mirror
/
galene
mirror of https://github.com/jech/galene.git
1
Fork 0
Code
1,183 Commits 18 Branches 31 Tags 12 MiB
Commit Graph

1183 Commits

Author SHA1 Message Date
Juliusz Chroboczek 695c379a6c Distinguish empty key in password from absence of key. 2024-04-12 01:05:48 +02:00
Juliusz Chroboczek 4ad7c2f303 Improve TestUpgradeDescription. 2024-04-12 00:47:51 +02:00
Juliusz Chroboczek abb90ce3b9 Update CHANGES. 2024-04-11 17:53:48 +02:00
Juliusz Chroboczek 7673a95b05 Implement FallbackUsers in API. 2024-04-11 17:53:48 +02:00
Juliusz Chroboczek 31a18bcf44 Implement keys handling in API. 2024-04-11 14:30:44 +02:00
Juliusz Chroboczek 10cab468a8 Add link for changing password. 2024-04-11 14:30:44 +02:00
Juliusz Chroboczek 077ff9a879 Add canChangePassword to group status. 2024-04-11 13:27:08 +02:00
Juliusz Chroboczek 39d11c2f48 Implement form for changing passwords. 2024-04-11 13:27:08 +02:00
Juliusz Chroboczek 7643424bab API documentation. 2024-04-11 13:27:08 +02:00
Juliusz Chroboczek cc38c53075 Implement administrative API. 2024-04-11 13:27:08 +02:00
Juliusz Chroboczek 5753c46910 Use methodNotAllowed in whip. 2024-04-10 14:45:04 +02:00
Juliusz Chroboczek f646191e01 Implement methodNotAllowed. 2024-04-10 14:44:03 +02:00
Juliusz Chroboczek fc6387bb38 Implement accessors for description files. 
Allow reading and modifying description files, in a manner
that aligns with the needs of the API.
 2024-04-10 14:09:52 +02:00
Juliusz Chroboczek e14eec86d3 Implement parseContentType. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek c4c7d0b60d More tests for splitPath. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek eee6650336 Add precondition.go. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek 1666abf2f3 Add allowSubgroups argument to readDescription. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek b7094fc373 Beginnings of administrative API. 
The "stats.json" file is moved under "galene-api", where the rest
of the API will live.
 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek d887a216f0 Rework configuration file format. 
The "users" entry is now a dictionary mapping user names to
passwords and permissions.  In order to allow for wildcards,
there is a new type of password, the wildcard password, and
an extra array called "fallback-users".

The field "allow-anonymous" no longer exists, this is now
the default behaviour.  The field "allow-subgroups" has been
renamed to "auto-subgroups".

We provide backwards compatibility for group definition files,
but not for the config.json file, where the old "admin" array
is simply ignored.
 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek eb54f2a9bb Updated changes for 0.8.1. 2024-03-09 13:14:12 +01:00
Juliusz Chroboczek de0c42faaf Implement "expires" and "not-before" for groups. 2024-03-03 16:45:54 +01:00
Juliusz Chroboczek 4fe31b4863 Update CHANGES. 2024-03-03 15:54:19 +01:00
Juliusz Chroboczek b8f7c68338 Return correct error message for invalid tokens. 2024-03-03 15:42:46 +01:00
Juliusz Chroboczek 89f947df1f Rework handling of authorisation errors. 
We'd sometimes return "Internal server error" on authentication
failures.  This should be gone now.
 2024-03-03 13:43:50 +01:00
Juliusz Chroboczek 5fe578dcf5 Allow tokens with small expiration times. 
There was a typo that prevented tokens with less than two days
validity.
 2024-03-03 13:29:44 +01:00
Juliusz Chroboczek 0d7d54751a Update CHANGES. 2024-02-24 12:57:22 +01:00
Juliusz Chroboczek 29e006037c Allow proxyURL to contain a path. 
We now support or reasonable values for proxyURL, such as "http:"
or "/galene".
 2024-02-24 12:46:30 +01:00
Juliusz Chroboczek 6756e7f7cc Add test for groupBase. 2024-02-24 12:27:19 +01:00
Juliusz Chroboczek 017c004094 Update dependencies. 2024-02-23 00:22:38 +01:00
Juliusz Chroboczek 923d78eaa3 Fix handling of WHIP URLs. 
We broke WHIP when we introduced splitPath.  Thanks to Tim Panton.
 2024-02-22 23:31:03 +01:00
Juliusz Chroboczek bfe83d1a27 Move description code into its own file. 2024-02-20 18:19:24 +01:00
Juliusz Chroboczek 3792800355 Make Update ignore directories starting with colon. 
We were already ignoring files starting with colon.
 2024-02-13 22:02:57 +01:00
Juliusz Chroboczek 0f53bf0373 More tweaks to webserver error handling. 2024-01-18 01:02:56 +01:00
Juliusz Chroboczek 3ad6f27b17 Move .status.json to .status. 
Keep a redirect for backwards compatibility.
 2024-01-18 00:39:32 +01:00
Juliusz Chroboczek b92cf0480a Implement splitPath. 
Use it for parsing special paths instead of ad hoc code.
 2024-01-17 22:28:21 +01:00
Juliusz Chroboczek 6455ae3a4c Fix error handling in groupBase. 2024-01-17 22:22:47 +01:00
Juliusz Chroboczek a612e4d869 Use httpError in groupHandler. 2024-01-11 23:10:15 +01:00
Juliusz Chroboczek 03038eaf45 Obfuscate WHIP ids. 
If the WHIP session is not authenticated, then the only thing
preventing an attacker from DELETEing the session is the session
URL.  Since client ids are known, obfuscate the id before using
it in the session URL.
 2024-01-11 22:05:07 +01:00
Juliusz Chroboczek 9f3bee8e37 Add missing omitempty to group description. 2024-01-07 00:26:36 +01:00
Juliusz Chroboczek ad6db4c71b Upgrade dependencies. 2024-01-02 19:51:34 +01:00
Juliusz Chroboczek 5c491db9f5 Remove obsolete passage in documentation. 2024-01-02 18:45:04 +01:00
Juliusz Chroboczek dc34350d8f Complete parsing of WHIP candidates. 2023-12-20 01:42:11 +01:00
Juliusz Chroboczek be2d3ab4ca Fix error handing in WHIP resource handler. 2023-12-20 00:40:30 +01:00
Juliusz Chroboczek 27e502e63c Upgrade to go-jwt v5. 
A token with no "sub" field is now treated just like one with an
empty "sub".  In addition, all times are treated with a slack of 5s.
 2023-12-10 00:47:17 +01:00
Juliusz Chroboczek 002d519f91 Use a named type for trackAction kind. 2023-12-09 22:13:24 +01:00
Juliusz Chroboczek 5c2e5ee5c0 Add test for parsing bearer tokens. 2023-12-09 20:50:39 +01:00
Juliusz Chroboczek f9ef43248b Use strings.Cut when parsing fmtp. 2023-12-09 18:23:06 +01:00
Juliusz Chroboczek d2380f25b3 Fix incorrect comment in rtptime.go. 
Also use Duration.Abs.
 2023-12-09 17:45:30 +01:00
Juliusz Chroboczek bee1c3d0c3 Use url.JoinPath in webserver. 2023-12-09 17:40:04 +01:00
Juliusz Chroboczek 1c042b55af Fix typo in error message. 2023-12-09 17:32:16 +01:00