Commit Graph

108 Commits

Author SHA1 Message Date
Metsjeesus
fa51a2c281 Add CA bundle option in SSL 2017-04-15 19:12:21 +03:00
Pavel Djundik
f645c32cb9 Use local variables to check length 2017-04-14 00:05:28 +03:00
Jérémie Astori
fe7c570cc9 Use Referrer-Policy header instead of CSP referrer
According to MDN:

> referrer
>   Used to specify information in the referer (sic) header for links away from a page.
>   Use the Referrer-Policy header instead.

See:

- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/referrer
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
2017-04-06 02:25:43 -04:00
S
001f96035b Switch to bcryptjs and make password comparison async
- PasswordCompareAsync prevents timeouts on resource constraint devices
- All password.compare calls are now async
- Updated tests to accept async functions
2017-04-01 03:06:09 -04:00
Pavel Djundik
c409328ddf Fix variable shuffling around ident handler
Fixes #965
2017-03-17 22:24:40 +02:00
Pavel Djundik
9997aafec7 Rewrite identd server, combine with oidentd 2017-03-12 12:02:22 +02:00
Jérémie Astori
bc8b699437 Add a basic check for bundled application when starting the server
Note that this will not detect if the client application was built with an old version of the repo.
2017-01-23 01:15:50 -05:00
Jérémie Astori
3e82994ae2 Make log style when referring user consistent with other places 2017-01-04 02:17:15 -05:00
Pavel Djundik
fb87bd3a58 Webpack 2016-12-27 19:15:30 +02:00
Pavel Djundik
3a3eebd61d Do not use backticks in strings when unnecessary 2016-12-20 02:09:53 +02:00
Jérémie Astori
b01517861d Remove autoload option and always autoload users
Since @xPaw provided a really nice way to watch user config files, there is now no need to be cheap about it (it used to be run every second, possibly why it could be disabled via settings?).

This commit also improves the function a little bit by making use of ES6 syntax.

A warning gets displayed on the server console when the `autoload` option is still present in the config file.
2016-12-11 03:29:30 -05:00
Jérémie Astori
303fab8519 Merge pull request #749 from thelounge/xpaw/hexip
Add support for hexip ilines and fix storing client ip in config
2016-12-10 19:50:33 -05:00
Pavel Djundik
463a63aed3 Avoid unnecessary disk writes if user object has not changed, make updateUser async 2016-12-10 11:05:34 +02:00
Jérémie Astori
adf93f9fad Merge pull request #746 from thelounge/xpaw/update-deps
Update depdencides to latest stable versions
2016-11-20 14:46:16 -05:00
Pavel Djundik
00548e65d7 Update existing networks with ip and hostmask if null 2016-11-19 22:34:05 +02:00
Pavel Djundik
708788338c Add support for hexip ilines 2016-11-19 20:32:47 +02:00
Pavel Djundik
6023035838 Update depdencides to latest stable versions 2016-11-19 10:49:16 +02:00
Pavel Djundik
b5db0abc18 Print node version and platform 2016-11-18 19:25:23 +02:00
William Boman
2f77d6981b src/server: log config path on start-up 2016-11-15 18:23:02 +01:00
Jérémie Astori
8ec6d969d1 Merge pull request #697 from cloudron-io/ldap_crashfix
Fix crash when LDAP server is unreachable
2016-10-23 10:10:48 -04:00
Pavel Djundik
c5e0dee3a3 Change bcrypt rounds from 8 to 11 2016-10-22 09:24:27 +03:00
Pavel Djundik
a1f56c7395 Improve support for opening multiple clients at once
- Synchornize unread counter with the server
- Fix unread marker on no attached clients
- Increase unread counter for server messages
2016-10-17 01:31:22 -04:00
Girish Ramakrishnan
09f2d069de Fix crash when LDAP server is unreachable
Fixes #667
2016-10-16 11:27:09 -07:00
William Boman
99218341ec consolidate version numbers throughout all interfaces 2016-10-10 21:56:57 +02:00
Pavel Djundik
aa02fd5180 Enforce more eslint rules 2016-10-09 17:55:37 -04:00
Pavel Djundik
3b8a478e34 Fix loading fonts in Microsoft Edge 2016-10-09 12:29:17 +03:00
toXel
5b6f5d5dce Check if SSL key and certificate files exist 2016-10-08 14:56:12 +02:00
Pavel Djundik
396a9cffb1 Display extra loading messages 2016-09-25 09:52:16 +03:00
Jérémie Astori
2b3b4ea924 Explicitly authorize websockets in CSP header
This follows a recent change in WebKit (see https://webkit.org/blog/6830/a-refined-content-security-policy/, section "More restrictive wildcard *") to remove websocket schemes from the connect-src directive.
Users of Safari v10 (to be publicly released in a few days) would be affected by this and could not load the app.
2016-09-09 01:17:31 -04:00
Jérémie Astori
b153d568a0 Add a theme selector in the settings
Power to the people!

There is now 2 ways to set the theme: on the app config file (defaults
for all users) and in the user settings.
All CSS files present in the `client/themes` folder will be given as
choices to the users.

This is temporary (as in, temporary for a fairly long time) until we
have proper theme management.
2016-09-06 01:11:31 -04:00
Jérémie Astori
40b8f0c293 Make sure users with wrong tokens are locked out instead of crashing the app 2016-08-18 00:02:40 -04:00
Jérémie Astori
f824036225 Merge pull request #535 from thelounge/PR/fix-webirc-4in6
Fix webirc and 4-in-6 addresses
2016-08-12 00:39:26 -04:00
Maxime Poulin
bec0c74772 Merge pull request #552 from thelounge/astorije/logger
Use our logger instead of console.{log,error} for LDAP logs
2016-08-11 01:44:54 -04:00
Jérémie Astori
14782a56b7 Use our logger instead of console.{log,error} 2016-08-10 02:40:28 -04:00
Jérémie Astori
cf64cb04c4 Fix token persistency across server restarts
This fixes a regression introduced by LDAP support addition
(https://github.com/thelounge/lounge/pull/477), which forces
users to re-login when the server restarts. This was originally
implemented in https://github.com/thelounge/lounge/pull/370.
2016-08-10 02:26:47 -04:00
Maxime Poulin
d42ac23c55
Fix webirc and 4-in-6 addresses 2016-07-30 20:54:09 -04:00
Johan Lindskogen
987474cfc1 implementing LDAP support 2016-07-29 21:28:00 -04:00
Jérémie Astori
9e188bad4b Make sure git commit check would not send stderr to the console
Before that change, running a release would display this in the console:
```
fatal: Not a git repository (or any of the parent directories): .git
```

Also, this adds strict mode for that file, and make sure `gitCommit` never throws a `ReferenceError`.
2016-07-18 21:35:02 -04:00
Jérémie Astori
71577cf55e Display whether instance is running from a release or from git on About section 2016-07-13 03:17:55 -04:00
Alistair McKinlay
9c07f2b0f2 Merge pull request #387 from thelounge/xpaw/config
Cache loaded config and merge it with defaults
2016-07-04 08:18:55 +01:00
William Boman
32b46bb32d src/client: make sure config is always an object 2016-06-30 15:06:14 +02:00
Pavel Djundik
100262ad1f Cache loaded config and merge it with defaults
Fixes #249
2016-06-26 19:30:25 +03:00
Maxime Poulin
1b9c5d8996
Fix default configuration for host.
Similarly to kiwiirc/irc-framework#55, passing `undefined` there instead of `"0.0.0.0"` allows the OS to decide and use both IPv4 and IPv6.
2016-06-24 06:25:51 -04:00
Pavel Djundik
f0adee1700 Fix crash in public mode introduced by #370 (#413) 2016-06-19 10:59:10 +03:00
Maxime Poulin
deba6f3aa1
Fix crash in public mode introduced by #370 2016-06-18 23:35:32 -04:00
Jérémie Astori
75c578c02c Merge pull request #369 from thelounge/xpaw/fix-losing-auth
Do not lose authentication token when the connection gets lost
2016-06-18 22:35:12 -04:00
Pavel Djundik
12551c06b6 Perform node version check as soon as possible 2016-06-16 11:13:34 +03:00
Pavel Djundik
2008abc0e8 Do not lose authentication token when the connection gets lost 2016-06-13 10:39:01 +03:00
Pavel Djundik
9384cd9ca6 Implement user token persistency 2016-06-13 10:33:39 +03:00
Daniel
084b269865 Rename package variable to pkg, as "package" is reserved. 2016-06-12 02:46:51 +01:00