summaryrefslogtreecommitdiff
path: root/lib/VNDB/Handler/Users.pm
AgeCommit message (Collapse)AuthorFilesLines
2019-10-30v2rw: Convert /u+/postsYorhel1-69/+0
Simple conversion, no real changes other than that the new version has full pagination.
2019-10-14v2rw: Convert user listingYorhel1-78/+1
2019-10-14Delete the user deletion featureYorhel1-44/+0
It's rather much code just to run a single SQL statement that I almost never need. Incidentally, the feature was also broken because the DELETE permission wasn't granted in perms.sql.
2019-10-12v2rw: Convert user notifications interface (/u+/notifies)Yorhel1-151/+0
2019-10-10rewards: Honor public custom css/skinYorhel1-2/+2
2019-10-10rewards: Apply supporters badge and unicode name (almost) everywhereYorhel1-8/+7
Only place where this isn't applied (yet?): Sorting user lists still goes by the old username and board names don't use the new unicode names. I have to say, I quite like the sql_user() and user_() pattern. It's not without problems when applied to everything, but it's good enough for several use cases.
2019-10-04v2rw: Convert user pagesYorhel1-117/+0
Pretty simple conversion, not much special. Did change a few minor display thingies to be more consistent.
2019-10-03SQL: Get rid of the users_prefs table, store preferences in users tableYorhel1-7/+6
This bloats the users table a little bit, but that's fine. The main advantage of this change is that we now have a proper schema for user preferences, rather than the schemaless key-value mess we had before. This commit also splits the 'tags_cat' preference up into tags_cont, tags_ero and tags_tech bools, as that's more compact to store and easier to work with. This commit also changes the 'notify_nodbedit' preference to 'notify_dbedit' with inverted meaning. The reason the value was negated in the first place was because the old schemaless approach did not support positive defaults.
2019-10-02v2rw: Convert user preferences formYorhel1-129/+0
And add a small 'formField' function to shrink the Elm form generation code a bit.
2019-10-01v2rw: Convert registration, account activation and password resetYorhel1-220/+0
This is largely copy-paste from v3.
2019-09-30v2rw: Convert login, logout & insecure-password-change formsYorhel1-59/+2
The insecure-password-change flow is now slightly more friendly. The logout functionality has been hardened to use POST and require CSRF.
2019-09-18v2rw: Convert authentication code to VNWeb::AuthYorhel1-9/+9
More churn! Also converted v3 to use VNWeb::Auth, considering the API is pretty much the same. Converted VNWeb::* to use VNDB::Config directly rather than read from tuwf->{}, converted VNWeb::HTML to use VNWeb::Auth, and updated util/vndb.pl with the new code style. I tested as much as I could, but I'm sure I broke something.
2019-09-11VNDB::Types: Convert vn_lengths, anime_types and tag_categoriesYorhel1-1/+2
2019-07-20Make account deletion a Yorhel-only actionYorhel1-1/+1
Not that I don't trust mods, but there's no accounting on this feature. Limiting it to myself is easier than adding logging.
2019-07-17Handler::Users: Improve "hide my list" checkbox descriptionYorhel1-2/+3
To mention that it also affects the API and database dumps. It's always been like this and was already mentioned in the privacy policy, this just makes it more explicit.
2019-05-30Improve weak-password messageYorhel1-3/+3
2019-05-16Add password dictionary checkYorhel1-13/+52
This affects the following: - API login with a weak password is disallowed, affected users will have to change their password through the website to continue using the API. - Registration, password reset or password change forms require the new password to not be in the dictionary. - Attempting to log in to the website with a weak password will force-redirect to a password change form, allowing a new password to be set (using the weak-but-still-valid password as check).
2019-05-15Loosen restrictions on passwords a bitYorhel1-6/+6
Maximum length increased from 64 to 500 characters, and all Unicode characters are now allowed.
2016-11-27SQL: Use separate role for the website + disallow access to user dataYorhel1-32/+35
Previously the website was connected to the database with a "database owner" user, which has far too many permissions. Now there's a special vndb_site user with only the necessary permissions. The primary reason to do this is to decrease the impact if the site process is compromised. E.g. it's now no longer possible to delete or modify old entry revisions. An attacker can still do a lot of damage, however. Additionally (and this was the main reason to implement this change in the first place), the user sessions, passwords and email data is now not easily accessible anymore. Hopefully, the new user management abstractions will prevent email and password dumps in case of an SQL injection or RCE vulnerability in the site code. Of course, this only works if my implementation is fully correct and there's no privilige escalation vulnerability somewhere. Furthermore, changing your password now invalidates any existing sessions, and the password reset function is disabled for 'usermods' (because usermods can list email addresses from the database, and the password reset function could still allow an attacker to gain access to anyone's account). I also changed the format of the password reset tokens, as they totally don't need to be salted.
2016-01-23L10N: Intern all VNDB::Handler::* stuffYorhel1-119/+161
Most of these replacements were automated. This ended up being less work than I had anticipated. I also fixed a few minor bugs along the way, but probably introduced more than I fixed.
2016-01-20L10N: Intern all VNDB::Util::* stuffYorhel1-9/+13
With some related edits in other parts of the code, mostly due to interface changes to htmlRevision() and htmlFormError(). Trivial replacements were automated by a super awesome script.
2016-01-19Move some VNDB::L10N stuff to VNDB::Func + intern VNDB::FuncYorhel1-4/+4
2016-01-17Use Tie::IxHash for some global.pl listsYorhel1-1/+1
This removes the reliance on sort() to provide meaningful ordering (the keys aren't always good for ordering) and removes the 'order' hack used for (vn|prod)_relations.
2016-01-17L10N: Intern tag_cats/voiced/animated/*_statusYorhel1-1/+2
2016-01-10Require current password on /u+/edit + only hash password once on /u+/setpassYorhel1-1/+9
2015-10-28Handler::Users: Don't hide list stats from own user or usermodsYorhel1-3/+4
2015-10-21Improve SQL in dbRevisionGet()Yorhel1-1/+1
Two main improvements: - Filtering on (non)hidden items now doesn't join any of the item tables, instead it looks up the latest revision from the changes table itself, using the index on (type,itemid,rev). It's still not super fast, but a pretty large improvement nonetheless. - The item titles/names are obtained in a separate query. I tried to modify the main query in various ways, but couldn't make it as fast as I'd have liked. I also removed the 'what' flag while I was at it, all uses of the method request all information anyway.
2015-09-20Update usage kv_validate() to upcoming TUWF 1.0Yorhel1-18/+16
And added new 'page' and 'id' templates for more strict validation.
2015-08-08Hide sexual traits by default + Add profile option to change defaultYorhel1-2/+4
2015-07-21Add profile option for the default spoiler settingYorhel1-4/+5
This fixes the unexpected behaviour that changing the spoiler setting on one page will change it for all pages. All manual spoiler changing options are temporary now.
2015-07-21Add profile option for default visible tag categories on VN pagesYorhel1-0/+7
The name of the profile setting isn't very clear. Not sure what to do with it.
2015-07-21Add profile option to show or summarize tags on VN pages by defaultYorhel1-2/+4
2015-07-19Remove reliance on Referer header for the login formYorhel1-3/+3
2014-12-01Replace some 'onclick' attributes with JS-generated eventsYorhel1-2/+2
I think this was the last piece of inline JS.
2014-10-21Use TUWF's reqBaseURI() instead of $self->{uri} on site linksYorhel1-3/+4
TUWF properly detects HTTPS and includes this in the returned URL, so this change ensures that all URLs adopt properly to HTTP and HTTPS.
2014-10-15Use scrypt for new password hashesYorhel1-6/+2
I increased the N parameter to approximate about 500ms to generate the hash. This is quite a paranoid setting for a website, but login attempts are throttled so there's not much of a DoS factor. (Alright, password changing feature isn't throttled so the DoS factor still exists. But really, there's some pages with longer page generation times anyway.) I did lower the size of the salt a bit (Crypt::ScryptKDF uses 256 bits by default), because 64 bits of randomness should have low enough chance of collision with only ~100k users (even with a million users, seriously).
2014-10-15SQL: Merge users.(passwd|salt) in one column + document valuesYorhel1-6/+8
It doesn't make a whole lot to separate the hashed password and the salt from each other, you need both to do anything with them, and from the database perspective they're both completely opaque strings only usable for direct comparison with other hashed strings. This change is mostly as preparation for switching to a proper key derivation function (sha256 isn't...) and to add support for longer and/or binary salt. Because the passwd field now needs to be interpreted in Perl, it's being passed around as a binary string rather than a hex-encoded value. API login is broken in this commit. I'll get to that.
2014-10-09Handler::Users: Properly select current skin in user edit formYorhel1-2/+4
This used to work fine before the AIR skin was added, because Angelic Serenade used to be the first in the list.
2014-08-29API: Make sure to honor the new login throttleYorhel1-2/+2
2014-08-29Throttle failed login attempts (10/day)Yorhel1-2/+19
2014-08-29Strengthen formcode for non-logged-in visitors + CSRF protect login formYorhel1-0/+1
formcode is strengthened by including the IP (-prefix) into the hash, ensuring that the code can't be obtained by someone on a different network. I also removed the login form of every page. Felt kinda pointless.
2013-04-17Fix form validation bug on /u*/posts + disallow space in email fieldYorhel1-0/+1
2013-03-09Allow only one account registration per /48 IPv6 block per dayYorhel1-1/+5
I think this is the only thing necessary to add full IPv6 support to VNDB. It's not actually necessary, but without this modification it will become way too easy to flood the site with new accounts.
2012-01-25Handler::Users: Fix HTML generation bug in user notification listYorhel1-1/+1
2012-01-25Do most of the table striping in CSSYorhel1-12/+11
Using CSS3 selectors. This is a more elegant approach, and since browser support for CSS3 selectors isn't as crap as it used to be I can finally make use of them.
2012-01-10Allow one fractional digit for VN votesYorhel1-3/+3
The interface to set a non-integer vote isn't very nice, but at least it works. Or so I hope.
2012-01-07Handler::Users: Use |= instead of += to generate permissions on usereditYorhel1-1/+1
Fixes a bug when both 'charedit' and 'edit' are selected, in which case neither flag will be set.
2011-08-23Added email confirmation to registration processYorhel1-23/+28
2011-08-23Re-structured password recovery featureYorhel1-4/+42
Rather than setting an automatically password, reset the password and send an email with a secure token instead. The password can then be set again using this token. This doesn't really have an advantage at this point, just makes the interface and code more consistent when I update the registration code to do something similar.
2011-04-30Replaced user ranks with a permission systemYorhel1-6/+10
This is far more flexible.