9ab3d2a6be
stop ./gitremotes from processing some broken links
2015-05-27 08:16:31 +01:00
47d4aa4812
2015-05-26 10:07:14 -04:00
599e16aef2
openid spam happens, as it turns out
2015-05-25 13:26:03 -04:00
6dfba9b72e
identified (partly) last spammer
2015-05-25 13:19:29 -04:00
66c21af8ba
Revert "WU trf, train tickets, ship shop, cvv, complete fullz, dumps"
...
This reverts commit 1d05cf33fb
2015-05-25 13:17:56 -04:00
1d05cf33fb
WU trf, train tickets, ship shop, cvv, complete fullz, dumps
2015-05-25 09:06:26 -04:00
4268a63be5
typo
2015-05-21 12:29:21 -04:00
9ee5f1626e
Question about python path for external plugins.
2015-05-21 12:28:33 -04:00
b385373b69
http://i.imgur.com/0yo0VjC.png?1
2015-05-19 18:27:41 -04:00
3676ab329d
sohrten url in subject
2015-05-19 17:44:20 -04:00
ba02e7f33d
nicer layout of subject
2015-05-19 17:41:14 -04:00
73e32f7fa6
add url to subject of email
...
The wikiname can be pretty un-helpful, the user will probably regognise the
url since they were just at it.
2015-05-19 17:38:15 -04:00
84efd3e00f
allow emailuser to be called when there is no %config set
...
ikiwiki-hosting needs to do this
2015-05-19 17:06:25 -04:00
fecfa53988
changelog
2015-05-19 15:35:25 -04:00
a5309078ec
make cgiurl output deterministic
...
IkiWiki::cgiurl() currently produces non-deterministic output, because
the params hash can be sorted different ways.
Sorting keys to params before crafting the string should make the
output deterministic.
2015-05-19 15:34:46 -04:00
da0baca91b
Idea: embedded podcast A/V player.
2015-05-17 18:44:30 -04:00
ab1bba9dab
cloak user PII when making commits etc, and let cloaked PII be used in banned_users
...
This was needed due to emailauth, but I've also wrapped all IP address
exposure in cloak(), although the function doesn't yet cloak IP addresses.
(One IP address I didn't cloak is the one that appears on the password
reset email template. That is expected to be the user's own IP address,
so ok to show it to them.)
Thanks to smcv for the pointer to
http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2015-05-14 11:58:21 -04:00
2a64eea0f5
comments
2015-05-14 11:02:57 -04:00
85a529db3d
passwordauth: Don't allow registering accounts that look like openids.
...
Also prohibit @ in account names, in case the file regexp was relaxed to
allow it.
2015-05-14 10:57:56 -04:00
804144402b
Merge branch 'master' of ssh://git.ikiwiki.info
2015-05-14 10:46:59 -04:00
dd762222fa
crufty po updates
2015-05-14 10:44:09 -04:00
f1f3d4c6e7
update re passwordauth @
2015-05-14 10:41:07 -04:00
4fc4e78cd8
sanitize nickname derived from email address
2015-05-14 10:40:52 -04:00
7ef44d84d6
acls and expectations
2015-05-14 08:22:29 -04:00
dd1dceef47
Critical of automatic merging of stylesheets
2015-05-14 08:14:37 -04:00
71ddaa5adb
2015-05-14 07:06:43 -04:00
20d8557c7b
please do cloak email addresses, the principle of least astonishment applies
2015-05-14 06:05:58 -04:00
42b3b1f63a
proposal for making emailauth not force username == email address
2015-05-14 05:49:45 -04:00
b831d4a6f1
note about email visibility in git commits
2015-05-13 23:44:23 -04:00
b89f4b7ec5
fix page extension
2015-05-13 23:43:16 -04:00
369bfd45cc
close
2015-05-13 23:42:34 -04:00
cfb2c22906
Merge branch 'emailauth'
2015-05-13 23:38:56 -04:00
bf8b7fe2d1
changelog
2015-05-13 23:38:46 -04:00
70cf5bb765
don't let emailauth user's email address be changed on preferences page
...
There's no real problem if they do change it, except they may get confused
and expect to be able to log in with the changed email and get the same
user account.
2015-05-13 23:32:29 -04:00
7a68c4a01c
when an emailauth user posts a comment, use the username only, not the full email address
...
This makes the email not be displayed on the wiki, so spammers won't find
it there.
Note that the full email address is still put into the comment template.
The email is also used as the username of the git commit message
(when posting comments or page edits). May want to revisit this later.
2015-05-13 23:26:22 -04:00
497513e737
avoid showing password prefs for emailauth user
2015-05-13 23:24:07 -04:00
22339188e7
allow adminuser to be an email address
2015-05-13 23:07:29 -04:00
239cd95db7
tweak wording
2015-05-13 23:07:07 -04:00
a7bd24b7b9
fix up session cookie
2015-05-13 23:06:52 -04:00
95e1e51caa
emailauth link sent and verified; user login works
...
Still some work to do since the user name is an email address and should
not be leaked.
2015-05-13 22:27:03 -04:00
f1d77f8193
add emailauth.tmpl
2015-05-13 21:15:08 -04:00
035c1a2449
move stub auth hook to loginselector
2015-05-13 18:54:13 -04:00
e34533d1a0
email auth plugin now works through email address entry
2015-05-13 18:50:40 -04:00
5b459737a5
Converted openid-selector into a more generic loginselector helper plugin.
2015-05-13 18:50:29 -04:00
f8add0adb3
rename openid selector files to login-selector
2015-05-13 17:58:59 -04:00
7765941011
further generalization of openid selector
...
Now template variables can be set to control which login methods are shown
2015-05-13 17:51:29 -04:00
ab4d9a5467
generalized the openid selector to a login selector
...
This includes some CSS changes to names of elements.
Also, added Email login button (doesn't work yet of course),
and brought back the small openid login buttons. Demoted yahoo and verison
to small buttons. This makes the big buttons be the main login types, and
the small buttons be provider-specific helpers.
2015-05-13 16:50:44 -04:00
ee2905ae0a
comments
2015-05-13 16:49:12 -04:00
5d49b5c115
link to indieauth and mention existing problems with this approach
2015-05-13 15:49:18 -04:00
370261e715
thoughts
2015-05-13 14:31:08 -04:00
Simon McVittie
usgv@7608a70b09743e47fbf6b7bcd937121e03e4e244
https://id.koumbit.net/anarcat
Antoine Beaupré
https://me.yahoo.com/a/NyYLSvhuu9XQ3TQ79dx8Peg5GY1VfiNezVI-#df77b
spalax
Jake1
Joey Hess
Daniel Kahn Gillmor
Amitai Schlair
kjs
smcv
