| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Therefore, username and password are no longer needed
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Allow to have global clients, auth through direct token or auth code and bring scopes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
fix review
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
remove redirect uri requirement on specific clients
add back password and depreciate it
enforce state
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Allow apps to register themselves
A handful of changes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
change timeout values
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
set access_token lifetime to 1 year and double for refresh_token
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| |
|
| |
|
|
|
|
|
|
| |
Listing entries can now be filtered by “public”.
Creating or patching an entry can now set is to public or remove the public.
Entry response now include “is_public” boolean field
|
| |
|
|\ |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Update validators.pl.yml
|
| | |
| | |
| | | |
add "quote_length_too_high" translation
|
|\ \ \
| |/ /
|/| | |
Fix tags count in tags list on baggy
|
| | | |
|
|\ \ \
| |/ /
|/| | |
remove craueconfig domain name setting and add a proper one in parame…
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
Validate language & preview picture fields
|
| | | |
| | | |
| | | |
| | | | |
Mostly to increase language supports
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Instead of saving the value of each field right into the content without any validation, it seems better to validate them.
This might sounds obvious now we say that.
|
| | | | |
|
| | | | |
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a user login using the form we know log an error level information with information about the user:
- username used
- IP
- User agent
For example:
> Authentication failure for user "eza", from IP "127.0.0.1", with UA: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36".
It’ll allows server admin using fail2ban to configure it to block these people if they generate too much failure authentication.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
While creating a new user using the API, we also create a new client for the current user.
So the app which just create the user can use its newly created client to configure the app.
That new client is only return after creating the user.
When calling the endpoint /api/user to get user information, the new client information won’t be return.
|
|\ \ \
| | | |
| | | | |
Displays an error with an annotation with a too long quote
|
| | | |
| | | |
| | | |
| | | | |
Fix #2762
|
|\ \ \ \
| | | | |
| | | | | |
Add ability to patch an entry with more fields
|
| | | | | |
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Like when we create an entry, we can now patch an entry with new fields:
- content
- language
- preview_picture
- published_at
- authors
|
|\ \ \ \
| | | | |
| | | | | |
Use an alternative way to detect images
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When parsing content to retrieve images to save locally, we only check for the content-type of the image response.
In some case, that value is empty.
Now we’re also checking for the first few bytes of the content as an alternative to detect if it’s an image wallabag can handle.
We might get higher image supports using that alternative method.
|
|\ \ \ \
| |_|/ /
|/| | | |
Show user command
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
|\ \ \
| | | |
| | | | |
API user creation behing a toggle
|
| | | | |
|
| | | | |
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled.
Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information.
I've moved all the internal settings definition to config to avoid duplicated place to define them.
I don't know why we didn't did that earlier.
|
|\ \ \
| |/ /
|/| | |
Update Italian translation
|
| | | |
|
| | |
| | |
| | |
| | | |
Thank you @matteocoder
|
| | | |
|
|\ \ \
| | | |
| | | | |
Import disableContentUpdate
|
| | | | |
|
| | | | |
|
| | | | |
|