a
/
gosora
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
gosora/common/auth.go

279 lines
8.6 KiB
Go
Raw Normal View History

Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
/*
*
* Gosora Authentication Interface
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
* Copyright Azareal 2017 - 2019
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
*
*/
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
package common
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
import (
"database/sql"
"errors"
"net/http"
"strconv"
"strings"
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
"../query_gen/lib"
//"golang.org/x/crypto/argon2"
"golang.org/x/crypto/bcrypt"
)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
var Auth AuthInt
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
const SaltLength int = 32
const SessionLength int = 80
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
// ErrMismatchedHashAndPassword is thrown whenever a hash doesn't match it's unhashed password
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
var ErrMismatchedHashAndPassword = bcrypt.ErrMismatchedHashAndPassword
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
// nolint
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
var ErrHashNotExist = errors.New("We don't recognise that hashing algorithm")
var ErrTooFewHashParams = errors.New("You haven't provided enough hash parameters")
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
// ErrPasswordTooLong is silly, but we don't want bcrypt to bork on us
var ErrPasswordTooLong = errors.New("The password you selected is too long")
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
var ErrWrongPassword = errors.New("That's not the correct password.")
var ErrSecretError = errors.New("There was a glitch in the system. Please contact your local administrator.")
var ErrNoUserByName = errors.New("We couldn't find an account with that username.")
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
var DefaultHashAlgo = "bcrypt" // Override this in the configuration file, not here
//func(realPassword string, password string, salt string) (err error)
var CheckPasswordFuncs = map[string]func(string, string, string) error{
"bcrypt": BcryptCheckPassword,
//"argon2": Argon2CheckPassword,
}
//func(password string) (hashedPassword string, salt string, err error)
var GeneratePasswordFuncs = map[string]func(string) (string, string, error){
"bcrypt": BcryptGeneratePassword,
//"argon2": Argon2GeneratePassword,
}
var HashPrefixes = map[string]string{
"$2a$": "bcrypt",
//"argon2$": "argon2",
}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
// AuthInt is the main authentication interface.
type AuthInt interface {
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
Authenticate(username string, password string) (uid int, err error)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
Logout(w http.ResponseWriter, uid int)
ForceLogout(uid int) error
SetCookies(w http.ResponseWriter, uid int, session string)
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
GetCookies(r *http.Request) (uid int, session string, err error)
SessionCheck(w http.ResponseWriter, r *http.Request) (user *User, halt bool)
CreateSession(uid int) (session string, err error)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
// DefaultAuth is the default authenticator used by Gosora, may be swapped with an alternate authenticator in some situations. E.g. To support LDAP.
type DefaultAuth struct {
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
login *sql.Stmt
logout *sql.Stmt
updateSession *sql.Stmt
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
// NewDefaultAuth is a factory for spitting out DefaultAuths
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
func NewDefaultAuth() (*DefaultAuth, error) {
acc := qgen.Builder.Accumulator()
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
return &DefaultAuth{
Converted more queries over to the new OO builder syntax. Renamed accBuilder to Accumulator so that it can be used in type hints outside the query generator. The DbInit accumulator is now initialised in the caller rather than the callee.
2017-11-12 03:29:05 +00:00
login: acc.Select("users").Columns("uid, password, salt").Where("name = ?").Prepare(),
logout: acc.Update("users").Set("session = ''").Where("uid = ?").Prepare(),
updateSession: acc.Update("users").Set("session = ?").Where("uid = ?").Prepare(),
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
}, acc.FirstError()
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
// Authenticate checks if a specific username and password is valid and returns the UID for the corresponding user, if so. Otherwise, a user safe error.
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
func (auth *DefaultAuth) Authenticate(username string, password string) (uid int, err error) {
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
var realPassword, salt string
err = auth.login.QueryRow(username).Scan(&uid, &realPassword, &salt)
Added friendly URLs. Added the Forum Store. Rewrote all the forum slice calls to use it. Remapped sql.ErrNoRows to ErrNoRows for portability. Removed a pointless column in the login query. Revamped the tags and buttons on Tempra Simple, and on the profiles for the other themes. Fixed a padding bug. Tweaked the font sizes and padding in the Control Panel for Tempra Simple. More progress with widgets.
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
return 0, ErrNoUserByName
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
} else if err != nil {
LogError(err)
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
return 0, ErrSecretError
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
if salt == "" {
// Send an email to admin for this?
LogError(errors.New("Missing salt for user #" + strconv.Itoa(uid) + ". Potential security breach."))
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
return 0, ErrSecretError
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
err = CheckPassword(realPassword, password, salt)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
if err == ErrMismatchedHashAndPassword {
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
return 0, ErrWrongPassword
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
} else if err != nil {
LogError(err)
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
return 0, ErrSecretError
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
return uid, nil
}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
// ForceLogout logs the user out of every computer, not just the one they logged out of
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
func (auth *DefaultAuth) ForceLogout(uid int) error {
_, err := auth.logout.Exec(uid)
if err != nil {
LogError(err)
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
return ErrSecretError
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
Removed the images for Cosmo from /images/, it's very saddening to see it go :( Moved Reload from the UserStore into the UserCache. Replaced many of the calls to Reload with CacheRemove. Simplified the error functions. Fixed a bug in the errors where they didn't have any CSS. Oops. Added CustomErrorJS(), unused for now, but it may be useful in the future, especially for plugins. Fixed many problems in the themes. Added the Stick(), Unstick(), CreateActionReply(), Lock() and Unlock() methods to *Topic. Renamed ip-search.html to ip-search-results.html Added the Activate() and initPerms methods to *User. Tempra Cursive is hiding from sight for this one commit. Added Font Awesome to /public/, it isn't used yet.
2017-09-22 02:21:17 +00:00
// Flush the user out of the cache
Added the AboutSegment feature, you can see this in use on Cosora, it's a little raw right now, but I'm planning to polish it in the next commit. Refactored the code to use switches instead of if blocks in some places. Refactored the Dashboard to make it easier to add icons to it like I did with Cosora. You can now use maps in transpiled templates. Made progress on Cosora's footer. Swapped out the ThemeName property in the HeaderVars struct for a more general and flexible Theme property. Added the colstack CSS class to make it easier to style the layouts for the Control Panel and profile. Renamed the FStore variable to Forums. Renamed the Fpstore variable to FPStore. Renamed the Gstore variable to Groups. Split the MemoryTopicStore into DefaultTopicStore and MemoryTopicCache. Split the MemoryUserStore into DefaultUserStore and MemoryUserCache. Removed the NullUserStore, SQLUserStore, and SQLTopicStore. Added the NullTopicCache and NullUserCache. Moved the Reload method out of the TopicCache interface and into the TopicStore one. Moved the Reload method out of the UserCache interface and into the UserStore one. Added the SetCache and GetCache methods to the TopicStore and UserStore. Added the BypassGetAll method to the WordFilterMap type. Renamed routePanelSetting to routePanelSettingEdit. Renamed routePanelSettingEdit to routePanelSettingEditSubmit. Moved the page titles into the english language pack. Split main() into main and afterDBInit to avoid code duplication in general_test.go Added the ReqIsJson method so that we don't have to sniff the headers every time. Added the LogStore interface. Added the SQLModLogStore and the SQLAdminLogStore. Refactored the phrase system to use getPhrasePlaceholder instead of hard-coding the string to return in a bunch of functions. Removed a redundant rank check. Added the GuildStore to plugin_guilds. Added the about_segment_title and about_segment_body settings. Refactored the setting system to use predefined errors to make it easier for an upstream caller to filter out sensitive error messages as opposed to safe errors. Added the BypassGetAll method to the SettingMap type. Added the Update method to the SettingMap type. BulkGet is now exposed via the MemoryUserCache. Refactored more logs in the template transpiler to reduce the amount of indentation. Refactored the tests to take up fewer lines. Further improved the Cosora theme's colours, padding, and profiles. Added styling for the Control Panel Dashboard to the Cosora Theme. Reduced the amount of code duplication in the installer query generator and opened the door to certain types of auto-migrations. Refactored the Control Panel Dashboard to reduce the amount of code duplication. Refactored the modlog route to reduce the amount of code duplication and string concatenation.
2017-11-23 05:37:08 +00:00
ucache := Users.GetCache()
if ucache != nil {
ucache.Remove(uid)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
return nil
}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
// Logout logs you out of the computer you requested the logout for, but not the other computers you're logged in with
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
func (auth *DefaultAuth) Logout(w http.ResponseWriter, _ int) {
Alerts are now rendered via a client side transpiled template rather than being hard-coded. Tweaked some bits to make them more 32-bit friendly for GopherJS, but this might not be necessary now. Added notice.html Added an alerts package to fix the import cycles, more things may be moved here soon. Saved a few lines of accumulator code in a few stores. Moved the AccountEditCriticalSubmit, AccountEditAvatar, AccountEditAvatarSubmit, AccountEditUsername, and AccountEditUsernameSubmit routes into the routes package. Added a QueryRow method to AccSelectBuilder. Tweaked the indentation in the generated templates. Simplified the template render in the AccountEditUsernameSubmit route into a redirect back to the previous page. Run the update script / patcher to replace the route names in the viewchunks table.
2018-05-14 08:56:56 +00:00
cookie := http.Cookie{Name: "uid", Value: "", Path: "/", MaxAge: int(Year)}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
http.SetCookie(w, &cookie)
Alerts are now rendered via a client side transpiled template rather than being hard-coded. Tweaked some bits to make them more 32-bit friendly for GopherJS, but this might not be necessary now. Added notice.html Added an alerts package to fix the import cycles, more things may be moved here soon. Saved a few lines of accumulator code in a few stores. Moved the AccountEditCriticalSubmit, AccountEditAvatar, AccountEditAvatarSubmit, AccountEditUsername, and AccountEditUsernameSubmit routes into the routes package. Added a QueryRow method to AccSelectBuilder. Tweaked the indentation in the generated templates. Simplified the template render in the AccountEditUsernameSubmit route into a redirect back to the previous page. Run the update script / patcher to replace the route names in the viewchunks table.
2018-05-14 08:56:56 +00:00
cookie = http.Cookie{Name: "session", Value: "", Path: "/", MaxAge: int(Year)}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
http.SetCookie(w, &cookie)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
Add a per-user theme switcher. The CSS might be slightly broken in the themes, that'll be fixed in a follow-up commit. Added basic support for server sync. Re-added a few missing defers. Renamed TO-DO to TODO across the entire codebase. Renamed StaticForumStore to MemoryForumStore. The ForumStore is now built on a sync.Map with a view slice for generating /forums rather than a slice. Renamed many more functions and variables to satisfy the linter. increase_post_user_stats() and decrease_post_user_stats() are now methods on the User struct. We also fix a bug where they take the moderator's score rather than the target user's into account when recalculating their level after a post / topic is deleted. Transitioned the topic list to CSS Grid for Tempra Simple, with a float fallback. Cosmo and Cosmo Conflux are now hidden from the theme list. Fixed more data races. Added more debug data to the template compiler logs.
2017-09-10 16:57:22 +00:00
// TODO: Set the cookie domain
Continued the work on Cosora. Trying to add support for Travis CI. Added the NullUserStore for tests. Moved more text out of the templates. Removed an unnecessary dependency for Cosora. Fixed a few more bugs in the MSSQL Adapter. Disabled upserts for now, as it isn't working on MySQL. Refactored the scheduled group logic to reduce the number of potential bugs and to stop using upserts. Fixed many bugs in the Markdown Plugin. Added the ability to escape Markdown. Fixed a number of tests, commented unneccesary ones, and added new ones to probe for new problems. Added the wink smiley. Cleaned up some of the JavaScript. Refactored the permissions logic to use transactions and avoid duplicating logic. Added the ChangeRank method to the Group struct. Added the ChangeGroup method to the User struct. Added the currently unused LogWarning function. Added the transaction versions of the builder methods. Better ones coming up soon! The IsBanned flag is always set to false on mod and admin groups now. Refactored the group creation logic to use transactions. Fixed a bug in the group creator where new groups aren't visible to Exists(). The installer now drops tables for MySQL Databases, if they already exist to make it easier for us to run automated tests. Added more ARIA Attributes.
2017-10-21 00:27:47 +00:00
// SetCookies sets the two cookies required for the current user to be recognised as a specific user in future requests
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
func (auth *DefaultAuth) SetCookies(w http.ResponseWriter, uid int, session string) {
Alerts are now rendered via a client side transpiled template rather than being hard-coded. Tweaked some bits to make them more 32-bit friendly for GopherJS, but this might not be necessary now. Added notice.html Added an alerts package to fix the import cycles, more things may be moved here soon. Saved a few lines of accumulator code in a few stores. Moved the AccountEditCriticalSubmit, AccountEditAvatar, AccountEditAvatarSubmit, AccountEditUsername, and AccountEditUsernameSubmit routes into the routes package. Added a QueryRow method to AccSelectBuilder. Tweaked the indentation in the generated templates. Simplified the template render in the AccountEditUsernameSubmit route into a redirect back to the previous page. Run the update script / patcher to replace the route names in the viewchunks table.
2018-05-14 08:56:56 +00:00
cookie := http.Cookie{Name: "uid", Value: strconv.Itoa(uid), Path: "/", MaxAge: int(Year)}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
http.SetCookie(w, &cookie)
Alerts are now rendered via a client side transpiled template rather than being hard-coded. Tweaked some bits to make them more 32-bit friendly for GopherJS, but this might not be necessary now. Added notice.html Added an alerts package to fix the import cycles, more things may be moved here soon. Saved a few lines of accumulator code in a few stores. Moved the AccountEditCriticalSubmit, AccountEditAvatar, AccountEditAvatarSubmit, AccountEditUsername, and AccountEditUsernameSubmit routes into the routes package. Added a QueryRow method to AccSelectBuilder. Tweaked the indentation in the generated templates. Simplified the template render in the AccountEditUsernameSubmit route into a redirect back to the previous page. Run the update script / patcher to replace the route names in the viewchunks table.
2018-05-14 08:56:56 +00:00
cookie = http.Cookie{Name: "session", Value: session, Path: "/", MaxAge: int(Year)}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
http.SetCookie(w, &cookie)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
}
Added Quick Topic. Added Attachments. Added Attachment Media Embeds. Renamed a load of *Store and *Cache methods to reduce the amount of unneccesary typing. Added petabytes as a unit and cleaned up a few of the friendly units. Refactored the username change logic to make it easier to maintain. Refactored the avatar change logic to make it easier to maintain. Shadow now uses CSS Variables for most of it's colours. We have plans to transpile this to support older browsers later on! Snuck some CSS Variables into Tempra Conflux. Added the GroupCache interface to MemoryGroupStore. Added the Length method to MemoryGroupStore. Added support for a site short name. Added the UploadFiles permission. Renamed more functions. Fixed the background for the left gutter on the postbit for Tempra Simple and Shadow. Added support for if statements operating on int8, int16, int32, int32, int64, uint, uint8, uint16, uint32, uint64, float32, and float64 for the template compiler. Added support for if statements operating on slices and maps for the template compiler. Fixed a security exploit in reply editing. Fixed a bug in the URL detector in the parser where it couldn't find URLs with non-standard ports. Fixed buttons having blue outlines on focus on Shadow. Refactored the topic creation logic to make it easier to maintain. Made a few responsive fixes, but there's still more to do in the following commits!
2017-10-05 10:20:28 +00:00
// GetCookies fetches the current user's session cookies
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
func (auth *DefaultAuth) GetCookies(r *http.Request) (uid int, session string, err error) {
// Are there any session cookies..?
cookie, err := r.Cookie("uid")
if err != nil {
return 0, "", err
}
uid, err = strconv.Atoi(cookie.Value)
if err != nil {
return 0, "", err
}
cookie, err = r.Cookie("session")
if err != nil {
return 0, "", err
}
return uid, cookie.Value, err
}
Added Quick Topic. Added Attachments. Added Attachment Media Embeds. Renamed a load of *Store and *Cache methods to reduce the amount of unneccesary typing. Added petabytes as a unit and cleaned up a few of the friendly units. Refactored the username change logic to make it easier to maintain. Refactored the avatar change logic to make it easier to maintain. Shadow now uses CSS Variables for most of it's colours. We have plans to transpile this to support older browsers later on! Snuck some CSS Variables into Tempra Conflux. Added the GroupCache interface to MemoryGroupStore. Added the Length method to MemoryGroupStore. Added support for a site short name. Added the UploadFiles permission. Renamed more functions. Fixed the background for the left gutter on the postbit for Tempra Simple and Shadow. Added support for if statements operating on int8, int16, int32, int32, int64, uint, uint8, uint16, uint32, uint64, float32, and float64 for the template compiler. Added support for if statements operating on slices and maps for the template compiler. Fixed a security exploit in reply editing. Fixed a bug in the URL detector in the parser where it couldn't find URLs with non-standard ports. Fixed buttons having blue outlines on focus on Shadow. Refactored the topic creation logic to make it easier to maintain. Made a few responsive fixes, but there's still more to do in the following commits!
2017-10-05 10:20:28 +00:00
// SessionCheck checks if a user has session cookies and whether they're valid
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
func (auth *DefaultAuth) SessionCheck(w http.ResponseWriter, r *http.Request) (user *User, halt bool) {
uid, session, err := auth.GetCookies(r)
if err != nil {
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
return &GuestUser, false
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
}
// Is this session valid..?
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
user, err = Users.Get(uid)
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
if err == ErrNoRows {
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
return &GuestUser, false
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
} else if err != nil {
More work on Cosora, we have a screenshot of it up now, although it's super experimental at the moment. This commit might be a little broken, another is coming to fix things up! The topics list is now paginated. Refactored the error handling system. Added the Trumboyg WYSIWYG editor for Cosora. Moved Delete() out of the TopicStore and into *Topic You can now bulk delete and bulk lock topics on Cosora. h1s are now formatted properly on Firefox. Added more ARIA Labels. SuperModOnly is now a piece of middleware for the Control Panel routes. Refactored and extended the router generator. Improved the SEO for the paginators. Added bits of Microdata to improve SEO further. Wrote benchmarks for users.Get() and users.BypassGet() More errors are caught now. You can now attach pcss files to posts. Improved the error logging for JavaScript. Topic list avatars now link to the associated profiles. Added last poster avatars to the forum list.
2017-10-30 09:57:08 +00:00
InternalError(err, w, r)
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
return &GuestUser, true
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
}
if user.Session == "" || session != user.Session {
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
return &GuestUser, false
Added the Social Groups plugin. This is still under construction. Made a few improvements to the ForumStore, including bringing it's API closer in line with the other datastores, adding stubs for future subforum functionality, and improving efficiency in a few places. The auth interface now handles all the authentication stuff. Renamed the debug config variable to debug_mode. Added the PluginPerms API. Internal Errors will now dump the stack trace in the console. Added support for installable plugins. Refactored the routing logic so that the router now handles the common PreRoute logic(exc. /static/) Added the CreateTable method to the query generator. It might need some tweaking to better support other database systems. Added the same CreateTable method to the query builder. Began work on PostgreSQL support. Added the string-string hook type Added the pre_render hook type. Added the ParentID and ParentType fields to forums. Added the get_forum_url_prefix function. Added a more generic build_slug function. Added the get_topic_url_prefix function. Added the override_perms and override_forum_perms functions for bulk setting and unsetting permissions. Added more ExtData fields in a few structs and removed them on the Perms struct as the PluginPerms API supersedes them there. Plugins can now see the router instance. The plugin initialisation handlers can now throw errors. Plugins are now initialised after all the forum's subsystems are. Refactored the unit test logic. For instance, we now use the proper .Log method rather than fmt.Println in many cases. Sorry, we'll have to break Github's generated file detection, as the build instructions aren't working, unless I put them at the top, and they're far, far more important than getting Github to recognise the generated code as generated code. Fixed an issue with mysql.go's _init_database() overwriting the dbpassword variable. Not a huge issue, but it is a "gotcha" for those not expecting a ':' at the start. Fixed an issue with forum creation where the forum permissions didn't get cached. Fixed a bug in plugin_bbcode where negative numbers in rand would crash Gosora. Made the outputs of plugin_markdown and plugin_bbcode more compliant with the tests. Revamped the phrase system to make it easier for us to add language pack related features in the future. Added the WidgetMenu widget type. Revamped the theme again. I'm experimenting to see which approach I like most. - Excuse the little W3C rage. Some things about CSS drive me crazy :p Tests: Added 22 bbcode_full_parse tests. Added 19 bbcode_regex_parse tests. Added 27 markdown_parse tests. Added four UserStore tests. More to come when the test database functionality is added. Added 18 name_to_slug tests. Hooks: Added the pre_render hook. Added the pre_render_forum_list hook. Added the pre_render_view_forum hook. Added the pre_render_topic_list hook. Added the pre_render_view_topic hook. Added the pre_render_profile hook. Added the pre_render_custom_page hook. Added the pre_render_overview hook. Added the pre_render_create_topic hook. Added the pre_render_account_own_edit_critical hook. Added the pre_render_account_own_edit_avatar hook. Added the pre_render_account_own_edit_username hook. Added the pre_render_account_own_edit_email hook. Added the pre_render_login hook. Added the pre_render_register hook. Added the pre_render_ban hook. Added the pre_render_panel_dashboard hook. Added the pre_render_panel_forums hook. Added the pre_render_panel_delete_forum hook. Added the pre_render_panel_edit_forum hook. Added the pre_render_panel_settings hook. Added the pre_render_panel_setting hook. Added the pre_render_panel_plugins hook. Added the pre_render_panel_users hook. Added the pre_render_panel_edit_user hook. Added the pre_render_panel_groups hook. Added the pre_render_panel_edit_group hook. Added the pre_render_panel_edit_group_perms hook. Added the pre_render_panel_themes hook. Added the pre_render_panel_mod_log hook. Added the pre_render_error hook. Added the pre_render_security_error hook. Added the create_group_preappend hook. Added the intercept_build_widgets hook. Added the simple_forum_check_pre_perms hook. Added the forum_check_pre_perms hook.
2017-07-09 12:06:04 +00:00
}
return user, false
}
Added Quick Topic. Added Attachments. Added Attachment Media Embeds. Renamed a load of *Store and *Cache methods to reduce the amount of unneccesary typing. Added petabytes as a unit and cleaned up a few of the friendly units. Refactored the username change logic to make it easier to maintain. Refactored the avatar change logic to make it easier to maintain. Shadow now uses CSS Variables for most of it's colours. We have plans to transpile this to support older browsers later on! Snuck some CSS Variables into Tempra Conflux. Added the GroupCache interface to MemoryGroupStore. Added the Length method to MemoryGroupStore. Added support for a site short name. Added the UploadFiles permission. Renamed more functions. Fixed the background for the left gutter on the postbit for Tempra Simple and Shadow. Added support for if statements operating on int8, int16, int32, int32, int64, uint, uint8, uint16, uint32, uint64, float32, and float64 for the template compiler. Added support for if statements operating on slices and maps for the template compiler. Fixed a security exploit in reply editing. Fixed a bug in the URL detector in the parser where it couldn't find URLs with non-standard ports. Fixed buttons having blue outlines on focus on Shadow. Refactored the topic creation logic to make it easier to maintain. Made a few responsive fixes, but there's still more to do in the following commits!
2017-10-05 10:20:28 +00:00
// CreateSession generates a new session to allow a remote client to stay logged in as a specific user
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
func (auth *DefaultAuth) CreateSession(uid int) (session string, err error) {
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
session, err = GenerateSafeString(SessionLength)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
if err != nil {
return "", err
}
Finished moving the files into the subpackage, this should open more doors to us. Moved more queries out of the global stmt holder. Refactored several things.
2017-11-11 04:06:16 +00:00
_, err = auth.updateSession.Exec(session, uid)
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
if err != nil {
return "", err
}
Removed the images for Cosmo from /images/, it's very saddening to see it go :( Moved Reload from the UserStore into the UserCache. Replaced many of the calls to Reload with CacheRemove. Simplified the error functions. Fixed a bug in the errors where they didn't have any CSS. Oops. Added CustomErrorJS(), unused for now, but it may be useful in the future, especially for plugins. Fixed many problems in the themes. Added the Stick(), Unstick(), CreateActionReply(), Lock() and Unlock() methods to *Topic. Renamed ip-search.html to ip-search-results.html Added the Activate() and initPerms methods to *User. Tempra Cursive is hiding from sight for this one commit. Added Font Awesome to /public/, it isn't used yet.
2017-09-22 02:21:17 +00:00
// Flush the user data from the cache
Added the AboutSegment feature, you can see this in use on Cosora, it's a little raw right now, but I'm planning to polish it in the next commit. Refactored the code to use switches instead of if blocks in some places. Refactored the Dashboard to make it easier to add icons to it like I did with Cosora. You can now use maps in transpiled templates. Made progress on Cosora's footer. Swapped out the ThemeName property in the HeaderVars struct for a more general and flexible Theme property. Added the colstack CSS class to make it easier to style the layouts for the Control Panel and profile. Renamed the FStore variable to Forums. Renamed the Fpstore variable to FPStore. Renamed the Gstore variable to Groups. Split the MemoryTopicStore into DefaultTopicStore and MemoryTopicCache. Split the MemoryUserStore into DefaultUserStore and MemoryUserCache. Removed the NullUserStore, SQLUserStore, and SQLTopicStore. Added the NullTopicCache and NullUserCache. Moved the Reload method out of the TopicCache interface and into the TopicStore one. Moved the Reload method out of the UserCache interface and into the UserStore one. Added the SetCache and GetCache methods to the TopicStore and UserStore. Added the BypassGetAll method to the WordFilterMap type. Renamed routePanelSetting to routePanelSettingEdit. Renamed routePanelSettingEdit to routePanelSettingEditSubmit. Moved the page titles into the english language pack. Split main() into main and afterDBInit to avoid code duplication in general_test.go Added the ReqIsJson method so that we don't have to sniff the headers every time. Added the LogStore interface. Added the SQLModLogStore and the SQLAdminLogStore. Refactored the phrase system to use getPhrasePlaceholder instead of hard-coding the string to return in a bunch of functions. Removed a redundant rank check. Added the GuildStore to plugin_guilds. Added the about_segment_title and about_segment_body settings. Refactored the setting system to use predefined errors to make it easier for an upstream caller to filter out sensitive error messages as opposed to safe errors. Added the BypassGetAll method to the SettingMap type. Added the Update method to the SettingMap type. BulkGet is now exposed via the MemoryUserCache. Refactored more logs in the template transpiler to reduce the amount of indentation. Refactored the tests to take up fewer lines. Further improved the Cosora theme's colours, padding, and profiles. Added styling for the Control Panel Dashboard to the Cosora Theme. Reduced the amount of code duplication in the installer query generator and opened the door to certain types of auto-migrations. Refactored the Control Panel Dashboard to reduce the amount of code duplication. Refactored the modlog route to reduce the amount of code duplication and string concatenation.
2017-11-23 05:37:08 +00:00
ucache := Users.GetCache()
if ucache != nil {
ucache.Remove(uid)
Removed the images for Cosmo from /images/, it's very saddening to see it go :( Moved Reload from the UserStore into the UserCache. Replaced many of the calls to Reload with CacheRemove. Simplified the error functions. Fixed a bug in the errors where they didn't have any CSS. Oops. Added CustomErrorJS(), unused for now, but it may be useful in the future, especially for plugins. Fixed many problems in the themes. Added the Stick(), Unstick(), CreateActionReply(), Lock() and Unlock() methods to *Topic. Renamed ip-search.html to ip-search-results.html Added the Activate() and initPerms methods to *User. Tempra Cursive is hiding from sight for this one commit. Added Font Awesome to /public/, it isn't used yet.
2017-09-22 02:21:17 +00:00
}
Static CSS files are now processed by the template system. This will be most likely be superseded by a more sophisticated system in the future. Added the authentication interface and associated struct to better organise / escapsulate the authentication logic. Added the LogError function. We'll put together a custom logger at some point which will supersede this. Reorganised things a little. Moved two queries into the query generator and inlined four with the query builder. Added SimpleInsertLeftJoin to the query generator. Added SimpleInsertSelect, SimpleInsertLeftJoin, and SimpleInsertInnerJoin to the query builder. Removed the undocumented password reset mechanism for security reasons. We have a proper interface for this in the control panel. Made one of the template compiler errors less cryptic. Fixed the CSS on widget_simple. Fixed a glitch in the weak password detector regarding unique character detection. Moved the responsive CSS in media.partial.css for Tempra Conflux, and Tempra Simple. Added the CreateUser method to the UserStore. Users are no longer logged out on all devices when logging out. Took the first step towards SEO URLs.
2017-06-25 09:56:39 +00:00
return session, nil
}
UNSTABLE: Began work on the Nox Theme. Removed the Tempra Cursive Theme. You can now do bulk moderation actions with Shadow. Added: Argon2 as a dependency. The EmailStore. The ReportStore. The Copy method to *Setting. The AddColumn method to the query builder and adapters. The textarea setting type. More logging to better debug issues. The GetOffset method to the UserStore. Removed: Sortable from Code Climate's Analysis. MemberCheck and memberCheck as they're obsolete now. The obsolete url_tags setting. The BcryptGeneratePasswordNoSalt function. Some redundant fields from some of the page structs. Revamped: The Control Panel Setting List and Editor. Refactored: The password hashing logic to make it more amenable to multiple hashing algorithms. The email portion of the Account Manager. The Control Panel User List. The report system. simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing. Fixed: Missing slugs in the profile links in the User Manager. A few template initialisers potentially reducing the number of odd template edge cases. Some problems with the footer. Custom selection colour not applying to images on Shadow. The avatars of the bottom row of the topic list on Conflux leaking out. Other: Moved the startTime variable into package common and exported it. Moved the password hashing logic from user.go to auth.go Split common/themes.go into common/theme.go and common/theme_list.go Replaced the SettingLabels phrase category with the more generic SettingPhrases category. Moved a load of routes, including panel ones into the routes and panel packages. Hid the notifications link from the Account Menu. Moved more inline CSS into the CSS files and made things a little more flexible here and there. Continued work on PgSQL, still a ways away. Guests now have a default avatar like everyone else. Tweaked some of the font sizes on Cosora to make the text look a little nicer. Partially implemented the theme dock override logic. Partially implemented a "symlink" like feature for theme directories. ... And a bunch of other things I might have missed. You will need to run this update script / patcher for this commit. Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 09:36:35 +00:00
func CheckPassword(realPassword string, password string, salt string) (err error) {
blasted := strings.Split(realPassword, "$")
prefix := blasted[0]
if len(blasted) > 1 {
prefix += blasted[1]
}
algo, ok := HashPrefixes[prefix]
if !ok {
return ErrHashNotExist
}
checker := CheckPasswordFuncs[algo]
return checker(realPassword, password, salt)
}
func GeneratePassword(password string) (hash string, salt string, err error) {
gen, ok := GeneratePasswordFuncs[DefaultHashAlgo]
if !ok {
return "", "", ErrHashNotExist
}
return gen(password)
}
func BcryptCheckPassword(realPassword string, password string, salt string) (err error) {
return bcrypt.CompareHashAndPassword([]byte(realPassword), []byte(password+salt))
}
// Note: The salt is in the hash, therefore the salt parameter is blank
func BcryptGeneratePassword(password string) (hash string, salt string, err error) {
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
return "", "", err
}
return string(hashedPassword), salt, nil
}
/*const (
argon2Time uint32 = 3
argon2Memory uint32 = 32 * 1024
argon2Threads uint8 = 4
argon2KeyLen uint32 = 32
)
func Argon2CheckPassword(realPassword string, password string, salt string) (err error) {
split := strings.Split(realPassword, "$")
// TODO: Better validation
if len(split) < 5 {
return ErrTooFewHashParams
}
realKey, _ := base64.StdEncoding.DecodeString(split[len(split)-1])
time, _ := strconv.Atoi(split[1])
memory, _ := strconv.Atoi(split[2])
threads, _ := strconv.Atoi(split[3])
keyLen, _ := strconv.Atoi(split[4])
key := argon2.Key([]byte(password), []byte(salt), uint32(time), uint32(memory), uint8(threads), uint32(keyLen))
if subtle.ConstantTimeCompare(realKey, key) != 1 {
return ErrMismatchedHashAndPassword
}
return nil
}
func Argon2GeneratePassword(password string) (hash string, salt string, err error) {
sbytes := make([]byte, SaltLength)
_, err = rand.Read(sbytes)
if err != nil {
return "", "", err
}
key := argon2.Key([]byte(password), sbytes, argon2Time, argon2Memory, argon2Threads, argon2KeyLen)
hash = base64.StdEncoding.EncodeToString(key)
return fmt.Sprintf("argon2$%d%d%d%d%s%s", argon2Time, argon2Memory, argon2Threads, argon2KeyLen, salt, hash), string(sbytes), nil
}
*/