mirror of
https://github.com/owncast/owncast.git
synced 2024-11-26 23:24:29 +03:00
6 commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Gabe Kangas
|
514fd17ed9
|
Access token migration | ||
Gabe Kangas
|
b835de2dc4
|
IndieAuth support (#1811)
* Able to authenticate user against IndieAuth. For #1273 * WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272 * Add migration to remove access tokens from user * Add authenticated bool to user for display purposes * Add indieauth modal and auth flair to display names. For #1273 * Validate URLs and display errors * Renames, cleanups * Handle relative auth endpoint paths. Add error handling for missing redirects. * Disallow using display names in use by registered users. Closes #1810 * Verify code verifier via code challenge on callback * Use relative path to authorization_endpoint * Post-rebase fixes * Use a timestamp instead of a bool for authenticated * Propertly handle and display error in modal * Use auth'ed timestamp to derive authenticated flag to display in chat * don't redirect unless a URL is present avoids redirecting to `undefined` if there was an error * improve error message if owncast server URL isn't set * fix IndieAuth PKCE implementation use SHA256 instead of SHA1, generates a longer code verifier (must be 43-128 chars long), fixes URL-safe SHA256 encoding * return real profile data for IndieAuth response * check the code verifier in the IndieAuth server * Linting * Add new chat settings modal anad split up indieauth ui * Remove logging error * Update the IndieAuth modal UI. For #1273 * Add IndieAuth repsonse error checking * Disable IndieAuth client if server URL is not set. * Add explicit error messages for specific error types * Fix bad logic * Return OAuth-keyed error responses for indieauth server * Display IndieAuth error in plain text with link to return to main page * Remove redundant check * Add additional detail to error * Hide IndieAuth details behind disclosure details * Break out migration into two steps because some people have been runing dev in production * Add auth option to user dropdown Co-authored-by: Aaron Parecki <aaron@parecki.com> |
||
Gabe Kangas
|
92041c4c23
|
Add Prometheus for some Owncast metrics (#1744)
* Add Prometheus for some Owncast metrics. Closes #1303 * Wrap prometheus metrics endpoint in admin middleware |
||
Gabe Kangas
|
045a0a2afd
|
Social features / ActivityPub federation (#1629)
* Support webfinger requests for the live account. Closes https://github.com/owncast/owncast/issues/1193
* Support for actor requests. Returns response for live actor. Closes https://github.com/owncast/owncast/issues/1203
* Handle follow and unfollow requests. Closes
https://github.com/owncast/owncast/issues/1191 and https://github.com/owncast/owncast/issues/1205 and https://github.com/owncast/owncast/issues/1206 and https://github.com/owncast/owncast/issues/1194
* Add basic support for sending out text activities. For https://github.com/owncast/owncast/issues/1192
* Some error handling and passing of dynamic local account names.
* Add hardcoded example image attachment to test post
* Centralize the map of accounts and inboxes
* No longer disable the preview generator based on YP toggle
* Send a federated message to followers when stream starts. For https://github.com/owncast/owncast/issues/1192
* Placeholder for attaching tags
* Add image description
* Save and get to outbox persistence. Return using outbox endpoint for actor
* Pass payloads to be handled through the gochan
* Handle undo follow requests explitly, not all undo requests
* Add API for manually sending simple federated messages. Closes #1215
* Verify inbox requests. Closes #1321
* Add route to fetch a single AP object by ID. For #1329
* Add responses to fediverse nodeinfo requests
* Set and get federation config values for admin
* Handle host-meta requests
* Do not send out message if disabled. Use saved go live message.
* Require AP-compatible content types for AP-related requests
* Rename ap models to apmodels for clarity
* Change how content type matching takes place.
* io -> ioutil
* Add stub delete activity callback
* Handle likes and announces to surface engagement in chat. Part of #1229
* Append url to go live posts
* Do not require specific content types for nodeinfo requests
* Add follow engagement chat message via AP
* add owncast user-agent to requests
* Set note visibility to public (for now)
* Fix saving/fetching a single object
* Add support for x-nodeinfo2 responses
* Point to the dev admin branch for ap
* Bundle in dev admin for testing
* Add error logging
* Add AP middleware back
* Point to the new external compatible logo endpoint
* Clean up more AP logging to help testing
* Tweak go live text and link hashtags
* Fix bug in fetching init time
* Send update actor activities when server details/profile is updated
* Add federation config overview to web client config
* Add additional actor properties
* Make the AP middleware checking more flexible when looking at types
* First pass at remote fediverse follow flow. For #1371
* Added a basic AP actor followers endpoint
* WIP client followers API
* Add profile-page reference to webfinger response
* Add aliases to webfinger response
* Fix content-type returned to be expected activitypub+json
* First pass at followers api
* Point at local dev copy of go-fed/activity
* Add custom toot Hashtag objects to posts
* Store additional user details to followers table
* Fix AP followers endpoint. Closes #1204
* Add owncast hashtag as an invisible tag to go live posts
* Reject AP requests when it is disabled
* Add actor util for generating full account user from person object
* Verify inbox requests before performing any other work
* Accept actor update requests
* Fix linter errors in federation branch
* Migrate AP SQL to sqlc for type safe queries
* Use the @unclearParadigm REST parameter helper
* Fix verifying post ID on AP engagement
* WIP privacy/request approval
* Style the remote follow modal
* First pass at a followers list component w/ mock data. #1370
* Revert "Use the @unclearParadigm REST parameter helper"
This reverts commit
|
||
Gabe Kangas
|
484098afda | Some migration fixes and database optimizations | ||
Gabe Kangas
|
b6f68628c0
|
Chat refactor + persistent backing chat users (#1163)
* First pass at chat user registration and validation * Disable chat if the user is disabled/blocked or the server hits max connections * Handle dropping sockets if chat is disabled * Fix origin in automated chat test * Work for updated chat moderation * Chat message markdown rendering and fix tests * Put /api/chat behind a chat user access token. Closes #1085 * Reject blocked username changes * More WIP moderation * Defer configuring chat until we know if it is enabled. Closes #1135 * chat user blocking. Closes #1096 * Add tests around user access for #1096 * Add external integration chat message API + update integration auth middleware to pass along integration name. Closes #1092 * Delete old chat messages from db as to not hold on to excessive data. Closes #1152 * Add schema migration for messages. Closes #1155 * Commit updated API documentation * Add chat load test * Shared db mutex and db optimizations * Simplify past display name handling * Use a new test db for each test run * Wire up the external messages actions + add tests for them * Move access tokens to be actual users * Run message pruning at launch + fix comparison * Do not return API users in disabled users response * Fix incorrect highlighting. Closes #1160 * Consolidate user table statements * Set the max process connection limit to 70% of maximum * Fix wrong old display name being returned in name change event * Delete the old chat server files * Wire back up the webhooks * Remove unused * Invalidate user cache on changes * Do not send rendered body as RawBody * Some cleanup * Standardize names for external API users to ExternalAPIUser * Do not log token * Checkout branch when building admin for testing * Bundle in dev admin for testing * Some cleanup * Cleanup js logs * Cleanup and standardize event names * Clean up some logging * Update API spec. Closes #1133 * Commit updated API documentation * Change paths to be better named * Commit updated API documentation * Update admin bundle * Fix duplicate event name * Rename scope var * Update admin bundle * Move connected clients controller into admin package * Fix collecting usernames for autocomplete purposes * No longer generate username when it is empty * Sort clients and users by timestamp * Move file to admin controller package * Swap, so the comments stay correct Co-authored-by: Jannik <jannik@outlook.com> * Use explicit type alias Co-authored-by: Jannik <jannik@outlook.com> * Remove commented code. Co-authored-by: Jannik <jannik@outlook.com> * Cleanup test * Remove some extra logging * Add some clarity * Update dev instance of admin for testing * Consolidate lines Co-authored-by: Jannik <jannik@outlook.com> * Remove commented unused vars Co-authored-by: Jannik <jannik@outlook.com> * Until needed do not return IP address with client list * Fix typo of wrong var * Typo led to a bad test. Fix typo and fix test. * Guard against the socket reconnecting on error if previously set to shutdown * Do not log access tokens * Return success message on enable/disable user * Clean up some inactionable error messages. Sent ban message. Sort banned users. * fix styling for when chat is completely disabled * Unused * guard against nil clients * Update dev admin bundle * Do not unhide messages when unblocking user just to be safe. Send removal action from the controller * Add convinience function for getting active connections for a single user * Lock db on these mutations * Cleanup force disconnect using GetClientsForUser and capture client reference explicitly * No longer re-showing banned user messages for safety. Removing this test. * Remove no longer needed comment * Tweaks to forbidden username handling. - Standardize naming to not use "block" but "forbidden" instead. - Pass array over the wire instead of string. - Add API test - Fix default list incorrectly being appended to custom list. * Logging cleanup * Update dev admin bundle * Add an artificial delay in order to visually see message being hidden when testing * Remove the user cache as it is a premature optimization * When connected to chat let the user know their current user details to sync the username in the UI * On connected send current display name back to client. - Move name change out of chat component. - Add additional event type constants. * Fix broken workflow due to typo * Troubleshoot workflow * Bump htm from 3.0.4 to 3.1.0 in /build/javascript (#1181) * Bump htm from 3.0.4 to 3.1.0 in /build/javascript Bumps [htm](https://github.com/developit/htm) from 3.0.4 to 3.1.0. - [Release notes](https://github.com/developit/htm/releases) - [Commits](https://github.com/developit/htm/compare/3.0.4...3.1.0) --- updated-dependencies: - dependency-name: htm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Run npm run build and update libraries Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gabe Kangas <gabek@real-ity.com> * Commit updated Javascript packages * Re-send current user info when a rejected name change takes place * All socket writes should be through the send chan and not directly * Seed the random generator * Add keys and indexes to users table * a util to generate consistent emoji markup * console clean up * mod tidy * Commit updated API documentation * Handle the max payload size of a socket message. - Only close socket if x2 greater than the max size. - Send the user a message if a message is too large. - Surface the max size in bytes in the config. * Update admin bundle * Force all events to be sent in their own socket message and do not concatinate in a single message * Update chat embed to register for access token * Use a different access token for embed chat * Update the chat message bubble background color to be bolder * add base tag to open links in new window, closes #1220 * Support text input of :emoji: in chat (#1190) * Initial implementation of emoji injection * fix bookkeeping with multiple emoji * make the emoji lookup case-insensitive * try another solution for Caretposition * add title to emojis minor refactoring * bind moji injection to InputKeyUp * simplify the code replace all found emojis * inject emoji if the modifer is released earlier * more efficient emoji tag search * use json emoji.emoji as url * use createEmojiMarkup() * move emojify() to chat.js * emojify on paste * cleanup emoji titles in paste * update inputText in InputKeyup * mark emoji titles with 2*zwnj this way paste cleanup will not interfere with text which include zwnj * emoji should not change the inputText * Do not show join messages when chat is offline. Closes #1224 - Show stream starting/ending messages in chat. - When stream starts show everyone the welcome message. * Force scrolling chat to bottom after history is populated regardless of scroll position. Closes https://github.com/owncast/owncast/issues/1222 * use maxSocketPayloadSize to calculate total bytes of message payload (#1221) * utilize maxSocketPayloadSize from config; update chatInput to calculate based on that value instead of text value; remove usage of inputText for counting * add a buffer to account for entire websocket payload for message char counting; trim nbsp;'s from ends of messages when calculating count Co-authored-by: Gabe Kangas <gabek@real-ity.com> Co-authored-by: Owncast <owncast@owncast.online> Co-authored-by: Jannik <jannik@outlook.com> Co-authored-by: Ginger Wong <omqmail@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Meisam <39205857+MFTabriz@users.noreply.github.com> |