Commit Graph

20 Commits

Author SHA1 Message Date
Neil Lalonde
ca5f361d0a FEATURE: restrict admin access based on IP address 2014-09-05 12:06:01 -04:00
Sam
7993845bfa add current_user_provider so people can override current_user bevior cleanly, see
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Sam
aa6c92922d SECURITY: correct our CSRF implementation to be much more aggressive 2013-07-29 15:13:13 +10:00
Sam
1aef6de4b0 automatically approve invited users on forum where moderators must approve (keep in mind only moderators can invite)
speed up specs a touch
allow invite controller to accept an email in absence of user (cleans up API)
2013-07-11 11:22:00 +10:00
Sam
850b042cab introduce rack:cache as a default, so users don't need to configure apache or nginx
under rack cache we are able to serve 620reqs a second per thin (on my machine) before it 12 (on my machine)

reorganised so mini profilers can be cleanly disabled from config file

added caching for categories index

move production.rb to production.sample.rb
2013-04-11 16:24:21 +10:00
Sam
c57ec611e1 basic api support 2013-03-25 18:04:46 -07:00
Sam
deb603f41c Merge pull request #547 from kid0m4n/convert-ruby-1-9-syntax
Convert a lot of :a => b to a: b and bring peace to the world
2013-03-24 16:43:17 -07:00
Karan Misra
5dfb04e4b3 Convert a lot of :a => b to a: b and bring peace to the world 2013-03-25 05:07:36 +05:30
Kuba Brecka
113d0e0257 fix duplicate auth_token in development database images 2013-03-22 18:33:56 +01:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Sam Saffron
47fedd8f4d correct breakage
don't set permanent cookie, kill session if it conflicts
2013-02-24 22:56:08 +11:00
Sam Saffron
fd2e9a99bf cookie recovery cause we have been messing with it. 2013-02-24 21:50:34 +11:00
Sam Saffron
b66db4153d refactor and organise current_user better 2013-02-24 21:42:04 +11:00
Sam
ab97dc8fd6 Update lib/current_user.rb 2013-02-24 17:24:40 +11:00
tms
3e6641c07e Unsign auth token cookies per discussion on #215 2013-02-23 13:40:21 -05:00
tms
5616fdc475 Sign the auth token cookie and make it httpOnly 2013-02-20 17:24:19 -05:00
Sam Saffron
eb188c57e8 started work on message bus diags 2013-02-15 19:23:40 +11:00
Robin Ward
74220b4194 Don't update the current ip to an empty string 2013-02-11 16:01:53 -05:00
Robin Ward
57049b55a2 Little things:
- Retries on deadlock when calculating average time
- Removes Warning: When specifying html format for errors
- Doesn't use manual SQL to update user's ip address
2013-02-11 15:47:28 -05:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00