Commit Graph

94 Commits

Author SHA1 Message Date
Toby Zerner
9896378b59 Overhaul sessions, tokens, and authentication
- Use cookies + CSRF token for API authentication in the default client. This mitigates potential XSS attacks by making the token unavailable to JavaScript. The Authorization header is still supported, but not used by default.
- Make sensitive/destructive actions (editing a user, permanently deleting anything, visiting the admin CP) require the user to re-enter their password if they haven't entered it in the last 30 minutes.
- Refactor and clean up the authentication middleware.
- Add an `onhide` hook to the Modal component. (+1 squashed commit)
2015-12-03 15:11:57 +10:30
Toby Zerner
73c44adb96 Merge pull request #615 from oldskool/ip-logging
Minor changes:
- Rename/restyle migration, fix namespace
- Make IP address optional on PostReply command
2015-10-31 10:04:06 +10:30
Jan Dorsman
49fddbd450 WIP IP Logging 2015-10-27 21:53:21 +01:00
Toby Zerner
dd67291ce0 Major refactor and improvements
- Reorganised all namespaces and class names for consistency and structure. Following PSR bylaws (Abstract prefix, Interface/Trait suffix).
  - Move models into root of Core, because writing `use Flarum\Core\Discussion` is nice. Namespace the rest by type. (Namespacing by entity was too arbitrary.)
  - Moved some non-domain stuff out of Core: Database, Formatter, Settings.
  - Renamed config table and all references to "settings" for consistency.
  - Remove Core class and add url()/isInstalled()/inDebugMode() as instance methods of Foundation\Application.
  - Cleanup, docblocking, etc.

- Improvements to HTTP architecture
  - API and forum/admin Actions are now actually all the same thing (simple PSR-7 Request handlers), renamed to Controllers.
  - Upgrade to tobscure/json-api 0.2 branch.
  - Where possible, moved generic functionality to tobscure/json-api (e.g. pagination links). I'm quite happy with the backend balance now re: #262

- Improvements to other architecture
  - Use Illuminate's Auth\Access\Gate interface/implementation instead of our old Locked trait. We still use events to actually determine the permissions though. Our Policy classes are actually glorified event subscribers.
  - Extract model validation into Core\Validator classes.
  - Make post visibility permission stuff much more efficient and DRY.

- Renamed Flarum\Event classes for consistency. ref #246
  - `Configure` prefix for events dedicated to configuring an object.
  - `Get` prefix for events whose listeners should return something.
  - `Prepare` prefix when a variable is passed by reference so it can be modified.
  - `Scope` prefix when a query builder is passed.

- Miscellaneous improvements/bug-fixes. I'm easily distracted!
  - Increase default height of post composer.
  - Improve post stream redraw flickering in Safari by keying loading post placeholders with their IDs. ref #451
  - Use a PHP JavaScript minification library for minifying TextFormatter's JavaScript, instead of ClosureCompilerService (can't rely on external service!)
  - Use UrlGenerator properly in various places. closes #123
  - Make Api\Client return Response object. closes #128
  - Allow extensions to specify custom icon images.
  - Allow external API/admin URLs to be optionally specified in config.php. If the value or "url" is an array, we look for the corresponding path inside. Otherwise, we append the path to the base URL, using the corresponding value in "paths" if present. closes #244
2015-10-08 14:28:02 +10:30
Toby Zerner
8c7cdb184f Fix installation 2015-10-03 17:38:23 +09:30
Toby Zerner
264725d872 Allow discussions to be hidden and restored 2015-09-22 17:48:21 +09:30
Toby Zerner
8937050aed Rename column for consistency 2015-09-22 16:54:32 +09:30
Toby Zerner
7fb582e8d7 Namespace migrations to avoid potential conflicts
Core migrations are under the Flarum\Migrations\Core namespace.
Extension migrations must be under the
Flarum\Migrations\{ExtensionName} namespace.

closes #422
2015-09-17 08:54:31 +09:30
Toby Zerner
e524c59f97 Improve external authentication API
Some providers (e.g. Twitter) don't expose user email addresses, so it
turns out we can't use that as the sole form of identification/account
matching.

This commit introduces a new `auth_tokens` table which stores arbitrary
attributes during the sign up process. For example, when Twitter is
authenticated, a new auth token containing the user's Twitter ID will
be created. When sign up is completed with this token, that Twitter ID
will be set as an attribute on the user's account.
2015-09-15 15:56:48 +09:30
Toby Zerner
6beb4fe898 Add external authenticator (social login) API
Allows registrations to be completed with a pre-confirmed email address
and no password.
2015-09-15 11:27:31 +09:30
Toby Zerner
84012ca2fd Preliminary implementation of master API keys
Part of #205
2015-09-07 08:37:33 +09:30
Toby Zerner
0b8aa5c124 Add header comment; PSR-2 fixes; remove seeders 2015-08-26 16:56:32 +09:30
Toby Zerner
17dbeefabe Clean up 2015-08-17 14:11:45 +09:30
Toby Zerner
2edcbacccc Improve install command, add custom migrations system
Implemented our own migration repository + migrator (based on Laravel's
stuff) so that we can keep track of which migrations have been run for
core and per-extension. That way we can simple call the migrator to
upgrade core/extensions, and to uninstall extensions.
2015-08-14 12:47:59 +09:30
Franz Liedke
7b07e02e75 Use dependency injection in migrations 2015-08-12 01:29:40 +02:00
Toby Zerner
f49d0e5341 Allow locale to be selected in footer 2015-08-05 09:50:57 +09:30
Toby Zerner
a0fe68272c Implement TextFormatter for posts
Get rid of formatting on user bios, we'll do that with JavaScript
2015-07-22 16:03:48 +09:30
Toby Zerner
64e5d50533 Allow author to delete discussion if there are no replies
Also disallow the first post in a discussion to be deleted or hidden
(thus preventing discussions with zero posts)

closes flarum/core#90 closes flarum/core#92
2015-06-23 10:34:33 +09:30
Franz Liedke
1cbc60ca41 Merge branch 'master' into psr-7
Conflicts:
	src/Api/Actions/Discussions/IndexAction.php
	src/Api/Actions/SerializeAction.php
	src/Core/Formatter/FormatterManager.php
	src/Extend/ForumAssets.php
	src/Forum/Actions/IndexAction.php
	src/Forum/ForumServiceProvider.php
2015-06-17 00:52:50 +02:00
Toby Zerner
f0df751465 Overhaul permissions
Get rid of Permissible - too complex and inefficient. Replace with:
- a “Locked” trait which works similarly but only evaluates logic on
hydrated models.
- a “VisibleScope” trait which also works similarly but only scopes
queries

This is all we need, Permissible is overkill. There is only one
instance where we have to duplicate some logic
(Discussion::scopeVisiblePosts and Post::allow(‘view’, …)) but it’s
barely anything.

Haven’t decoupled for now, we can definitely look at doing that later.

Permissions table seeder slightly updated.

Also did a bit of a query audit, there’s still a lot to be done but
it’s much better than it was. Some relatively low-hanging fruit
detailed in EloquentPostRepository.
2015-06-16 17:33:56 +09:30
Toby Zerner
8b162344cd Lay the groundwork for translation & refactor asset compilation
Ditched the idea of having language packs as extensions. Reasoning:

1. Because we use machine keys for translations (rather than English
keys), extensions need to be able to define default translations. If
English translations are to be included in extensions and not in a
language pack extension, then it doesn’t make sense to have other
languages as language pack extensions. Inconsistency → complexity.

2. Translations should maintain version parity with their respective
extensions. There’s no way to do this if extension translations are
external to the extension.

Instead, localisation will be a core effort, as well as a per-extension
effort. Translators will be encouraged to send PRs to core + extensions.

In core, each locale has a directory containing three files:
- translations.yml
- config.js: contains pluralisation logic for the JS app, as well as
moment.js localisation if necessary
- config.php: contains pluralisation logic for the PHP app

Extensions can use the Flarum\Extend\Locale extender to add/override
translations/config to a locale.

Asset compilation has been completely refactored with a better
architecture. Translations + config.js are compiled and cached for the
currently active locale.
2015-06-10 14:23:56 +09:30
Franz Liedke
8c53a93d43 Refer to Schema facade by full namespace 2015-06-09 02:45:02 +02:00
Franz Liedke
d1cd4b174b Remove last remaining usage of DB facade 2015-06-09 02:40:02 +02:00
Franz Liedke
07a6be3202 Set table engine to MyISAM explicitly (for fulltext support) 2015-06-07 22:04:45 +02:00
Toby Zerner
aae7678cea Really rough fulltext driver implementation 2015-06-04 11:11:56 +09:30
Toby Zerner
2741923714 Improvements to change/forgot password 2015-05-27 16:25:44 +09:30
Toby Zerner
696bfe5a07 Improve email changing/confirmation stuff 2015-05-27 16:24:54 +09:30
Toby Zerner
feb4676aa0 Very rough implementation of forgot password 2015-05-26 11:14:06 +09:30
Toby Zerner
3c7078b423 New user activity feed API.
Originally the user activity feed was implemented using UNIONs. I was
looking at make an API to add activity “sources”, or extra UNION
queries (select from posts, mentions, etc.) but quickly realised that
this is too slow and there’s no way to make it scale.

So I’ve implemented an API which is very similar to how notifications
work (see previous commit). The `activity` table is an aggregation of
stuff that happens, and it’s kept in sync by an ActivitySyncer which is
used whenever a post it created/edited/deleted, a user is
mentioned/unmentioned, etc.

Again, the API is very simple (see Core\Activity\PostedActivity +
Core\Handlers\Events\UserActivitySyncer)
2015-05-20 12:30:27 +09:30
Toby Zerner
98b3d0f89e Simplify and improve notifications API.
It turns out that the idea of “sending” a notification is flawed. (What
happens if the notification subject is deleted shortly after? The
notified user would end up with a dud notification which would be
confusing. What about if a post is edited to mention an extra user? If
you sent out notifications, the users who’ve already been mentioned
would get a duplicate notification.)

Instead, I’ve introduced the idea of notification “syncing”. Whenever a
change is made to a piece of data (e.g. a post is created, edited, or
deleted), you make a common notification and “sync” it to a set of
users. The users who’ve received this notification before won’t get it
again. It will be sent out to new users, and hidden from users who’ve
received it before but are no longer recipients (e.g. users who’ve been
“unmentioned” in a post).

To keep track of this, we use the existing notifications database
table, with an added `is_deleted` column. The syncing/diffing is
handled all behind the scenes; the API is extremely simple (see
Core\Notifications\DiscussionRenamedNotification +
Core\Events\Handlers\DiscussionRenamedNotifier)
2015-05-20 12:24:01 +09:30
Franz Liedke
f7e241e410 Fix migrations to comply with PSR-2 2015-05-19 01:22:09 +02:00
Franz Liedke
6b4c27a944 Primary key for access tokens table 2015-05-19 00:46:04 +02:00
Franz Liedke
26c2761cbf Explicitly specify length for string columns.
The missing length attributes caused problems with too long indices.
2015-05-19 00:20:36 +02:00
Toby Zerner
b4e5f0e6e5 Simplify permissions and add API to register configurable ones
Lots of thought has gone into this; it will show up later when I do the
admin permissions interface / category permissions :)
2015-05-15 17:05:46 +09:30
Toby Zerner
54f731942e Add user group badges 2015-05-06 11:25:19 +09:30
Toby Zerner
359f44552e Implement user preferences API
Preferences must be registered (optionally with a callback to transform
data, and a default value) on the User model.
2015-03-28 15:43:57 +10:30
Franz Liedke
cf8e02977f Change name of avatar field in users table. 2015-03-26 20:59:06 +01:00
Franz Liedke
7f66a77ede Add avatar handling to user model. 2015-03-25 14:21:50 +01:00
Toby Zerner
4a1550215c Implement notifications 2015-03-24 15:07:38 +10:30
Toby Zerner
3880ce70f0 Add user activity system 2015-03-17 17:06:12 +10:30
Toby Zerner
4804d95b37 Implement user "bio" field
Perhaps this should be an extension, but it is pretty essential and I
can’t think of many instances where it wouldn’t be wanted. Would be
very easy to extract later on if need be.
2015-03-12 10:38:18 +10:30
Toby Zerner
2882ecd46e Rename user posts count to comments count 2015-03-12 10:34:59 +10:30
Toby Zerner
074b4d0989 Add model validation back in 2015-02-26 12:44:39 +10:30
Toby Zerner
2c46888db5 Upgrade to L5 + huge refactor + more. closes #2
New stuff:
- Signup + email confirmation.
- Updated authentication strategy with remember cookies. closes #5
- New search system with some example gambits! This is cool - check out
the source. Fulltext drivers will be implemented as decorators
overriding the EloquentPostRepository’s findByContent method.
- Lay down the foundation for bootstrapping the Ember app.
- Update Web layer’s asset manager to properly publish CSS/JS files.
- Console commands to run installation migrations and seeds.

Refactoring:
- New structure: move models, repositories, commands, and events into
their own namespaces, rather than grouping by entity.
- All events are classes.
- Use L5 middleware and command bus implementations.
- Clearer use of repositories and the Active Record pattern.
Repositories are used only for retrieval of ActiveRecord objects, and
then save/delete operations are called directly on those ActiveRecords.
This way, we don’t over-abstract at the cost of Eloquent magic, but
testing is still easy.
- Refactor of Web layer so that it uses the Actions routing
architecture.
- “Actor” concept instead of depending on Laravel’s Auth.
- General cleanup!
2015-02-24 20:33:18 +10:30