davejansen/snikket-web-portal
1
0
Fork 0
Code Issues Pull Requests Activity
666 Commits 70 Branches 27 Tags
master
Commit Graph

666 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthew Wild
488dc9a3f3 Merge pull request #202 from snikket-im/ka/oauthtweaks 
OAuth tweaks
 2025-06-05 17:55:56 +01:00
Kim Alvefur
1a65ba6150 Include a software id in oauth client registration 
This is supposed to be a unique and persistent identifier for the
software itself, regardless of version or deployment instance.

Generated from the domain name in the comment using uuid_generate_sha1()
 2025-06-05 17:52:04 +01:00
Kim Alvefur
9474238dee Declare as a web application in oauth client registration 
It is, even if the password grant isn't restricted to that, but if ever
the authorization code flow is implemented, it'll be correct.
 2025-06-05 17:52:01 +01:00
Kim Alvefur
60e663316b Declare that oauth client credentials are using POST method 
Not enforced by mod_http_oauth2, but could be in the future
 2025-06-05 17:50:52 +01:00
Kim Alvefur
770d05c72c Declare use of no response types, since password grant uses none 
Needless restriction removed in
https://hg.prosody.im/prosody-modules/rev/ef81c67e1ae7
 2025-06-05 17:50:52 +01:00
Kim Alvefur
ea75d8e832 Include requested scopes in oauth client registration 
This can be used on the oauth server side to enforce that no additional
scopes are added.
 2025-06-05 17:50:52 +01:00
Kim Alvefur
145dda8c19 Include web portal version in oauth client registration 
This could be shown in client listings and audit logs, and checked to
ensure old versions stop being used. Not the most relevant for the web
portal as it is closely tied together with the server, but could help
answer questions about where old grants come from.
 2025-06-05 17:50:52 +01:00
Matthew Wild
149a79cb2c Merge pull request #203 from snikket-im/make-lint 
prosodyclient: Fixes to satisfy mypy
 2025-06-05 17:48:23 +01:00
Matthew Wild
69f77020b8 prosodyclient: Fixes to satisfy mypy 2025-06-05 17:46:05 +01:00
Matthew Wild
5ac481a4b4 prosodyclient: Switch to black formatting and remove lint issues 2025-06-05 17:33:22 +01:00
Matthew Wild
56470eec01 Github: Use flake8 target 2025-06-05 17:32:34 +01:00
Matthew Wild
9b4903b230 Makefile: Add lint, format (black), flake8 and mypy targets 2025-06-05 17:29:44 +01:00
Matthew Wild
74c3946609 Bump log level of oauth errors 2025-06-02 11:36:08 +01:00
Matthew Wild
feabed6565 Register as an OAuth client and authenticate token requests 
mod_http_oauth2 in prosody-modules was updated to require client
authentication for the password grant, which previously did not need
client authentication.

This means that the first request we make to Prosody will now register as a
client in order to obtain client_id and client_secret.

There is no real security gain from this approach (unlike other grant types,
the password grant does not do redirects which could be intercepted). In the
future, however, some security could be gained by having Prosody restrict
the ability to use the password grant to privileged OAuth clients. This would
prevent third-party OAuth clients from using the password grant which is not
suitable for that purpose.
 2025-06-02 11:36:08 +01:00
Jonas Schäfer
af13a3cc47 Merge pull request #197 from snikket-im/z/play-badge-l10n 
Serve localized Google Play badges locally
 2025-04-13 08:57:16 +02:00
Kim Alvefur
466e3e79b7 Serve localized Google Play badges locally 
Fixes #196

Badges downloaded from <https://play.google.com/intl/en_us/badges/> with
a bit of automation to get one per supported language.
 2025-04-12 20:23:10 +02:00
Weblate
3f1ce7565b Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/
stable.20240926 		2024-08-11 19:21:49 +00:00
Matthew Wild
265ca4db8f Merge pull request #191 from snikket-im/fix/issue190 
Ignore that users do not have access to metrics
 2024-08-11 20:21:32 +01:00
Kim Alvefur
5015c4aa43 fixup: refresh translation code references 2024-08-11 16:36:53 +02:00
Kim Alvefur
465720c5b1 fixup: please flake8 2024-08-11 16:34:06 +02:00
Kim Alvefur
2a8e7ae72b fixup: please mypy 2024-08-11 16:25:17 +02:00
Andrey
449e345ee5 Ignore that users do not have access to metrics 
Fixes #190

The templates appear to handle this being False, so that seems the path
of least resistance.
 2024-08-11 15:56:40 +02:00
Andrey
51798ecc43 Translated using Weblate (Russian) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/ru/
 2024-07-18 17:08:03 +00:00
uira
1e15ef5fce Translated using Weblate (Indonesian) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/id/
 2024-07-18 17:07:58 +00:00
misiek
0f41aa24d8 Translated using Weblate (Polish) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/pl/
stable.20240925 stable.20240904 stable.20240717 beta.20240711 beta.20240708 		2024-05-07 17:04:52 +00:00
J👀
15516cdaa5 Translated using Weblate (Spanish) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/es/
 2024-05-06 05:04:46 +00:00
Rosebud
948e415dbd Translated using Weblate (Chinese (Simplified)) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/zh_Hans/
 2024-05-02 21:15:30 +00:00
Kim Alvefur
a3fcf7d1d4 Translated using Weblate (Swedish) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/sv/
 2024-05-02 21:15:28 +00:00
Federico
65de73f1fe Translated using Weblate (Italian) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/it/
 2024-05-02 21:15:28 +00:00
Roberto Resoli
989fe7b5b6 Translated using Weblate (Italian) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/it/
 2024-05-02 21:15:27 +00:00
Andrey
4bc929e1ce Translated using Weblate (Russian) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/ru/
 2024-05-02 21:15:27 +00:00
BetaRays
5817b24c48 Translated using Weblate (French) 
Currently translated at 100.0% (373 of 373 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/fr/
 2024-05-02 21:15:19 +00:00
Weblate
550526efc9 Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/
 2024-04-30 09:56:03 +00:00
Kim Alvefur
2a2e36ade2 Translated using Weblate (Swedish) 
Currently translated at 100.0% (370 of 370 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/sv/
 2024-04-30 09:56:01 +00:00
Andrey
22f7d6f36a Translated using Weblate (Russian) 
Currently translated at 100.0% (370 of 370 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/ru/
 2024-04-30 09:56:01 +00:00
Matthew Wild
2d42099017 Merge pull request #188 from snikket-im/invitation-ui 
Invitation admin UI improvements
 2024-04-30 10:55:44 +01:00
Matthew Wild
2ff47c486a Update translation strings 2024-04-30 10:52:52 +01:00
Matthew Wild
338ee0b278 Add 'share' button for browsers supporting Web Share API 2024-04-30 10:48:51 +01:00
Matthew Wild
64c6548a48 Support for optional text notes on invitations 2024-04-29 18:39:06 +01:00
Matthew Wild
8c824149cc Fixes for invitation display 
- Reorder columns, from generic to specific
- Fix empty tooltip on invitation types caused by incorrect macro usage
 2024-04-29 18:19:07 +01:00
Matthew Wild
607863cfc4 Remove duplicate template macro 2024-04-29 18:00:22 +01:00
Matthew Wild
13c5d44544 Merge pull request #187 from snikket-im/cookie-samesite-attribute 
Explicitly set cookie SameSite attribute to Lax
 2024-04-29 11:22:21 +01:00
Matthew Wild
6407eb90db Explicitly set cookie SameSite attribute to Lax 
With 'Secure' set, it may default to 'None', which we don't need or want.

'Strict' is not suitable for session cookies - the user would see the login
screen when navigating from another site (e.g. hosting dashboard) and we
already have CSRF protection on forms.
 2024-04-29 11:18:55 +01:00
Matthew Wild
a8c6b1a70c Merge pull request #186 from snikket-im/cookie-secure-attribute 
Add 'secure' attribute to session cookies
 2024-04-29 11:09:44 +01:00
Matthew Wild
67c94bb045 Add 'secure' attribute to session cookies 2024-04-29 11:08:30 +01:00
Weblate
f4c1173a34 Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/
 2024-04-28 08:40:16 +00:00
Jonas Schäfer
e39b0082b1 Merge pull request #185 from Zash/translate-welcome 
Translate welcome message
 2024-04-28 10:39:57 +02:00
Kim Alvefur
9eb187a951 Make welcome message translatable 2024-04-27 14:22:39 +02:00
Kim Alvefur
b928e74a74 make extract_translations 2024-04-27 14:21:32 +02:00
Andrey
75c0f504d0 Translated using Weblate (Russian) 
Currently translated at 100.0% (368 of 368 strings)

Translation: Snikket/Web Portal
Translate-URL: http://i18n.sotecware.net/projects/snikket/web-portal/ru/
 2024-04-23 17:14:06 +00:00