Commit Graph

38 Commits

Author SHA1 Message Date
Shyam Sunder 57193b5715 client+server: implement code autoformatting using prettier and black 2020-06-06 08:58:23 -04:00
ReAnzu 2a69f0193f server/auth: add token authentication
* Users are only authenticated against their password on login,
  and to retrieve a token
* Passwords are wiped from the GUI frontend and cookies
  after login and token retrieval
* Tokens are revoked at the end of the session/logout
* If the user chooses the "remember me" option,
  the token is stored in the cookie
* Tokens correctly delete themselves on logout
* Tokens can expire at user-specified date
* Tokens have their last usage time
* Tokens can have user defined descriptions
* Users can manage login tokens in their account settings
2018-03-25 22:23:29 +02:00
rr- a1fbeb91a0 server/users: fix checking passwords with colons 2018-02-10 14:04:02 +01:00
rr- 4bc58a3c95 server: lint 2017-04-24 23:30:53 +02:00
rr- ad842ee8a5 server: refactor + add type hinting
- Added type hinting (for now, 3.5-compatible)
- Split `db` namespace into `db` module and `model` namespace
- Changed elastic search to be created lazily for each operation
- Changed to class based approach in entity serialization to allow
  stronger typing
- Removed `required` argument from `context.get_*` family of functions;
  now it's implied if `default` argument is omitted
- Changed `unalias_dict` implementation to use less magic inputs
2017-02-05 16:34:45 +01:00
rr- 902a0d3fe0 server/db: fix closing DB sessions
Certain exception scenarios led to small disasters. Moved database
session management directly to router, since it's that sensitive.
2017-01-03 21:29:48 +01:00
rr- e8c93cd735 server: fix constructing of HTTP errors
When I added error codes, I missed these exceptions.
2016-09-26 22:51:07 +02:00
rr- d1cad99e87 server/middleware: fix reporting auth errors 2016-09-24 08:38:15 +02:00
rr- 280a55046a server/db: make query counter thread-local 2016-08-24 12:31:55 +02:00
rr- 9aea55e3d1 server/general: embrace most of PEP8
Ignored only the rules about continuing / hanging indentation.

Also, added __init__.py to tests so that pylint discovers them. (I don't
buy pytest's BS about installing your package.)
2016-08-14 16:44:03 +02:00
rr- af62f8c45a server/general: ditch falcon for in-house WSGI app
For quite some time, I hated Falcon's class maps approach that caused
more chaos than good for Szurubooru. I've taken a look at the other
frameworks (hug, flask, etc) again, but they all looked too
bloated/over-engineered. I decided to just talk to WSGI myself.

Regex-based routing may not be the fastest in the world, but I'm fine
with response time of 10 ms for cached /posts.
2016-08-14 16:43:35 +02:00
rr- 3f2717843a server/middleware: log request method 2016-07-26 23:20:15 +02:00
rr- 603420a31d server/middleware: remove unused import 2016-07-17 21:14:56 +02:00
rr- af36c90618 server/general: improve request logging 2016-07-03 18:30:28 +02:00
rr- ac23067fdf server/general: use UTC time stamps 2016-07-03 14:46:28 +02:00
rr- 48cf3b47c0 server/users: don't fetch stats eagerly 2016-06-14 07:50:22 +02:00
rr- 28009bf46d server/general: fix pylint warnings 2016-06-02 23:39:38 +02:00
rr- 446f4d6611 server/search: cache results till non-GET request
250 ms per page --> 30 ms per page (save for the first render). I'd say
it's pretty good
2016-05-31 14:18:50 +02:00
rr- d813601d92 server/api: log queries in debug mode 2016-05-08 20:33:16 +02:00
rr- a567974784 server/general: refactor method names 2016-04-30 23:54:05 +02:00
rr- 57b18c6461 server/general: rename 'util' to 'func' 2016-04-20 11:58:17 +02:00
rr- 15f734d21b server/api: output JSON for HTTP 405 2016-04-19 12:40:08 +02:00
rr- 1597ae7c5c server/db: refactor session usage 2016-04-18 23:06:51 +02:00
rr- bba327fe8a server/middleware: fix session usage 2016-04-18 22:08:30 +02:00
rr- e3a4793d54 server/tags: move tag categories to database 2016-04-18 22:08:30 +02:00
rr- e4239a199c server/api: refactor + remove ID from user JSON 2016-04-16 15:49:21 +02:00
rr- 3d4ceb13b8 server/api: move all io mgmt to context
where input/output includes files, JSON metadata and GET parameters.
Additionally, formalize context with a new class, Context.
2016-04-15 23:26:38 +02:00
rr- 00da04b4d4 server/api: fix decoding JSON 2016-04-10 16:23:35 +02:00
rr- 2af8c9c1a4 server/general: cosmetic changes 2016-04-09 22:44:50 +02:00
rr- e8aeb11081 server/users: add avatar support 2016-04-09 22:38:57 +02:00
rr- 3234da76ad server/api: support file uploads 2016-04-08 22:06:15 +02:00
rr- 19a357611b server: rename 'access ranks' to just 'ranks' 2016-04-06 19:16:44 +02:00
rr- 219ab7c2c3 server/general: be more pythonic 2016-04-03 23:21:22 +02:00
rr- 2578a297bf server/general: improve pylint score
+ incorporate some in-house rules - no more useless doc strings...
2016-04-03 19:17:54 +02:00
rr- baf9b1d31a server/users: track login time 2016-04-03 15:28:10 +02:00
rr- 583e73dfc7 server/middleware: pretty-print JSON 2016-04-02 14:45:19 +02:00
rr- 769ef8f141 server/general: move errors to top level NS 2016-04-02 14:19:01 +02:00
rr- e487adcc97 split files into client/ and server/ 2016-04-01 18:48:16 +02:00