summaryrefslogtreecommitdiff
path: root/lib/VNWeb/Auth.pm
AgeCommit message (Collapse)AuthorFilesLines
6 daysAPI fixes: reject delete_at logins/tokens + fix "get quote" commandYorhel1-2/+2
7 daysUser: Add self-service account deletion functionYorhel1-5/+7
Somewhat hacked together, should better integrate this feature with Auth.pm but the code is already annoying enough as it is. :(
2024-03-14SQL: Add improved email normalizationYorhel1-4/+4
Slightly helpful for account recovery scenarios when the user doesn't know their *exact* sign-up address, but that's not too common. This normalization should become more useful when I implement better opt-out functionality.
2023-09-21User: Patch all email address enumeration vectorsYorhel1-0/+6
This is IMO pretty user-hostile, but apparently there are people who care about preventing email address enumeration. Whatever.
2023-05-21JS/CSS: Rewrite login form + experiment with new form code & styleYorhel1-7/+4
Yak shaving at its finest. I was working on an edit form for the new franchises system, but then realized that the form JS and HTML kind of sucked and a completely new form isn't the best way to experiment with a new implementation. I also had some ideas to improve the user edit form, so decided to rewrite that first, but then realized it's better to lay down a smaller foundation before doing the complex stuff. So here we are, a completely useless rewrite of a tiny little login form. But I did improve error messages a bit while I was at it. There's still a bunch of unknowns regarding form implementations: to see if there's a more convenient way to set custom validations; to see if HTML5 validation works well with form tabs; to see if URL fragments can be used to select form tabs; mobile-friendly form layouts (should be easier with this new approach); dropdown search improvements, etc. The user edit form should prove a good testing ground for all of that.
2023-04-23TableOpts: More intuitive submit behavior + load defaults buttonYorhel1-0/+1
The save/load mechanism should also work on ulists, but that's quite a bunch of options: there's the global default, list owner's settings and visitor's settings, and that times 3 for vnlist, votes and wishlist. Meh.
2023-02-01Write TUWF log timestamp in UTC and more sensible formatYorhel1-1/+2
Using local time is a bad idea now that we have user timezone preferences implemented by changing the TZ variable.
2023-02-01Refactor: langpref -> titleprefs + use more strict schemaYorhel1-2/+1
This is in preparation for getting rid of the CREATE TEMPORARY VIEW commands in order to switch title preferences: https://dev.yorhel.nl/doc/vndbtitles The JSON storage approach ended up being quite as mess, too. Also "fixed" it so that selecting Chinese will automatically also select the scripts, if there's enough slots.
2023-01-17API2: Add listwrite permission & list management APIYorhel1-4/+5
2022-12-13Add timezone option to user preferencesYorhel1-1/+1
2022-12-13Use Perl built-in utf8 functions rather than "Encode" moduleYorhel1-2/+2
Same as TUWF commit 1a32e51a1156266ccb5257dc7f53dd3923cc7e67 Saves about 1MB on resident memory use, whooptiedoo. \o/ (Only fixed this for vndb.pl, Multi still has the Encode module loaded, w/e)
2022-12-03API2: Slightly better error responses + include CORS headers in errorsYorhel1-1/+1
Fixes #37.
2022-11-29API2: Implement token-based authentication + GET /authinfoYorhel1-6/+84
+ update filters and APIs to respect the 'listread' permission.
2022-11-19API2: Initial same-site-origin authentication supportYorhel1-7/+15
Not actually very useful yet, but I figured out how to handle authentication with CORS, both for requests originating from vndb.org (i.e. userscripts) and requests from other origins (which'll use an Authorization header, not yet implemented).
2022-10-08API2: Initial experimentsYorhel1-1/+2
It's looking pretty powerful and functional already.
2022-08-25Move loading custom CSS to separate request + increase maximum sizeYorhel1-1/+1
This reduces potential the attack surface of HTML inlining... I hope, and is also more efficient than including the users' CSS on every page.
2022-08-24Use libloc to add IP location information to the DBYorhel1-1/+1
This should save me considerable time in finding duplicate account voters.
2022-06-16Debloat users table my moving some columns to other tablesYorhel1-0/+1
This reduces the average row size from 145.7 to 101.4 bytes (including row headers). Probably not going to result in a noticeable performance difference, but the table is referenced pretty often while many columns are only ever read by direct id lookup. I could reduce the size even further, but that'll get into diminishing returns territory. This split makes it easier to add more preferences later on without having to worry about performance. Also improved user privacy a bit by moving the 'ip' field to a write-only column in users_shadow, and deleted the unused changes.ip column while I was at it.
2022-05-09Implement site-wide read-only modeYorhel1-1/+2
Somewhat surprising I haven't implemented this earlier, I'm sure it might have been useful during server migrations. Anyway, with my current plans for a postgres 14 upgrade I could significantly reduce full downtime by temporarily putting the site in read-only mode instead.
2022-02-10Add title language user preferenceYorhel1-0/+1
2021-12-15API: Add support for session tokensYorhel1-1/+1
2021-10-28Allow uppercase characters in usernamesYorhel1-1/+1
Usernames are now case-insensitive and name changes and new registrations are now checked for homograph attacks.
2021-07-30Add early test implementation of VN length votingYorhel1-1/+1
There's no way to list or aggregate the votes yet, and I'm not fully sure the data model is what it should be. Hence testing.
2021-07-28Users: remove "imgmod" permission flag, use "dbmod" for thatYorhel1-2/+2
2021-05-25SQL: Separate sensitive columns out of the users tableYorhel1-2/+3
This simplifies permissions management somewhat.
2021-03-01SQL: vndbid data type conversion for most DB entriesYorhel1-2/+2
I had wanted to split this up into multiple commits and roll out in stages, but couldn't really find a natural way to do so. There are several places that take a generic identifier and expect it to work the same for all entries they support, so changing one entry at a time wasn't going to be any easier. Only the tags & traits haven't been updated yet, I'll convert those later. While this is a major change and affects a lot of code, the individual changes are all pretty simple. I'm surprised how much code did not have to be updated at all. No doubt I've missed a few places, though, so this commit will almost certainly break something.
2021-02-20cleanup: Merge VNDBUtil into VNDB::FuncYorhel1-1/+1
Something I was planning to do in the v2rw rewrite. VNDB::Func used to be a module intended for use inside TUWF (i.e. the web backend) while VNDBUtil was for utility functions that could also be used outside of that. Now that the web backend has moved to the VNWeb::* namespace, the VNDB::Func module has taken over the role of VNDBUtil. Also updated the API code to make use of the 'imgurl' function, which is a nice additional cleanup.
2021-01-21Auth: Eagerly load and clean up preferences listYorhel1-25/+16
Every page load needs some preferences, so lazily loading the list is not a useful strategy. Removed some preferences that weren't referenced anymore or that were only used rarely. Removed prefSet(), that's easier to do with just an UPDATE.
2020-12-25Fix trying to get user id when logging during initializationYorhel1-1/+1
(We never log during initialization... yet)
2020-10-07notifications: Mark as read when opening page + delete when deleting ↵Yorhel1-0/+11
posts/reviews The mark as read functionality was already present in some form for threads, but is now made consistent among all notification types. This removes the need for the redirect from the notification listing. The deletion of notifications is intended to avoid pointless notifications, especially in case of spam.
2020-09-05Notifications: Add notifications for thread posts and review commentsYorhel1-1/+2
2020-08-07reviews: Add initial SQL schema + "review" permission flagYorhel1-1/+1
The boardmod flag will also determine the review moderation permissions.
2020-07-23Add new reporting featureYorhel1-0/+1
So that users can bring up problems to the moderators. Only used for forum posts for now, but I intend to extend it to other parts of the site as well.
2020-07-09User::Edit: Remove "show_nsfw" setting from profile + deprecate NSFW flagsYorhel1-1/+1
2020-05-26Make use of new tuwf->req() feature for session & view storageYorhel1-17/+12
Auto-wiping request-local storage is easier and more reliable than using hooks. (See TUWF commit 7cc84ca99b1d93f7f08cc95e9a776f1926e80417)
2020-05-11imgflag: Add sexual/violence user preferences + show/hide character imagesYorhel1-1/+1
2020-04-27Add minimal audit logging for user-related changesYorhel1-0/+14
Includes failed logins (but not through the API...), password changes, email changes, any user-related changes performed by a moderator and post edits/deletions performed by a moderator.
2020-04-26imgflag: Add separate "imgmod" permission flagYorhel1-1/+1
2020-04-24Auth: Drop support for old (and now all expired) CSRF tokensYorhel1-19/+11
2020-04-20Shorten the CSRF tokens to 8 charactersYorhel1-7/+20
So that I can more easily embed them inside URLs. The old token format is still supported to avoid breaking forms.
2020-04-15SQL: Split "perm" column into multiple booleansYorhel1-21/+6
This simplifies several actions and makes permission checks more obvious. This is also yack shaving for another feature I've been planning to add: boardmods should be able to set other users' "board" permission, tagmods for tags, etc. So that partial user bans don't need the full "usermod" permission.
2020-03-21Improve logging of user IDs when auth module is not initializedYorhel1-1/+2
This affects logs generated before the auth module is initialized or (more commonly) after it has been de-initialized. This happens often for requests exceeding TUWF's `log_slow_pages`. This change does mean that the logged user ID did not necessarily pass authentication, but it's good enough for debugging purposes.
2020-03-20imgflag: Disallow regular users to vote on any image of their choosingYorhel1-4/+5
And reduce the number of images given out randomly. That reduction makes it more expensive for an abuser to get tokens for the images they want (they'd hit the req/sec rate limiter much earlier), and also makes sense now that the query has been optimized with the TABLESAMPLE trick (it's faster, and more queries with less rows ought to give a better distribution overall - it reduces the impact of a biased query).
2020-03-17imgflag: Add "imgvote" permissionYorhel1-2/+2
So we can revoke voting rights. Unsetting this permission does not currently invalidate the users' existing votes, that should probably change (I mean, why else would you revoke someones voting rights?).
2019-12-20ulist: Remove deprecated hide_list user preferenceYorhel1-1/+1
Old VNDB::* code still uses that preference in a few places, that needs to be fixed.
2019-11-19Increase CSRF token validity window to 12 hoursYorhel1-4/+2
People leave their window open for a while, and that's fine.
2019-10-12Add Patreon link to main menu + minor fixesYorhel1-1/+2
2019-10-10rewards: Apply supporters badge and unicode name (almost) everywhereYorhel1-14/+11
Only place where this isn't applied (yet?): Sorting user lists still goes by the old username and board names don't use the new unicode names. I have to say, I quite like the sql_user() and user_() pattern. It's not without problems when applied to everything, but it's good enough for several use cases.
2019-10-03Require email confirmation when changing email addressYorhel1-7/+11
This ensures that the email address linked to a user is always valid and actually belong(s|ed) to that user.
2019-10-03SQL: Add session types + use sessions for password reset tokensYorhel1-5/+4
This improves the password reset workflow a bit. The users.passwd field is now no longer used for reset tokens, meaning that the current password isn't affected until the user actually clicks the link and changes it. It is now also possible to have multiple active password reset tokens, in case one of the emails got lost. All existing tokens are invalidated when the user finally changes their password. Tokens are now valid for at most 1 week instead of indefinitely.