Mouse Reeve
b439114932
Updates locales
2022-11-03 11:50:12 -07:00
Mouse Reeve
ccf091e42d
Merge pull request #2330 from bookwyrm-social/import-admin-table
...
Adds more fields to import admin table and ticks version
2022-11-03 11:49:57 -07:00
Mouse Reeve
40e9428b49
Adds more fields to import admin table and ticks version
2022-11-03 11:30:43 -07:00
Mouse Reeve
3f2f718878
Merge pull request #2329 from bookwyrm-social/import-admin-fixes
...
Import admin fixes
2022-11-03 11:06:29 -07:00
Mouse Reeve
14e61fa32d
Adds extremely basic tests file
2022-11-03 10:55:21 -07:00
Mouse Reeve
0ba4dbbc6f
Fixes pagination and user links on import admin
2022-11-03 10:54:59 -07:00
Mouse Reeve
91b935bc0a
Merge pull request #2327 from bookwyrm-social/imports-admin
...
Imports admin
2022-11-01 20:53:58 -07:00
Mouse Reeve
5af195de58
Python formatting
2022-11-01 20:43:27 -07:00
Mouse Reeve
a8424f61f2
Mark imports as complete
...
This will let the user debug the import, and should only be used when
the import is in a bad state (marked as incomplete but with no pending
tasks)
2022-11-01 19:26:23 -07:00
Mouse Reeve
6eab1fdd6d
Adds import admin view
2022-11-01 19:05:51 -07:00
Mouse Reeve
61c2d2a36a
Use elided page range on user admin view
2022-11-01 18:45:21 -07:00
Mouse Reeve
641fc325b4
Merge pull request #2326 from bookwyrm-social/synchronous-confirmation-emails
...
Send confirmation emails directly, rather than with celery
2022-11-01 18:43:53 -07:00
Mouse Reeve
881d5682e3
Updates test mock
2022-11-01 18:20:56 -07:00
Mouse Reeve
c16155aa41
Merge pull request #2325 from bookwyrm-social/author-page-editions
...
Only show editions with the author on the author page
2022-11-01 18:18:58 -07:00
Mouse Reeve
40ead41176
Fixes rate limiter
2022-11-01 18:17:37 -07:00
Mouse Reeve
1c949a5d71
Send confirmation emails directly, rather than with celery
...
Whenver bookwyrm has an influx of new users, celery gets delayed and
the emails don't get sent out promptly, which causes people to first
resend the email multiple times, and then to email me, both of which
just create more work and confusion for everyone involved.
2022-11-01 18:08:45 -07:00
Mouse Reeve
553f170f89
Only show editions with the author on the author page
2022-11-01 18:04:27 -07:00
Mouse Reeve
43202f5bb7
Merge pull request #2322 from obrenckle/menus_overlap
...
Close dropdown menu when opening one of its modal
2022-11-01 17:15:00 -07:00
Olivier Brencklé
cfaec434c0
🚸 Close dropdown when opening modal item
2022-10-28 13:15:53 +02:00
Olivier Brencklé
474b78dad2
💄 Set dropdown menu below modals on mobile
2022-10-24 19:34:25 +02:00
Mouse Reeve
54a056f582
Merge pull request #2321 from bookwyrm-social/dependabot/pip/django-3.2.16
...
Bump django from 3.2.15 to 3.2.16
2022-10-21 14:14:21 -07:00
Mouse Reeve
2a0a67de5f
Adds 2fa locales
2022-10-21 14:13:14 -07:00
Mouse Reeve
62a34c42a3
Merge branch 'main' into dependabot/pip/django-3.2.16
2022-10-20 20:57:05 -07:00
Mouse Reeve
eb07deadf2
Merge pull request #2320 from bookwyrm-social/announcement-size
...
Remove extra whitespace in announcements
2022-10-20 20:56:52 -07:00
Mouse Reeve
6fb21b9e4b
Disable wayward stylelint error
2022-10-20 20:44:27 -07:00
dependabot[bot]
09446def54
Bump django from 3.2.15 to 3.2.16
...
Bumps [django](https://github.com/django/django ) from 3.2.15 to 3.2.16.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/3.2.15...3.2.16 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-21 03:40:27 +00:00
Mouse Reeve
c375e842ad
Merge pull request #2294 from hughrun/otp
...
Enable optional 2FA
2022-10-20 20:40:00 -07:00
Mouse Reeve
b81a5faff7
Remove extra whitespace in announcements
2022-10-20 07:45:53 -07:00
Hugh Rundle
3d95916b55
handle 2fa user exception properly
2022-10-15 07:47:20 +11:00
Hugh Rundle
32e4f7718e
pylint is being pedantic
2022-10-15 07:47:20 +11:00
Hugh Rundle
cf1fae6af8
return Bad Request if 2fa user does not exist
2022-10-15 07:47:20 +11:00
Hugh Rundle
905aa66f38
add test_post_login_with_2fa
2022-10-15 07:47:20 +11:00
Hugh Rundle
a1c3f15d80
remove unused import
2022-10-15 07:47:20 +11:00
Hugh Rundle
f55adbadf4
fix 2fa tests
2022-10-15 07:47:20 +11:00
Hugh Rundle
cffbf82ddb
DRY footer for 2FA pages
2022-10-15 07:47:20 +11:00
Hugh Rundle
f3768c3d92
code formatting fix
2022-10-15 07:47:20 +11:00
Hugh Rundle
79b04c2240
various 2fa improvements
...
- cleaner code
- use TWO_FACTOR_LOGIN_MAX_SECONDS instead of hardcoded number
- render qrcode properly
- use nginx to rate limit login attempts
- do not throw error if session user is undefined
2022-10-15 07:47:20 +11:00
Hugh Rundle
aefc7a23bc
fix 2fa templates
...
- translate all strings
- do not embed svg element inside svg element
- fix sizing of input for confirming 2fa setup
2022-10-15 07:47:20 +11:00
Hugh Rundle
e1513bf98d
amend nginx rate limiting urls
2022-10-15 07:47:20 +11:00
Hugh Rundle
da613c9b26
ugh forgot to run black
2022-10-15 07:47:20 +11:00
Hugh Rundle
fda150fa0d
resolve migration conflict
2022-10-15 07:47:20 +11:00
Hugh Rundle
119b4bf2ff
clean up tests
...
- remove unnecessary crap
- add missing tests
2022-10-15 07:47:20 +11:00
Hugh Rundle
9d36722783
code formatting
2022-10-15 07:47:20 +11:00
Hugh Rundle
b63d4bec60
add tests for 2fa
2022-10-15 07:47:20 +11:00
Hugh Rundle
28329c1781
use string for datetime in session
...
It seemed to work when testing manually, but both pytest and the django documentation indicate that you can't pass datetimes around as session values.
2022-10-15 07:47:20 +11:00
Hugh Rundle
e1b1bb20dc
make password field less goofy in 2fa screen
2022-10-15 07:47:20 +11:00
Hugh Rundle
9b74c26742
backup codes
...
- add hotp_secret to user model
- view to create backup codes in user prefs
- check backup code if otp doesn't work
- increment hotp count if used
- show correct errors if code wrong
2022-10-15 07:47:20 +11:00
Hugh Rundle
9616abb6bd
clean up 2fa prompt page
2022-10-15 07:47:20 +11:00
Hugh Rundle
5b244f06d6
fix error messages when setting up 2FA
2022-10-15 07:47:20 +11:00
Hugh Rundle
6db4fb39ed
improve security and fix error msg
...
- Instead of passing the user as a hidden form element, we use a session variable.
- Introduces a 60 second limit on completing the login, and an exponentially increasing delay to attempt to login with 2FA if the code is entered incorrectly.
- use proper Django form error when incorrect otp value entered
2022-10-15 07:47:20 +11:00