about summary refs log tree commit diff
path: root/app/javascript/styles
AgeCommit message (Collapse)Author
2020-08-24Add WebAuthn as an alternative 2FA method (#14466)santiagorodriguez96
* feat: add possibility of adding WebAuthn security keys to use as 2FA This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor to the Settings page for editing the 2FA methods – now it will list the methods that are available to the user (TOTP and WebAuthn) and from there they'll be able to add or remove any of them. Also, it's worth mentioning that for enabling WebAuthn it's required to have TOTP enabled, so the first time that you go to the 2FA Settings page, you'll be asked to set it up. This work was inspired by the one donde by Github in their platform, and despite it could be approached in different ways, we decided to go with this one given that we feel that this gives a great UX. Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: add request for WebAuthn as second factor at login if enabled This commits adds the feature for using WebAuthn as a second factor for login when enabled. If users have WebAuthn enabled, now a page requesting for the use of a WebAuthn credential for log in will appear, although a link redirecting to the old page for logging in using a two-factor code will also be present. Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: add possibility of deleting WebAuthn Credentials Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: disable WebAuthn when an Admin disables 2FA for a user Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * feat: remove ability to disable TOTP leaving only WebAuthn as 2FA Following examples form other platforms like Github, we decided to make Webauthn 2FA secondary to 2FA with TOTP, so that we removed the possibility of removing TOTP authentication only, leaving users with just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA' in order to remove second factor auth. The reason for WebAuthn being secondary to TOPT is that in that way, users will still be able to log in using their code from their phone's application if they don't have their security keys with them – or maybe even lost them. * We had to change a little the flow for setting up TOTP, given that now it's possible to setting up again if you already had TOTP, in order to let users modify their authenticator app – given that now it's not possible for them to disable TOTP and set it up again with another authenticator app. So, basically, now instead of storing the new `otp_secret` in the user, we store it in the session until the process of set up is finished. This was because, as it was before, when users clicked on 'Edit' in the new two-factor methods lists page, but then went back without finishing the flow, their `otp_secret` had been changed therefore invalidating their previous authenticator app, making them unable to log in again using TOTP. Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com> * refactor: fix eslint errors The PR build was failing given that linting returning some errors. This commit attempts to fix them. * refactor: normalize i18n translations The build was failing given that i18n translations files were not normalized. This commits fixes that. * refactor: avoid having the webauthn gem locked to a specific version * refactor: use symbols for routes without '/' * refactor: avoid sending webauthn disabled email when 2FA is disabled When an admins disable 2FA for users, we were sending two mails to them, one notifying that 2FA was disabled and the other to notify that WebAuthn was disabled. As the second one is redundant since the first email includes it, we can remove it and send just one email to users. * refactor: avoid creating new env variable for webauthn_origin config * refactor: improve flash error messages for webauthn pages Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
2020-08-24Fix: also use custom private boost icon for detailed status (#14471)Tdxdxoz
* use custom private boost icon for detail status * only use className
2020-08-11Add HTML form validation for the registration form (#14560)ThibG
* Add HTML-level validation of username in sign-up form * Make required fields with incorrect values more visible * Enable HTML form validation for the registration form * Mark agreement checkbox as required client-side * Add minimum length to password * Add client-side password confirmation validation
2020-08-02Fix disabled boost icon being replaced by private boost icon on hover (#14456)ThibG
Fixes #14455
2020-07-24Fix hover and normal colors for private boost icon being swapped (#14386)ThibG
2020-07-23Add custom icon for private boosts (#14380)ThibG
2020-07-22Change disabled retweet icon (#14373)ThibG
* Change disabled retweet icon * Hide fontawesome version of boost icon in both reduce-motion and no-reduce-motion
2020-07-17Fix audio player controls color in mastodon-light theme (#14338)ThibG
Fixes #14337 The new audio player sets the background and foreground colors automatically based on the thumbnail of the audio file, but the mastodon-light theme overrides the controls' colors with a hardcoded color, which sometimes make them unreadable.
2020-07-07Fix account note border radius (#14251)Sasha Sorokin
2020-07-07Add ability to choose media thumbnail in web UI (#14244)Eugen Rochko
2020-07-07Change design of account notes in web UI (#14208)Eugen Rochko
* Change design of account notes in web UI * Fix `for` -> `htmlFor`
2020-07-05Add color extraction for audio thumbnails (#14209)Eugen Rochko
2020-07-01Fix cursor type in statuses (#14185)Ariel
2020-07-01Fix lock icon not being shown when locking account in profile settings (#14190)ThibG
2020-06-30Add user notes on accounts (#14148)ThibG
* Add UserNote model * Add UI for user notes * Put comment in relationships entity * Add API to create user notes * Copy user notes to new account when receiving a Move activity * Address some of the review remarks * Replace modal by inline edition * Please CodeClimate * Button design changes * Change design again * Cancel note edition when pressing Escape * Fixes * Tweak design again * Move “Add note” item, and allow users to add notes to themselves * Rename UserNote into AccountNote, rename “comment” Relationship attribute to “note”
2020-06-29Fix padding on account header (#14179)trwnh
2020-06-26Change sensitive preview cards to not blur text (#14143)ThibG
Also only require click-through for interactive embeds.
2020-06-26Improve appearence consistency of settings pages (#13938)Mélanie Chauvel
* Fix header button changing header size in settings pages * Make form buttons look more like a part of the form in settings pages - Put buttons closer, using same distance as between inputs - Make buton font size a bit smaller to blend a bit more - Add the class button to button tags for consisent styling
2020-06-25Add a visibility icon to status (#14123)Takeshi Umeda
* Add a visibility icon to status * Change to using the icon element * Fix RTL * Add a public globe
2020-06-25Fix design issues with sensitive preview cards (#14126)ThibG
* Fix design issues with sensitive preview cards * Center “sensitive” label on preview image for interactive cards * Add “button” role to sensitive preview card text
2020-06-25Fix avatar size in public page detailed status (#14140)ThibG
Regression from the inline-CSS changes
2020-06-25Fix various issues around OpenGraph representation of media (#14133)Eugen Rochko
- Fix audio attachments not being represented in OpenGraph tags - Fix audio being represented as "1 image" in OpenGraph descriptions - Fix video metadata being overwritten by paperclip-av-transcoder - Fix embedded player not using Mastodon's UI - Fix audio/video progress bars not moving smoothly - Fix audio/video buffered bars not displaying correctly
2020-06-24Fix audio/video/images/cards not reacting to window resizes in web UI (#14130)Eugen Rochko
* Fix audio/video/images/cards not reacting to window resizes in web UI * Update app/javascript/mastodon/features/audio/index.js Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-06-23Fix very wide media attachments resulting in too thin a thumbnail (#14127)ThibG
Fixes #14094
2020-06-23Change volume control and download buttons in web UI (#14122)Eugen Rochko
* Fix audio download button not starting download in web UI * Fix volume controls on audio and video players in web UI * Remove download button from video player in web UI
2020-06-21Change design of audio players in web UI (#14095)Eugen Rochko
2020-06-20Fix unnecessary gap under of video modal (#14098)fuyu
2020-06-14Add hints about incomplete remote content to web UI (#14031)Eugen Rochko
2020-06-09Improve rendering of emoji which do not contrast with background (#13772)ThibG
* Refactor list of emoji requiring added outlines so that it can be theme-specific * Split inaccessible emoji to emoji requiring an outline and ones that can be inverted * Drop the “silouhettes” from black emoji as they seem to have changed color * Add inaccessible emojis list for the light theme * Use bordered emoji variant instead of unreliable CSS
2020-06-06Hide sensitive preview cards with blurhash (#13985)ThibG
* Use preview card blurhash in WebUI * Handle sensitive preview cards
2020-05-31Adjust flash alert contrast for better readability (#13892)Christopher Choi
2020-05-14Fix regression in sparkline style in web UI (#13753)Eugen Rochko
2020-05-13Fix some account avatars on public pages having incorrect size (#13692)ThibG
* Fix some account avatars on public pages having incorrect size * Remove outdated and overridden width and height attributes * Remove more hardcoded width/height attributes
2020-05-03Fix use of inline CSS in public pages (#13576)ThibG
Change `account_link_to` to use an image tag rather than some inline CSS. Dropped the `size` parameter in the process, but it wasn't used for anything except the default value of 36px. Dropped CSS rules that were always overriden, and defaulted to 36px width and height instead.
2020-04-28Fix admin-facing uses of inline CSS (#13575)ThibG
* Move .back-button inline styles to CSS file All occurrences of the back-button CSS class used the same inline CSS rules, so moved them over to the CSS file * Fix “Add new domain block” button using inline CSS * Replace common pattern of inline-styled button boxes by a CSS class In particular, switching from `float: left/right` to a flexbox with `justify-content: space-between`. This implied changing the order of a few HTML tags and adding an empty `div` in one case. Also removed a `margin-bottom` rule that wasn't needed due to the margins of surrounding elements. * Move account admin view inline CSS to CSS file
2020-04-28Fix end-user-facing uses of inline CSS (#13438)ThibG
* Move some inline styles to CSS files * Move default_account_display_name span to fix useless tags with duplicate id * Change handling of public pages spoiler text from inline CSS to dataset attribute * Use the `dir` HTML attribute instead of inline CSS * Move status action bar inline CSS to CSS file * Hide logo resources from CSS file, not inline CSS Fixes #11601 * Move translation prompt styling from inline CSS to CSS file * Move “invited by” styling on registration form from inline to CSS file * Use the progress tag to display poll results in JS fallback * Fix poll results JS-less fallback when the user has voted for an option * Change account public page “moved” notice to use img tags instead of inline CSS * Move OTP hint inline CSS to SCSS file * Hide JS-less fallback vote progressbars from accessibility tools Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28Fix messed up z-index when NoScript blocks media/previews (#13449)ThibG
Fixes #13444
2020-04-23Set max-width and max-height to gif video (#13533)Irie Aoi
2020-04-04Add explanation as to why unlocked accounts may have follow requests (#13385)ThibG
* Add explanation as to why unlocked accounts may have follow requests * Change wording to avoid “silenced”
2020-04-03Add ability to filter audit log in admin UI (#13381)Eugen Rochko
2020-04-02Improve polls: option lengths & redesign (#13257)Sasha Sorokin
This commit redesign the polls and increases characters limit for the options from 25 to 50 characters, giving pollsters more freedom. Summarizing, the redesign is making the polls more adaptive for upcoming changes to the options characters limit: the bar, or a "chart", is now displayed separately from the option itself; vote check mark is moved next to the option text, making the percentages take less space. Option lengths are taken into account and text is wrapped to multiple lines if necessary to avoid overflow.
2020-03-31Improve toot clicking areas (#13327)Mélanie Chauvel (ariasuni)
* Make the area to the left “Show Thread” also expand the toot in Web UI * Clicking the left part of a conversation with the avatars now opens it in Web UI
2020-03-31Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)Mélanie Chauvel (ariasuni)
2020-03-25Change poll option hover/active styling to be less confusing (#13313)ThibG
2020-03-08Fix text area above/right of emoji picker being accidentally clickable in ↵Mélanie Chauvel (ariasuni)
web UI (#13148)
2020-03-06Fix too large announcements not being scrollable in web UI (#13211)ThibG
2020-03-06Change GIF label to be displayed even when autoplay is enabled in web UI ↵koyu
(#13209)
2020-02-08Fix unread indicator on announcements not being aligned with text in web UI ↵Eugen Rochko
(#13052)
2020-02-03Change how unread announcements are handled (#13020)ThibG
* Change meaning of /api/v1/announcements/:id/dismiss to mark an announcement as read * Change how unread announcements are counted in UI * Add unread marker to announcements and mark announcements as unread as they are displayed * Fixups
2020-01-29Add "Show thread" button to public profiles (#13000)Sasha Sorokin
This adds "Show thread" button to the status view which is used in profiles. The logic to display the button is mimicking logic in web app available at app/javascript/mastodon/components/status.js#L439. * The little change in components CSS required to remove enforced underline for all links on public pages on our button.