aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* make cgiurl output deterministicDaniel Kahn Gillmor2015-05-19
| | | | | | | | IkiWiki::cgiurl() currently produces non-deterministic output, because the params hash can be sorted different ways. Sorting keys to params before crafting the string should make the output deterministic.
* Idea: embedded podcast A/V player.Amitai Schlair2015-05-17
|
* cloak user PII when making commits etc, and let cloaked PII be used in ↵Joey Hess2015-05-14
| | | | | | | | | | | | | | banned_users This was needed due to emailauth, but I've also wrapped all IP address exposure in cloak(), although the function doesn't yet cloak IP addresses. (One IP address I didn't cloak is the one that appears on the password reset email template. That is expected to be the user's own IP address, so ok to show it to them.) Thanks to smcv for the pointer to http://xmlns.com/foaf/spec/#term_mbox_sha1sum
* commentsJoey Hess2015-05-14
|
* passwordauth: Don't allow registering accounts that look like openids.Joey Hess2015-05-14
| | | | | Also prohibit @ in account names, in case the file regexp was relaxed to allow it.
* Merge branch 'master' of ssh://git.ikiwiki.infoJoey Hess2015-05-14
|\
| * acls and expectationshttps://id.koumbit.net/anarcat2015-05-14
| |
| * Critical of automatic merging of stylesheetskjs2015-05-14
| |
| * (no commit message)kjs2015-05-14
| |
| * please do cloak email addresses, the principle of least astonishment appliessmcv2015-05-14
| |
| * proposal for making emailauth not force username == email addresssmcv2015-05-14
| |
* | crufty po updatesJoey Hess2015-05-14
| |
* | update re passwordauth @Joey Hess2015-05-14
| |
* | sanitize nickname derived from email addressJoey Hess2015-05-14
|/
* note about email visibility in git commitsJoey Hess2015-05-13
|
* fix page extensionJoey Hess2015-05-13
|
* closeJoey Hess2015-05-13
|
* Merge branch 'emailauth'Joey Hess2015-05-13
|\
| * changelogJoey Hess2015-05-13
| |
| * don't let emailauth user's email address be changed on preferences pageJoey Hess2015-05-13
| | | | | | | | | | | | There's no real problem if they do change it, except they may get confused and expect to be able to log in with the changed email and get the same user account.
| * when an emailauth user posts a comment, use the username only, not the full ↵Joey Hess2015-05-13
| | | | | | | | | | | | | | | | | | | | | | email address This makes the email not be displayed on the wiki, so spammers won't find it there. Note that the full email address is still put into the comment template. The email is also used as the username of the git commit message (when posting comments or page edits). May want to revisit this later.
| * avoid showing password prefs for emailauth userJoey Hess2015-05-13
| |
| * allow adminuser to be an email addressJoey Hess2015-05-13
| |
| * tweak wordingJoey Hess2015-05-13
| |
| * fix up session cookieJoey Hess2015-05-13
| |
| * emailauth link sent and verified; user login worksJoey Hess2015-05-13
| | | | | | | | | | Still some work to do since the user name is an email address and should not be leaked.
| * add emailauth.tmplJoey Hess2015-05-13
| |
| * move stub auth hook to loginselectorJoey Hess2015-05-13
| |
| * email auth plugin now works through email address entryJoey Hess2015-05-13
| |
| * Converted openid-selector into a more generic loginselector helper plugin.Joey Hess2015-05-13
| |
| * rename openid selector files to login-selectorJoey Hess2015-05-13
| |
| * further generalization of openid selectorJoey Hess2015-05-13
| | | | | | | | Now template variables can be set to control which login methods are shown
| * generalized the openid selector to a login selectorJoey Hess2015-05-13
| | | | | | | | | | | | | | | | | | This includes some CSS changes to names of elements. Also, added Email login button (doesn't work yet of course), and brought back the small openid login buttons. Demoted yahoo and verison to small buttons. This makes the big buttons be the main login types, and the small buttons be provider-specific helpers.
* | commentsJoey Hess2015-05-13
| |
* | link to indieauth and mention existing problems with this approachhttps://id.koumbit.net/anarcat2015-05-13
|/
* thoughtsJoey Hess2015-05-13
|
* tyoJoey Hess2015-05-13
|
* updateJoey Hess2015-05-13
|
* updateJoey Hess2015-05-13
|
* proposalJoey Hess2015-05-13
|
* closeJoey Hess2015-05-13
|
* remove the small buttons for livejournal/flickr/wordpress/aolJoey Hess2015-05-13
| | | | | None of these are commonly used openid providers, and the openid button can be used to log in with any such openid provider.
* promote the other/password item to a large buttonJoey Hess2015-05-13
|
* When openid and passwordauth are the only enabled auth plugins, make the ↵Joey Hess2015-05-13
| | | | openid selector display "Password" instead of "Other", so users are more likely to click on it when they don't have an openid.
* branch link fixkjs2015-05-11
|
* local.css also blockingkjs2015-05-11
|
* can't work this outhttp://hendry.iki.fi/2015-05-11
|
* Add "Aloodo Blog"dmarti2015-05-10
|
* Added a comment: You are righthttp://hendry.iki.fi/2015-05-09
|
* Added a commentsmcv2015-05-09
|
generated by cgit v1.2.3 (git 2.25.4) at 2024-06-20 14:04:43 +0000