reply to blocker" settingmultiple creatures
2020-01-14fix the "include past roars" buttonsmultiple creatures
2020-01-14differentiate local-only posts in the web appmultiple creatures
2020-01-13use `update` instead of assignment on `delete_after=` & `defederate_after=`multiple creatures
2020-01-13set `MIN_DESTRUCT_OFFSET` (`30.seconds`) if `delete_after` or ↵multiple creatures
`defederate_after` values are too low
2020-01-13make `:m` in `defed_in` & `delete_in` mean minutes not monthsmultiple creatures
2020-01-13fix setting `delete_after` and `defederate_after` on new postsmultiple creatures
2020-01-13add new privacy option to auto-defederate after a given timespan + add ↵multiple creatures
options to defederate and/or delete past posts + add `defed_in`/`parent:defed_in`/`thread:defed_in` bangtags + ui indicator for posts marked for auto-defederation
2020-01-13remove duplicates from media gallery mode, attempt 2multiple creatures
2020-01-13update `updated_at` when boosting own old posts so the post can actually ↵multiple creatures
federate past the max public expiration window
2020-01-13check `updated_at` instead of `created_at` against max public access ↵multiple creatures
expiration window
2020-01-13`return false if direct?`multiple creatures
2020-01-13`!!` truthiness testmultiple creatures
2020-01-13make `still_accessiblible?` only check posts with an `account.user`multiple creatures
2020-01-12add privacy option to limit lifespan of public access to post & object urls ↵multiple creatures
beyond local followers, default to 90 days
2020-01-12allow sharekeys to be used with the api status controllermultiple creatures
2020-01-11skip spam check if invite-only registrationmultiple creatures
2020-01-11remove duplicate posts in gallery modemultiple creatures
2020-01-11move parenthesis to correct placemultiple creatures
2020-01-11move parenthesis to correct placemultiple creatures
2020-01-11move `monsterpit_api` helper to the application controllermultiple creatures
2020-01-11expose `local` visibility flag only when monsterfork api exposure is set to ↵multiple creatures
`full` (inital state serializer)
2020-01-11pass monsterfork api exposure setting to initial state serializermultiple creatures
2020-01-11expose `local` visibility flag only when monsterfork api exposure is set to ↵multiple creatures
`full`
2020-01-11use basic monsterfork api for anonymous clientsmultiple creatures
2020-01-11normalize app name when comparing against monsterfork api env varsmultiple creatures
2020-01-11document `MONSTERFORK_API_FORCE_*` env varsmultiple creatures
2020-01-11pass monsterfork api exposure setting to all serializers + add ↵multiple creatures
`MONSTERFORK_API_FORCE_*` env vars to set api compatability modes for clients/apps
2020-01-10make sure it is actually a local user before checking `monsterfork_api` propmultiple creatures
2020-01-10add option for changing the monsterfork api exposure level, defaulting to ↵multiple creatures
`full` - if this gives your app indigestion change it to back to `basic` in preferences
2020-01-10set caching backend to cache items for 1 hourmultiple creatures
2020-01-10speed up search with cachingmultiple creatures
2020-01-10avoid double-filtering on searchmultiple creatures
2020-01-10`account.filter_undescribed?` -> `account.user.filter_undescribed?`multiple creatures
2020-01-10avoid checking filter cache twicemultiple creatures
2020-01-10add custom filter master toggle, add media gallery mode, & fix various ↵multiple creatures
filter logic + caching bugs
2020-01-10clear filter cache when regenerating feedsmultiple creatures
2020-01-10trigger feed update after a filter is deletedmultiple creatures
2020-01-10remove duplicate `private` sectionmultiple creatures
2020-01-10add ability to toggle individual filters without deleting themmultiple creatures
2020-01-10don't try to apply filters when there's not any setmultiple creatures
2020-01-10bon voyage to that shitty text normalization codemultiple creatures
2020-01-10switch (back) to postgres fts engine for fast search & timeline filtersmultiple creatures
2020-01-10dump schema to plain sqlmultiple creatures
2020-01-04monsterpit says trans rights!!!multiple creatures
2019-12-31LDAP & PAM added to OAuth password grant strategy (#7999) (#12390)ntl-purism
When authenticating via OAuth, the resource owner password grant strategy is allowed by Mastodon, but (without this PR), it does not attempt to authenticate against LDAP or PAM. As a result, LDAP or PAM authenticated users cannot sign in to Mastodon with their email/password credentials via OAuth (for instance, for native/mobile app users). This PR fleshes out the authentication strategy supplied to doorkeeper in its initializer by looking up the user with LDAP and/or PAM when devise is configured to use LDAP/PAM backends. It attempts to follow the same logic as the Auth::SessionsController for handling email/password credentials. Note #1: Since this pull request affects an initializer, it's unclear how to add test automation. Note #2: The PAM authentication path has not been manually tested. It was added for completeness sake, and it is hoped that it can be manually tested before merging.
generated by cgit-pink (git 2.37.1) at 2024-11-27 19:17:30 +0000