* feat(api): add server-side caching for requests that could benefit for them
* fix(tests): do not cache responses while in tests
* fix: remove commented out leftover code
* chore(deps): update dependency html-webpack-plugin to v5.5.4
* Bundle embedded web app
* fix: remove caching for web app assets under test
* chore(tests): re-enable temporarily disabled test
* chore(deps): update dependency typescript to v5.3.3
* Bundle embedded web app
* chore(deps): update dependency npm to v10.2.5
* Bundle embedded web app
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Owncast <owncast@owncast.online>
* chore: replace nanmu/gzip by CAFxX/httpcompression for compression
Instead of using nanmu42/gzip which imports the whole gin framework,
we replace it with CAFxX/httpcompression which is more lightweight.
Fixes#2697
* Run go mod tidy
---------
Co-authored-by: Gabe Kangas <gabek@real-ity.com>
* Custom emoji editor: implement backend
This reuses the logo upload code
* Implement emoji edit admin interface
Again reuse base64 logic from the logo upload
* Allow toggling between uploaded and default emojis
* Add route that always serves uploaded emojis
This is needed for the admin emoji interface,
as otherwise the emojis will 404 if custom emojis are disabled
* Fix linter warnings
* Remove custom/uploaded emoji logic
* Reset timer after emoji deletion
* Setup: copy built-in emojis to emoji directory
* Able to authenticate user against IndieAuth. For #1273
* WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272
* Add migration to remove access tokens from user
* Add authenticated bool to user for display purposes
* Add indieauth modal and auth flair to display names. For #1273
* Validate URLs and display errors
* Renames, cleanups
* Handle relative auth endpoint paths. Add error handling for missing redirects.
* Disallow using display names in use by registered users. Closes#1810
* Verify code verifier via code challenge on callback
* Use relative path to authorization_endpoint
* Post-rebase fixes
* Use a timestamp instead of a bool for authenticated
* Propertly handle and display error in modal
* Use auth'ed timestamp to derive authenticated flag to display in chat
* Fediverse chat auth via OTP
* Increase validity time just in case
* Add fediverse auth into auth modal
* Text, validation, cleanup updates for fedi auth
* Fix typo
* Remove unused images
* Remove unused file
* Add chat display name to auth modal text
* Able to authenticate user against IndieAuth. For #1273
* WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272
* Add migration to remove access tokens from user
* Add authenticated bool to user for display purposes
* Add indieauth modal and auth flair to display names. For #1273
* Validate URLs and display errors
* Renames, cleanups
* Handle relative auth endpoint paths. Add error handling for missing redirects.
* Disallow using display names in use by registered users. Closes#1810
* Verify code verifier via code challenge on callback
* Use relative path to authorization_endpoint
* Post-rebase fixes
* Use a timestamp instead of a bool for authenticated
* Propertly handle and display error in modal
* Use auth'ed timestamp to derive authenticated flag to display in chat
* don't redirect unless a URL is present
avoids redirecting to `undefined` if there was an error
* improve error message if owncast server URL isn't set
* fix IndieAuth PKCE implementation
use SHA256 instead of SHA1, generates a longer code verifier (must be 43-128 chars long), fixes URL-safe SHA256 encoding
* return real profile data for IndieAuth response
* check the code verifier in the IndieAuth server
* Linting
* Add new chat settings modal anad split up indieauth ui
* Remove logging error
* Update the IndieAuth modal UI. For #1273
* Add IndieAuth repsonse error checking
* Disable IndieAuth client if server URL is not set.
* Add explicit error messages for specific error types
* Fix bad logic
* Return OAuth-keyed error responses for indieauth server
* Display IndieAuth error in plain text with link to return to main page
* Remove redundant check
* Add additional detail to error
* Hide IndieAuth details behind disclosure details
* Break out migration into two steps because some people have been runing dev in production
* Add auth option to user dropdown
Co-authored-by: Aaron Parecki <aaron@parecki.com>