Commit Graph

912 Commits

Author SHA1 Message Date
Eric Dubé
6fe126ad5a
Merge pull request #386 from HeyPuter/eric/socket-auth
fix(security): Move token for socket.io to request body
2024-05-16 18:02:12 -04:00
KernelDeimos
49b257ecff fix(security): Move token for socket.io to request body
Currently this commit breaks websocket events and needs to
be updated.
2024-05-16 17:58:44 -04:00
KernelDeimos
f042b095f1 Fix 8688gxkuj 2024-05-16 17:25:41 -04:00
KernelDeimos
b68873c5f4 Fix 8688grpf1 2024-05-16 12:48:57 -04:00
KernelDeimos
bee0e19eaf Fix 8688ggu00 2024-05-15 20:59:20 -04:00
Eric Dubé
f54657a569
Merge pull request #402 from HeyPuter/eric/email-lock
Add locking to save_account
2024-05-15 18:49:03 -04:00
Eric Dubé
1aa27084d0
Merge pull request #396 from AtkinsSJ/xterm-fix
fix(Terminal): Accept input from Chrome on Android
2024-05-15 18:24:02 -04:00
KernelDeimos
691c8f1436 Add locking to save_account 2024-05-15 18:22:54 -04:00
Eric Dubé
b72e5b7e02
Merge pull request #401 from HeyPuter/eric/service-patches
Allow patching services
2024-05-15 15:47:14 -04:00
KernelDeimos
c70e378973 Add error id for expired auth tokens 2024-05-15 15:42:00 -04:00
KernelDeimos
21444daefb Add jsdoc comments to registerService and patchService 2024-05-15 15:41:37 -04:00
KernelDeimos
2e0d7361cb Add method to patch services 2024-05-15 15:32:18 -04:00
Eric Dubé
6e0b6d84d2
Merge pull request #400 from AtkinsSJ/fix-apierror-includes
fix: Correct APIError imports
2024-05-15 13:51:04 -04:00
Eric Dubé
ec59abe3ae
Merge pull request #399 from AtkinsSJ/fix-db-scripts
fix: Add missing file extension to 0009_app-prefix-fix.sql in DB init
2024-05-15 13:45:30 -04:00
Sam Atkins
062e23b5c9 fix: Correct APIError imports
APIError is the only thing exported from its file, so we must not wrap
it in {}.
2024-05-15 17:47:15 +01:00
Sam Atkins
a8160a8cdc fix: Add missing file extension to 0009_app-prefix-fix.sql in DB init 2024-05-15 10:18:28 +01:00
KernelDeimos
0b093dd57e Revoke other sessions when password is changed 2024-05-14 19:40:57 -04:00
KernelDeimos
923d5878c3 Prevent enable of 2FA without configure 2024-05-14 17:33:14 -04:00
Eric Dubé
9c5849fbce
Merge pull request #397 from HeyPuter/eric/anti-csrf
Update for /logout
2024-05-14 14:08:35 -04:00
Sam Atkins
4ef3e53de3 fix(Terminal): Accept input from Chrome on Android
Xterm.js produces two kinds of events: onKey and onData. On a desktop,
these are effectively the same, but on mobile, IME inputs produce data
but not key presses. By listening to onData instead of onKey, we get
that input.

With some experimentation, I also found that we don't need the code to
handle enter, home, end, or Ctrl-Shift-V. All of these function as
expected without that code, so we can remove it and simplify this
further. :^)
2024-05-14 16:10:30 +01:00
Sam Atkins
2656b47640 chore: Update xterm
From version 5.4.0 onwards, xterm scopes its package names as
`@xterm/foo` instead of just `xterm-foo`.

We currently have a copy of xterm.css which we use instead of directly
including the one from the `@xterm/xterm` package, so I've updated the
contents of that too.
2024-05-14 16:10:30 +01:00
Sam Atkins
fafbc292ca Remove xterm dependency from Phoenix
This is used by Terminal, not Phoenix.
2024-05-14 16:10:30 +01:00
KernelDeimos
800aef1942 Implement anti-CSRF for logout 2024-05-13 20:40:27 -04:00
KernelDeimos
da7f73baa6 Add AntiCSRFService 2024-05-13 19:08:51 -04:00
KernelDeimos
afb9d866b5 fix: Fix phoenix app prefix and TokenService test 2024-05-13 18:17:39 -04:00
Eric Dubé
7dc5929cfd
Merge pull request #385 from HeyPuter/eric/dry-middleware
Add password requirement to: disable 2FA, change email
2024-05-13 16:38:59 -04:00
KernelDeimos
c2f1694107 Require password entry to disable 2FA 2024-05-13 16:00:07 -04:00
KernelDeimos
23215bd6f7 Move change_email/start to password-protected endpoint 2024-05-13 16:00:07 -04:00
KernelDeimos
1493cacb69 Add rate-limiting to new password change endpoint 2024-05-13 16:00:07 -04:00
KernelDeimos
9076fddc0d Add new password change endpoint 2024-05-13 16:00:07 -04:00
KernelDeimos
a89c9d59cf Add UserProtectedEndpointsService 2024-05-13 16:00:07 -04:00
KernelDeimos
15dec21118 doc(backend): Document the boot sequence
Now that the boot sequence is better formalized it may be documented.
2024-05-13 16:00:07 -04:00
KernelDeimos
d800b12569 refactor(backend): Trigger webserver events in webserver
We were triggering webserver events in Kernel. This change improves
adherence to separation-of-concerns and ensures event cascading is
working as expected. This also better formalizes the boot sequence.
2024-05-13 01:05:49 -04:00
Eric Dubé
89ac491120
Merge pull request #391 from AtkinsSJ/truncate-filename
refactor: Put truncate_filename() helper in its own file
2024-05-10 12:54:46 -04:00
Eric Dubé
981a0f08fe
Merge pull request #390 from AtkinsSJ/task-manager-components
refactor: Convert Task Manager to Components
2024-05-10 12:54:30 -04:00
Sam Atkins
e53bfe6b62 refactor: Put truncate_filename() helper in its own file
Every user previously set the max_length as window.TRUNCATE_LENGTH, so
I've moved that constant into the truncate_filename file and set it as
the default if max_length is not specified.
2024-05-10 17:46:09 +01:00
Sam Atkins
9bb4570126 Re-use existing Task Manager rows if possible instead of recreating them
Most of the time, we'll already have a TaskManagerRow for the given
process, so we can just update its properties.

Iterating the results from #iter_tasks means we also insert the rows in
the correct order, regardless of their previous order.
2024-05-10 17:41:13 +01:00
Sam Atkins
5b43358219 fix: Only run Component initialization functions once
If the Component gets removed from the DOM and then re-added, it already
has contents, and we don't need to create them again. It also has
already had on_ready called, so that doesn't need to happen again
either.

This fix stops Components duplicating their content elements and
listener callbacks whenever they're moved around the document.
2024-05-10 17:41:01 +01:00
Sam Atkins
cf605c8a38 refactor: Convert Task Manager to use Components
This currently behaves the same as it did before: It still recreates the
table contents every half a second. It should also look identical,
though it's possible I missed some small differences.

The component structure is:

TaskManagerTable
- Table
  - TaskManagerRow
  - TaskManagerRow
  - TaskManagerRow
  - ...

TaskManagerRow is implemented so that we can later move to modifying
them in place as the process tree changes, instead of having to replace
them all.

Otherwise, most of the code is just moved around, and not changed much.
2024-05-10 17:41:01 +01:00
Sam Atkins
e304f6fc3a Add ability to look up a process by its uuid 2024-05-10 17:38:00 +01:00
Sam Atkins
09cee986f2 Add a Table component, based on the TaskManager table
For now, this is quite basic. The main feature is the sticky header.
2024-05-10 17:38:00 +01:00
Eric Dubé
3992fe1a45
Merge pull request #384 from AtkinsSJ/progress-dialogs
refactor: Replace several existing progress dialogs with one configurable one
2024-05-10 12:25:32 -04:00
Eric Dubé
17e08cafce
Merge pull request #380 from AtkinsSJ/eslint-ci
Run ESLint on CI
2024-05-10 12:24:31 -04:00
Sam Atkins
7243ed718f
Merge pull request #388 from AtkinsSJ/no-docker-images-for-prs
ci: Stop producing Docker images for PRs
2024-05-10 09:39:31 +01:00
Sam Atkins
387cfd758f
Merge pull request #387 from ghostxbh/patch-1
fix: Eliminates duplicate translation keys
2024-05-10 09:31:52 +01:00
Sam Atkins
c75a0bd311 ci: Wrap Docker images name with quotes
Not sure if this is required, but my IDE was complaining about it.
2024-05-10 09:29:49 +01:00
Sam Atkins
18633dcd88 ci: Stop producing Docker images for PRs 2024-05-10 09:28:55 +01:00
ghostxbh
5800350b25
fix: Eliminates duplicate translation keys 2024-05-10 10:41:21 +08:00
KernelDeimos
cd2daa1910 Require email verification for contact form 2024-05-09 19:40:34 -04:00
KernelDeimos
8b6bbe003d fix(security) Disable 2FA configure if 2FA is enabled 2024-05-09 18:04:58 -04:00