Commit graph

180 commits

Author SHA1 Message Date
Gabe Kangas
8890b564e8
Do not pass along the raw error. Closes #2491 2022-12-24 20:35:46 -08:00
Gabe Kangas
87eeeffa1c
Prune expired auth requests + add global max limit. Closes #2490 2022-12-23 20:25:08 -08:00
Gabe Kangas
0ebb968074
Handle subdirectories of emoji in copying, fetching and deleting. For #1916 2022-12-16 20:23:58 -08:00
Gabe Kangas
3abc7a3ab8
Expose connected client ID to moderator client info api 2022-12-13 19:17:32 -08:00
Gabe Kangas
2fdbb1e482
Support CSP nonce for webv2. Closes #2127 2022-12-12 17:04:00 -08:00
Philipp
dc54dfe363
Feature: emoji editor (#2411)
* Custom emoji editor: implement backend

This reuses the logo upload code

* Implement emoji edit admin interface

Again reuse base64 logic from the logo upload

* Allow toggling between uploaded and default emojis

* Add route that always serves uploaded emojis

This is needed for the admin emoji interface,
as otherwise the emojis will 404 if custom emojis are disabled

* Fix linter warnings

* Remove custom/uploaded emoji logic

* Reset timer after emoji deletion

* Setup: copy built-in emojis to emoji directory
2022-12-12 08:40:43 -08:00
Meisam
a7080a1fc1
validate response of federation APIs (#2408)
* validate json responses

* update deps

* tmp disable header check

* log all the webfinger fails

refactor and filter more malformed requests

* don't set incorrect serverURL strings

* test failing through admin api

* fix server url in fedi tests

* check response.text

* validate json/xml response of all apis

test Content-Type of api response and cleanup

* improve logs

* fix rebase

* cleanup json parser in api tests

* mark the api tests performed by admin

* Separate check for reading and format of serverURL

* test /federation/user/ with wrong username in ci
2022-12-10 21:10:10 -08:00
Gabe Kangas
c4dc802941 Make stream keys objects with comment instead of string slice 2022-11-29 16:05:44 -08:00
Gabe Kangas
c9e3ccad45 API + Data changes to support split up of stream keys and admin passwords 2022-11-29 16:05:44 -08:00
Gabe Kangas
813f8692f0
Support color customization from the admin (#2338)
* Add user-customizable theming. Closes #1915

* Prettified Code!

* Add user-customizable theming. Closes #1915

* Add explicit color for page content background

* Prettified Code!

Co-authored-by: gabek <gabek@users.noreply.github.com>
2022-11-12 20:26:55 -08:00
Gabe Kangas
c844e98a19
Merge remote-tracking branch 'origin/develop' into webv2 2022-10-12 16:52:05 -07:00
Florian Lehner
203f669ca8
preallocate memory (#2201)
**What this PR does / why we need it:**

Preallocate memory instead of enforcing an incremental growth. This will result in less work for the garbage collector.
2022-10-12 16:37:26 -07:00
Gabe Kangas
d94723bd3a
Fix embeds not loading on prod builds. Closes #2186 2022-10-10 14:06:02 -07:00
Gabe Kangas
7fb97c56aa
Merge remote-tracking branch 'origin/develop' into webv2 2022-10-02 21:44:06 -07:00
Matt Owens
39327f6b4a
remove extra w.WriteHeader call (#2158) 2022-10-02 13:47:38 -07:00
Matt Owens
e20985ecb4
Treat fediverse usernames as case-insensitive (#2155)
* treat fediverse usernames as case-insensitive for auth

* add test for case insensitive, clean up duplicate import in federverse auth controller

* fix test, there was an issue with state when all the tests were run
2022-10-02 11:16:46 -07:00
Gabe Kangas
42ff0cdb01
Add server-side hydration of initial config+status. Closes #1964 2022-09-10 15:37:07 -07:00
Gabe Kangas
681067ab93
Add custom offline message+api. Part of #1901 2022-08-09 22:09:43 -07:00
Gabe Kangas
68414445c2
Add support for changing user color in name modal. Closes #1805 2022-08-09 19:56:45 -07:00
Gabe Kangas
d12f25f556
Merge branch 'develop' into webv2 2022-08-09 14:14:45 -07:00
Gabe Kangas
0b5ddf433b
Limit OTP requests to one per expiry window. Closes #2000 2022-08-02 13:31:41 -07:00
Gabe Kangas
f3a16be0dd
Add user detail API + modal. Closes #2002 2022-07-20 22:36:20 -07:00
Gabe Kangas
46e17bb524
Do not render server summary as markdown 2022-07-12 17:11:41 -07:00
Gabe Kangas
b08393295f
Add option to hide viewer count. Closes #1939 2022-06-26 00:46:55 -07:00
Gabe Kangas
97db93e0d7
Support a custom emoji override directory. Closes #1967 2022-06-25 23:06:31 -07:00
Gabe Kangas
86305c3028
Cleanup some warnings 2022-06-20 22:36:01 -07:00
Gabe Kangas
9c477e16a2
Use static servers for serving embedded web assets 2022-06-20 22:12:44 -07:00
Gabe Kangas
18a184eeb7
Use bundled images instead of old webroot files 2022-06-20 22:10:55 -07:00
Gabe Kangas
ff968616ba
Support server-rendered index.html for all clients. Closes #1871 2022-06-19 16:35:55 -07:00
Gabe Kangas
78c6189c02
First pass at bundling web app into service. Working. 2022-06-19 15:32:42 -07:00
Gabe Kangas
6b22be8cf3
Merge remote-tracking branch 'origin/develop' into webv2 2022-06-19 13:52:22 -07:00
Gabe Kangas
d6814b516a
Require auth middleware only on GET requests 2022-06-05 22:46:46 -07:00
Gabe Kangas
8ed01ed4da
../
First pass at the emoji picker
2022-05-26 18:59:16 -07:00
Gabe Kangas
715504eb69
Merge remote-tracking branch 'origin/develop' into webv2 2022-05-25 22:57:14 -07:00
Gabe Kangas
afeef6f276
Return and pass around clock skew to be used in latency calculations.
Closes #1920
2022-05-23 15:17:41 -07:00
Gabe Kangas
ade4d68c0d
Return explicit http 200 2022-05-23 15:12:59 -07:00
Gabe Kangas
3b3f785984
Use the webpack dev server proxy for requests 2022-05-08 23:28:54 -07:00
Gabe Kangas
a0354d6d49
Handle centralized app state and registration + chat history 2022-05-02 17:45:22 -07:00
Gabe Kangas
8a343d0324
Remove extranious response 2022-04-30 23:16:48 -07:00
funkyhippo
a500a5f975
Add terminations to error repsonses in API. (#1872) 2022-04-23 13:19:17 -07:00
Gabe Kangas
a082cf3a77
Fediverse-based authentication (#1846)
* Able to authenticate user against IndieAuth. For #1273

* WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272

* Add migration to remove access tokens from user

* Add authenticated bool to user for display purposes

* Add indieauth modal and auth flair to display names. For #1273

* Validate URLs and display errors

* Renames, cleanups

* Handle relative auth endpoint paths. Add error handling for missing redirects.

* Disallow using display names in use by registered users. Closes #1810

* Verify code verifier via code challenge on callback

* Use relative path to authorization_endpoint

* Post-rebase fixes

* Use a timestamp instead of a bool for authenticated

* Propertly handle and display error in modal

* Use auth'ed timestamp to derive authenticated flag to display in chat

* Fediverse chat auth via OTP

* Increase validity time just in case

* Add fediverse auth into auth modal

* Text, validation, cleanup updates for fedi auth

* Fix typo

* Remove unused images

* Remove unused file

* Add chat display name to auth modal text
2022-04-22 17:23:14 -07:00
Gabe Kangas
b835de2dc4
IndieAuth support (#1811)
* Able to authenticate user against IndieAuth. For #1273

* WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272

* Add migration to remove access tokens from user

* Add authenticated bool to user for display purposes

* Add indieauth modal and auth flair to display names. For #1273

* Validate URLs and display errors

* Renames, cleanups

* Handle relative auth endpoint paths. Add error handling for missing redirects.

* Disallow using display names in use by registered users. Closes #1810

* Verify code verifier via code challenge on callback

* Use relative path to authorization_endpoint

* Post-rebase fixes

* Use a timestamp instead of a bool for authenticated

* Propertly handle and display error in modal

* Use auth'ed timestamp to derive authenticated flag to display in chat

* don't redirect unless a URL is present

avoids redirecting to `undefined` if there was an error

* improve error message if owncast server URL isn't set

* fix IndieAuth PKCE implementation

use SHA256 instead of SHA1, generates a longer code verifier (must be 43-128 chars long), fixes URL-safe SHA256 encoding

* return real profile data for IndieAuth response

* check the code verifier in the IndieAuth server

* Linting

* Add new chat settings modal anad split up indieauth ui

* Remove logging error

* Update the IndieAuth modal UI. For #1273

* Add IndieAuth repsonse error checking

* Disable IndieAuth client if server URL is not set.

* Add explicit error messages for specific error types

* Fix bad logic

* Return OAuth-keyed error responses for indieauth server

* Display IndieAuth error in plain text with link to return to main page

* Remove redundant check

* Add additional detail to error

* Hide IndieAuth details behind disclosure details

* Break out migration into two steps because some people have been runing dev in production

* Add auth option to user dropdown

Co-authored-by: Aaron Parecki <aaron@parecki.com>
2022-04-21 14:55:26 -07:00
Gabe Kangas
e46f8e2a66
Troubleshoot misskey follows
Store the original follow request object and use it for approvals.
Closes #1690
2022-04-08 13:33:30 -07:00
Gabe Kangas
c50536ff81
Pull player metrics out of the player. Support safari errors/buffering events 2022-03-29 17:33:36 -07:00
Gabe Kangas
1e19e2a50e
Surface the % of players represented in metrics 2022-03-27 16:27:38 -07:00
Gabe Kangas
410b413b84
Add stream health overview collection + apis 2022-03-24 23:07:05 -07:00
Gabe Kangas
4a17f30da8
Outbound live stream notifications (#1663)
* First pass at browser, discord, twilio notifications

* Commit updated Javascript packages

* Remove twilio notification support

* Email notifications/smtp support

* Fix Firefox notification support, remove chrome checks

* WIP more email work

* Add support for twitter notifications

* Add stream title to discord and twitter notifications

* Update notification registration modal

* Fix hide/show email section

* Commit updated API documentation

* Commit updated Javascript packages

* Fix post-rebase missing var

* Remove unused var

* Handle unsubscribe errors for browser push

* Standardize email config prop names

* Allow overriding go live email template

* Some notifications cleanup

* Commit updated Javascript packages

* Remove email/smtp/mailjet support

* Remove more references to email notifications

Co-authored-by: Owncast <owncast@owncast.online>
2022-03-18 13:33:23 -07:00
Gabe Kangas
d1e39c4c1e
Force uniqueness with previews and logos on the fediverse. Closes #1777 and closes #1776 2022-03-17 13:22:44 -07:00
Gabe Kangas
6479220e78
Expand upon playback metrics 2022-03-16 22:49:27 -07:00
Gabe Kangas
babbcecc9c
Stream performance metrics (#1785)
* WIP playback metrics

* Playback metrics collecting + APIs. Closes #793

* Cleanup console messages

* Update test

* Increase browser test timeout

* Update browser tests to not fail
2022-03-16 17:34:44 -07:00