Sam
99f4d5082b
FIX: Improve token rotation and increase logging
...
- avoid access denied on bad cookie, instead just nuke it
- avoid marking a token unseen for first minute post rotation
- log path in user auth token logs
2017-03-07 13:27:43 -05:00
Neil Lalonde
6aab8cb331
FEATURE: new category setting for whether to show latest topics or top topics by default
2017-03-03 11:30:44 -05:00
Guo Xiang Tan
66a0a89591
PERF: Add index to speed up `DirectoryItem.refresh_period!` query.
2017-03-03 16:25:06 +08:00
Neil Lalonde
262016604d
FEATURE: each category can control how many topics to show on categories page
2017-03-01 15:12:57 -05:00
Sam Saffron
3532957ce1
index should have always been unique
2017-02-22 12:37:11 -05:00
Neil Lalonde
a702330ccd
FEATURE: make show_subcategory_list a per-category setting
2017-02-22 11:42:36 -05:00
Sam
2c59ffeb2c
FIX: token rotation not accounting for overlapping tokens correctly
...
also... freeze_time has no block form, correct all usages and specs
2017-02-15 10:58:18 -05:00
Sam
0ab96a7691
FEATURE: add hidden setting for verbose auth token logging
...
This is only needed to debug auth token issues, will result in lots
of logging
2017-02-13 14:01:09 -05:00
Sam
4d57c95e9b
delay the removal of auth token column from user table
2017-02-07 09:39:41 -05:00
Sam
ff49f72ad9
FEATURE: per client user tokens
...
Revamped system for managing authentication tokens.
- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes
New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.
Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Sam
2b808ad9da
Merge pull request #4609 from joebuhlig/category-topics-wiki
...
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Joe Buhlig
87251fded7
FEATURE: Category setting to make all topics wikis
...
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Guo Xiang Tan
43ee9f884e
FEATURE: Add `Group#full_name`.
2016-12-13 16:16:26 +08:00
Guo Xiang Tan
303282670f
FIX: Skip callbacks when migrating.
2016-12-13 08:57:07 +08:00
Guo Xiang Tan
98fd77fb6c
FIX: Don't drop the columns immediately.
2016-12-13 08:07:12 +08:00
Guo Xiang Tan
da7009a968
FEATURE: Add request membership button for allowed groups.
2016-12-12 22:48:08 +08:00
Guo Xiang Tan
9a800107cb
FIX: Associate category logo and background to uploads record.
2016-12-12 17:37:28 +08:00
Guo Xiang Tan
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
Guo Xiang Tan
3e19b738d7
Add 'Group#public'.
2016-12-12 17:00:30 +08:00
Guo Xiang Tan
adb7fcb6b3
FEATURE: Add bio to group page.
2016-12-05 16:58:04 +08:00
Sam
1db9d17756
Make removal of topic columns more resilient to deploys
2016-12-05 12:11:46 +11:00
Sam
c04d4171ff
FIX: whisper no longer experimental
...
- Regular users are not notified of whispers
- Regular users no longer have "stuck" topics in unread
- Additional tracking for staff highest post number
- Remove a bunch of unused columns in topics table
2016-12-02 17:03:31 +11:00
Guo Xiang Tan
1867442fbc
PERF: Add score indexes for top topics.
2016-11-24 10:11:52 +08:00
Guo Xiang Tan
f03d9cad06
PERF: `NOT IN` query is really inefficient for large tables.
2016-11-02 13:09:18 +08:00
Neil Lalonde
9ef1688a76
FEATURE: per-category default topic list sort order
2016-11-01 12:18:41 -04:00
Arpit Jalan
382803cb05
FEATURE: include post image in OpenGraph image tag
2016-10-31 15:11:33 +05:30
Neil Lalonde
6d68aac6eb
FIX: add_directory_items_indexes causes migration to timeout on large databases, so create indexes concurrently
2016-10-25 15:30:21 -04:00
Régis Hanol
52b338db62
FIX: category logo & background URLs should not use the CDN
2016-10-25 10:43:57 +02:00
Guo Xiang Tan
18d032ad91
PERF: Remove ordering by username.
...
* Ordering by username results in a very expensive query
for very little upside UX wise.
2016-10-15 01:13:58 +08:00
Sam
f4f5524190
FEATURE: user API now contains scopes so permission is granular
...
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Sam
eacfdf92cd
FIX: increase external_avatar_url to 1000 limit
2016-10-11 10:12:11 +11:00
cpradio
6f1c31d777
Add notification level user preference when replying to a topic
2016-09-30 14:58:07 -04:00
Robin Ward
b0ee7930e8
Server side support for inviting as a moderator via the wizard
2016-09-22 09:52:19 -04:00
Robin Ward
c94e6f1b96
Add locale step
2016-09-22 09:52:19 -04:00
Robin Ward
3f6e3b9aff
Wizard - Color Scheme Step
2016-09-22 09:52:19 -04:00
Sam
8dc4329094
FEATURE: optionally get extra profile info from facebook
...
This feature requires the application be approved by facebook, so it is
default off
2016-09-19 16:14:11 +10:00
Sam
5b3cd3fac9
FEATURE: Import facebook avatars when logging in via facebook
...
FIX: warning about popup dimensions when using facebook login
Rules are:
- On account creation we always import
- If you already have an avatar uploaded, nothing is changed
- If you have no avatar uploaded, we upload from facebook on login
- If you have no avatar uploaded, we select facebook unless gravatar already selected
This also fixes SSO issues where on account creation accounts had missing avatar uploads
2016-09-19 15:10:23 +10:00
Erick Guan
9ce61b4586
FEATURE: Webhooks.
2016-09-05 18:44:00 +08:00
Neil Lalonde
2251104e32
FEATURE: avatar flair can be font awesome icons
2016-08-26 17:15:37 -04:00
Robin Ward
4f68fd970d
FIX: Forgot to include a file in the previous commit :)
2016-08-23 15:09:09 -04:00
Neil Lalonde
d079f69b7b
FEATURE: add flair to avatars using new settings in the groups admin UI
2016-08-17 15:13:15 -04:00
Sam
416e7e0d1e
FEATURE: basic UI to view user api keys
2016-08-16 17:06:52 +10:00
Sam
fc095acaaa
Feature: User API key support (server side implementation)
...
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
Sam
ab68e0c9db
FEATURE: allow "developer" account flagging via developers table
...
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
Sam
df535c6346
FEATURE: refresh session cookie at most once an hour
...
This feature ensures session cookie lifespan is extended
when user is online.
Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan
a9207dafa7
FEATURE: configure session time via site setting for all the users ( #4343 )
2016-07-23 02:57:30 +05:30
Sam
a5d0e0f277
PERF: index for deleted posts in a topic to speed up has_deleted detection
2016-07-19 10:29:22 +10:00
Sam Saffron
46b34e3c62
FEATURE: remove user option for edit history public
...
Users can no longer opt-in for "public" edit history
if site owner disables it.
This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Robin Ward
e5293f2c9a
FIX: Force HTML to recompile
2016-07-11 12:57:05 -04:00