Commit Graph

12 Commits (20e2f80ad4e4b767c981f3585a9d39faea689ba9)

Author SHA1 Message Date
Simon McVittie 2afb0dd663 Do not directly enable emailauth by default, only indirectly via openid
This avoids nasty surprises on upgrade if a site is using httpauth,
or passwordauth with an account_creation_password, and relying on
only a select group of users being able to edit the site. We can revisit
this for ikiwiki 4.
2015-05-27 08:52:01 +01:00
Joey Hess ab1bba9dab cloak user PII when making commits etc, and let cloaked PII be used in banned_users
This was needed due to emailauth, but I've also wrapped all IP address
exposure in cloak(), although the function doesn't yet cloak IP addresses.

(One IP address I didn't cloak is the one that appears on the password
reset email template. That is expected to be the user's own IP address,
so ok to show it to them.)

Thanks to smcv for the pointer to
http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2015-05-14 11:58:21 -04:00
Joey Hess 804144402b Merge branch 'master' of ssh://git.ikiwiki.info 2015-05-14 10:46:59 -04:00
Joey Hess f1f3d4c6e7 update re passwordauth @ 2015-05-14 10:41:07 -04:00
smcv 20d8557c7b please do cloak email addresses, the principle of least astonishment applies 2015-05-14 06:05:58 -04:00
Joey Hess 369bfd45cc close 2015-05-13 23:42:34 -04:00
https://id.koumbit.net/anarcat 5d49b5c115 link to indieauth and mention existing problems with this approach 2015-05-13 15:49:18 -04:00
Joey Hess 370261e715 thoughts 2015-05-13 14:31:08 -04:00
Joey Hess b9a2c3bfde tyo 2015-05-13 14:23:10 -04:00
Joey Hess 3575f939d8 update 2015-05-13 14:22:08 -04:00
Joey Hess ccd285b986 update 2015-05-13 14:19:38 -04:00
Joey Hess c455d51556 proposal 2015-05-13 14:16:16 -04:00