Daniel Kahn Gillmor
a5309078ec
make cgiurl output deterministic
...
IkiWiki::cgiurl() currently produces non-deterministic output, because
the params hash can be sorted different ways.
Sorting keys to params before crafting the string should make the
output deterministic.
2015-05-19 15:34:46 -04:00
Amitai Schlair
da0baca91b
Idea: embedded podcast A/V player.
2015-05-17 18:44:30 -04:00
Joey Hess
ab1bba9dab
cloak user PII when making commits etc, and let cloaked PII be used in banned_users
...
This was needed due to emailauth, but I've also wrapped all IP address
exposure in cloak(), although the function doesn't yet cloak IP addresses.
(One IP address I didn't cloak is the one that appears on the password
reset email template. That is expected to be the user's own IP address,
so ok to show it to them.)
Thanks to smcv for the pointer to
http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2015-05-14 11:58:21 -04:00
Joey Hess
2a64eea0f5
comments
2015-05-14 11:02:57 -04:00
Joey Hess
85a529db3d
passwordauth: Don't allow registering accounts that look like openids.
...
Also prohibit @ in account names, in case the file regexp was relaxed to
allow it.
2015-05-14 10:57:56 -04:00
Joey Hess
804144402b
Merge branch 'master' of ssh://git.ikiwiki.info
2015-05-14 10:46:59 -04:00
Joey Hess
dd762222fa
crufty po updates
2015-05-14 10:44:09 -04:00
Joey Hess
f1f3d4c6e7
update re passwordauth @
2015-05-14 10:41:07 -04:00
Joey Hess
4fc4e78cd8
sanitize nickname derived from email address
2015-05-14 10:40:52 -04:00
https://id.koumbit.net/anarcat
7ef44d84d6
acls and expectations
2015-05-14 08:22:29 -04:00
kjs
dd1dceef47
Critical of automatic merging of stylesheets
2015-05-14 08:14:37 -04:00
kjs
71ddaa5adb
2015-05-14 07:06:43 -04:00
smcv
20d8557c7b
please do cloak email addresses, the principle of least astonishment applies
2015-05-14 06:05:58 -04:00
smcv
42b3b1f63a
proposal for making emailauth not force username == email address
2015-05-14 05:49:45 -04:00
Joey Hess
b831d4a6f1
note about email visibility in git commits
2015-05-13 23:44:23 -04:00
Joey Hess
b89f4b7ec5
fix page extension
2015-05-13 23:43:16 -04:00
Joey Hess
369bfd45cc
close
2015-05-13 23:42:34 -04:00
Joey Hess
cfb2c22906
Merge branch 'emailauth'
2015-05-13 23:38:56 -04:00
Joey Hess
bf8b7fe2d1
changelog
2015-05-13 23:38:46 -04:00
Joey Hess
70cf5bb765
don't let emailauth user's email address be changed on preferences page
...
There's no real problem if they do change it, except they may get confused
and expect to be able to log in with the changed email and get the same
user account.
2015-05-13 23:32:29 -04:00
Joey Hess
7a68c4a01c
when an emailauth user posts a comment, use the username only, not the full email address
...
This makes the email not be displayed on the wiki, so spammers won't find
it there.
Note that the full email address is still put into the comment template.
The email is also used as the username of the git commit message
(when posting comments or page edits). May want to revisit this later.
2015-05-13 23:26:22 -04:00
Joey Hess
497513e737
avoid showing password prefs for emailauth user
2015-05-13 23:24:07 -04:00
Joey Hess
22339188e7
allow adminuser to be an email address
2015-05-13 23:07:29 -04:00
Joey Hess
239cd95db7
tweak wording
2015-05-13 23:07:07 -04:00
Joey Hess
a7bd24b7b9
fix up session cookie
2015-05-13 23:06:52 -04:00
Joey Hess
95e1e51caa
emailauth link sent and verified; user login works
...
Still some work to do since the user name is an email address and should
not be leaked.
2015-05-13 22:27:03 -04:00
Joey Hess
f1d77f8193
add emailauth.tmpl
2015-05-13 21:15:08 -04:00
Joey Hess
035c1a2449
move stub auth hook to loginselector
2015-05-13 18:54:13 -04:00
Joey Hess
e34533d1a0
email auth plugin now works through email address entry
2015-05-13 18:50:40 -04:00
Joey Hess
5b459737a5
Converted openid-selector into a more generic loginselector helper plugin.
2015-05-13 18:50:29 -04:00
Joey Hess
f8add0adb3
rename openid selector files to login-selector
2015-05-13 17:58:59 -04:00
Joey Hess
7765941011
further generalization of openid selector
...
Now template variables can be set to control which login methods are shown
2015-05-13 17:51:29 -04:00
Joey Hess
ab4d9a5467
generalized the openid selector to a login selector
...
This includes some CSS changes to names of elements.
Also, added Email login button (doesn't work yet of course),
and brought back the small openid login buttons. Demoted yahoo and verison
to small buttons. This makes the big buttons be the main login types, and
the small buttons be provider-specific helpers.
2015-05-13 16:50:44 -04:00
Joey Hess
ee2905ae0a
comments
2015-05-13 16:49:12 -04:00
https://id.koumbit.net/anarcat
5d49b5c115
link to indieauth and mention existing problems with this approach
2015-05-13 15:49:18 -04:00
Joey Hess
370261e715
thoughts
2015-05-13 14:31:08 -04:00
Joey Hess
b9a2c3bfde
tyo
2015-05-13 14:23:10 -04:00
Joey Hess
3575f939d8
update
2015-05-13 14:22:08 -04:00
Joey Hess
ccd285b986
update
2015-05-13 14:19:38 -04:00
Joey Hess
c455d51556
proposal
2015-05-13 14:16:16 -04:00
Joey Hess
6f627420b5
close
2015-05-13 13:41:16 -04:00
Joey Hess
b8851008f1
remove the small buttons for livejournal/flickr/wordpress/aol
...
None of these are commonly used openid providers, and the openid button
can be used to log in with any such openid provider.
2015-05-13 12:40:36 -04:00
Joey Hess
1b79ccc71b
promote the other/password item to a large button
2015-05-13 12:36:38 -04:00
Joey Hess
ec72b4c95b
When openid and passwordauth are the only enabled auth plugins, make the openid selector display "Password" instead of "Other", so users are more likely to click on it when they don't have an openid.
2015-05-13 12:18:22 -04:00
kjs
0434f86dd5
branch link fix
2015-05-11 07:55:41 -04:00
kjs
8118abb558
local.css also blocking
2015-05-11 07:51:54 -04:00
http://hendry.iki.fi/
4c957c366f
can't work this out
2015-05-11 01:18:34 -04:00
dmarti
fe5dc38344
Add "Aloodo Blog"
2015-05-10 14:35:28 -04:00
http://hendry.iki.fi/
e6418a68df
Added a comment: You are right
2015-05-09 22:22:28 -04:00
smcv
d869e78023
Added a comment
2015-05-09 03:06:01 -04:00