Neil Lalonde
4e158b2316
Add secure flag to cookie
2014-01-30 17:07:08 -05:00
Neil Lalonde
946e837542
Add twitter to Onebox.options
2014-01-29 14:14:07 -05:00
Sam
a247389d4e
FEATURE: automatically update site to latest version of assets
...
if a user neglects to move around the site it will prompt to do so 2 hours in
2014-01-15 12:08:35 +11:00
Sam
fd95dbe75a
FEATURE: Automatically force a full refresh between pages if assets change
2014-01-15 12:08:35 +11:00
Sam
166a8d2932
don't insert middleware its a problem
2014-01-10 13:51:02 +11:00
Sam
5242a49c02
BUGFIX: in some proxy scenarios https was not propergated properly
2014-01-10 12:21:09 +11:00
Sam
adc9a58f4a
BUGFIX: anon cache was mucking with params
2014-01-09 16:49:12 +11:00
Sam
d4cc367a6f
Disable cache for a bit to see if its killing the build
2014-01-09 16:08:59 +11:00
Sam
177983afe6
BUGFIX: mobile ui was being cached for anon views
2014-01-09 14:08:42 +11:00
Régis Hanol
06dd7ffe3c
better revision history
2013-12-12 03:41:34 +01:00
Sam
461972844e
unicorn out of band GC
2013-11-15 12:15:49 +11:00
Sam
0e8914cee6
add unicorn launcher to support live reloads
...
add oobgc rudimentary support
2013-11-13 15:29:36 +11:00
Sam
11428ef9d6
filter out android from mini profiler
2013-11-12 16:47:01 +11:00
Neil Lalonde
18bc6ecd08
Sidetiq::Clock#start is deprecated. Remove it.
2013-11-05 15:43:48 -05:00
Raul Murciano
bd5fe86c87
require `X-Frame-Options: SAMEORIGIN` for clickjack prevention
2013-10-28 15:14:08 -07:00
Sam
3d647a4b41
remove rack cache, it has been causing trouble
...
instead implement an aggressive anonymous cache that is stored in redis
this cache is sitting in the front of the middleware stack enabled only in production
TODO: expire it more intelligently when stuff is created
2013-10-16 16:39:18 +11:00
Sam
c4bab8915c
fix initialization issues with unicorn
...
amend unicorn script to demonize sidekiq
create a sidekiq demon that unicorn consumes
correct bug in exec_sql with empty params
2013-10-10 14:23:24 +11:00
Sam
f0a122a66c
move job files so they live underneath app/ and not in lib/
...
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Sam
98267d439a
fixed ruby 2.0 p0 bug in fast_stack so re-pushing
2013-09-09 21:19:23 +10:00
Sam
3fb0f52574
disable flamegraph while I figure out why fast stack is not working for some people on x32
2013-09-07 08:50:16 +10:00
Sam
51eb764345
mini profiler update to use latest flame graph engine
2013-09-03 17:58:56 +10:00
Sam
d3c5afbb80
reduce sidetiq frequency
...
remove minutely() schedule that was very inefficient
2013-09-02 17:14:41 +10:00
Sam
b730b27c4f
some soample counter methods
2013-08-30 16:44:34 +10:00
Sam
aaf41d227f
fix secret_token init to always allow an override even if its too short
2013-08-29 15:27:59 +10:00
Sam
213ce33af2
Fixed all broken specs
...
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam
912d4b853b
slowly going about ordering our middleware
2013-08-26 12:59:17 +10:00
Sam
075002a6d5
refactoring the plugin interfaces to allow for better extensible
2013-08-26 12:59:17 +10:00
Sam
b5b22f0f36
move secret token into redis to ease install
2013-08-20 17:17:19 +10:00
Michael Kirk
4af8a9102e
Authenticate with Discourse via OAuth2
...
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Stephan Kaag
a6b4b5dbf2
Replace Clockwork with Sidetiq
2013-08-14 21:39:40 +02:00
Régis Hanol
92b0cfe3d3
cleaned up non-used code
2013-08-13 22:09:10 +02:00
Sam
857e2e6a19
correct scope, it should user:email to get read access to email
2013-08-02 10:03:29 +10:00
Sam
2162e3bbb5
we need email scope (also as I edit files I like to keep quoting consistent)
2013-08-02 09:59:25 +10:00
Sam
160107a712
working plugin interface for custom openid auth, custom css and custom js
2013-08-01 16:02:43 +10:00
Robin Ward
8c4aac7f94
Migrate all jasmine specs to Qunit. Removed Jasmine.
2013-06-19 18:18:35 -04:00
Sam
11afa0c11b
work in progress migrate to moment
2013-06-07 08:49:22 +10:00
Ian Christian Myers
0d01c33482
Enabled strong_parameters across all models/controllers.
...
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.
The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.
It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
8b69ee26ff
forking in passenger was bust, message bus subscriptions would stop working after fork
2013-06-03 16:50:30 +10:00
Chris Hunt
dbf4d9b0dc
Set Sidekiq log level to WARN
2013-05-29 09:36:15 -07:00
Erik Ordway
1575ce7b10
add cas support with a few tests
2013-05-23 13:40:50 -07:00
Sam
e9ebadb414
Nuke message_bus_observer move to service class and classes
...
Secure all messages triggered by post creation and all user actions so they don't leak
(meaning, if you have a browser open and secure topics are created you will only get them if you are allowed to see them)
2013-05-16 15:03:16 +10:00
Sam
68e6405aca
redis rack cache was crazy, it was just storing stuff in redis FOREVER, added a PR to fix, forked to my repo, sourcing a sane version
2013-05-07 17:33:04 +10:00
Sam
4d2c28e8b2
added setting to flush redis if you feel like doing so in dev
2013-05-03 09:56:10 +10:00
slainer68
467c76b2c0
Implements support for rack-cors for API JavaScript access in end-user browser
2013-04-22 11:16:58 +02:00
Sam
8014d7fd25
correct rack::cache so it always punches through users with auth cookies
2013-04-12 21:59:52 +10:00
Sam
850b042cab
introduce rack:cache as a default, so users don't need to configure apache or nginx
...
under rack cache we are able to serve 620reqs a second per thin (on my machine) before it 12 (on my machine)
reorganised so mini profilers can be cleanly disabled from config file
added caching for categories index
move production.rb to production.sample.rb
2013-04-11 16:24:21 +10:00
Kuba Brecka
af0a772629
implement pluralization for server-side and js
2013-03-31 19:55:02 +02:00
Sam
36d60befbd
mini profiler fix for multisite
2013-03-25 18:04:46 -07:00
Neil Lalonde
ba315c6610
If assets haven't been precompiled, fail to start server in production mode with a message
2013-03-25 13:33:58 -04:00
Robin Ward
7c505df6d4
Merge branch 'update-sidekiq' of git://github.com/nverba/discourse
...
Conflicts:
config/initializers/sidekiq.rb
2013-03-25 10:26:13 -04:00
Sam
622568fd57
fix mp in prd
2013-03-24 20:36:55 -07:00
Sam
f921d1c547
comment out dead code
...
add some explanations
2013-03-24 20:09:28 -07:00
Sam
67c438434b
wow, this has been broken for OH so long, we need to segragate users correctly so MP results work as expected
2013-03-24 19:52:03 -07:00
Sam
988a712c77
correct multisite functionality for omniauth
2013-03-24 17:21:18 -07:00
Karan Misra
5dfb04e4b3
Convert a lot of :a => b to a: b and bring peace to the world
2013-03-25 05:07:36 +05:30
nverba
0c7579ec9f
Update Sidekiq and config
2013-03-23 14:49:50 +00:00
Sam
e3d30f1366
turns out that instansiating a storage provider and assigning it nowhere, just don't work
2013-03-20 23:54:28 -07:00
nverba
9a1fb90b91
Update mini_profiler.rb
...
Passing a pre-defined Redis connection to MiniProfiler stops connection leakage. Should limit MiniProfiler connections to one per running process.
2013-03-20 03:29:07 +00:00
nverba
68e3f5228f
Basic Heroku integration
2013-03-13 19:07:49 +00:00
nverba
3c0274a00b
init message_bus before site_settings
2013-03-13 15:15:22 +00:00
Sam
3a58e7aac2
amend airbrake location
2013-03-11 17:16:54 -07:00
Sam
a0bdbe046a
don't try to load airbrake if there is no config for it
2013-03-11 16:59:21 -07:00
Sam
1c8eef7dbd
added basic passenger support, no long polling but functions
...
clean up initializers so they are ordered properly
2013-03-11 05:33:20 -07:00
Sam
22a4580df5
added profile environment for perftools profiling (1.9.3 only)
2013-03-10 17:21:56 -07:00
Neil Lalonde
fab04dbb58
Add github commits widget
2013-03-06 14:39:01 -05:00
Neil Lalonde
739d6391a9
Fix error during db:migrate on a new database
2013-03-05 13:02:16 -05:00
Régis Hanol
239cbd2d58
enforce coding convention
...
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Neil Lalonde
3fdc59b1d9
Raise an error in production env if host_names is using production.localhost
2013-03-04 16:07:02 -05:00
Robin Ward
f7c9efb101
Merge branch 'persona-integration' of git://github.com/callahad/discourse
2013-03-04 11:51:26 -05:00
Michael Berg
5e95dfb1c9
Removing unnecessary Rails.env check
2013-03-02 05:58:05 +01:00
Michael Berg
de154f3ef1
Get secret_token from ENV['SECRET_TOKEN'] (e.g. for Heroku)
2013-03-01 23:55:49 +01:00
Dan Callahan
fd4d384dc1
Add Mozilla Persona Omniauth Gem and initializer
2013-03-01 13:29:47 -06:00
Robin Ward
007118b00c
Merge branch 'github-auth' of git://github.com/nverba/discourse
...
Conflicts:
config/locales/server.en.yml
db/structure.sql
spec/views/omniauth_callbacks/complete.html.erb_spec.rb
2013-02-27 12:09:22 -05:00
nverba
b45f872c04
Added Github authentication option, disabled by default with enable options in settings.
2013-02-26 05:00:21 +00:00
Gosha Arinich
cafc75b238
remove trailing whitespaces ❤️
2013-02-26 07:31:35 +03:00
Robin Ward
e461c84253
Clean up JS, add YUIDoc support, automatically create IIFE via asset pipeline
2013-02-25 17:16:57 -05:00
Neil Lalonde
1e794f98a7
Add an option to not flush redis every time sidekiq.rb is loaded in development
2013-02-21 13:45:16 -05:00
Neil Lalonde
803a86a21d
Add more documentation to secret_token.rb
2013-02-20 20:32:40 -05:00
Sam Saffron
87b929eac6
added secret token warning in prd
...
added task to stamp builds
2013-02-18 17:34:43 +11:00
Sam Saffron
1228e351a8
a much more basic but robust restart watcher,
...
removed the pid stuff cause it needs to be a lot more careful not to think
pids from other machines restarted. robust working code is better than
complex graceful broken code.
2013-02-16 13:54:23 +11:00
Sam Saffron
ff0d58e4ee
message bus work in progress
2013-02-16 12:14:52 +11:00
Robin Ward
3cdf89d052
Merge pull request #162 from jessepollak/omniauth-failure
...
Adds failure callback for omniauth
2013-02-15 07:13:17 -08:00
Sam Saffron
eb188c57e8
started work on message bus diags
2013-02-15 19:23:40 +11:00
Jesse Pollak
ad5a5b4866
This commit adds a callback route to handle omniauth failure and removes a few unneccessary entries in en.yml
2013-02-14 18:08:40 -08:00
Sam Saffron
4ccb7354d1
nuking SSL = bad
2013-02-14 09:12:20 +11:00
xdite
67cc766f0c
using redis as backend store
2013-02-13 16:48:44 +08:00
xdite
9189d937f7
move all logic to omniauth
...
implement omniauth-facebook / omniauth-twitter
2013-02-13 15:08:38 +08:00
xdite
be3d036084
use omniauth-openid to replace google id
2013-02-13 15:08:32 +08:00
Sam Saffron
af810f38dd
UserSearch refactor
...
Added .sql_builder to all AR models
2013-02-10 23:37:24 +11:00
Sam Saffron
457229b133
Revert "Revert "structure.db to my structure""
...
This reverts commit 7c61c3d699
.
2013-02-08 22:03:25 +11:00
Sam Saffron
7c61c3d699
Revert "structure.db to my structure"
...
This reverts commit 616a1f4906
.
2013-02-08 21:57:16 +11:00
Sam Saffron
616a1f4906
structure.db to my structure
...
tone down watch for restart
2013-02-08 21:09:46 +11:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00