2e44639210
fix: guest header/footer cache
...
allow clearing individual caches
4 years ago
f1f9b225b0
feat: #8824 , cache refactor ( #8851 )
...
* feat: #8824 , cache refactor
ability to disable caches
ability to download contents of cache
refactor cache modules to remove duplicated code
* fix: remove duplicate hit/miss tracking
check cacheEnabled in getUncachedKeys
4 years ago
6255874e32
feat: move mkdirp to beforeBuild so it doesnt get called twice
4 years ago
74951f5967
fix : #8846 , possible fix
4 years ago
0b30efba31
Merge branch 'master' of https://github.com/NodeBB/NodeBB
4 years ago
16d03975a0
fix: winston error message
4 years ago
d263192271
feat: group exists API call in write api
4 years ago
1446cec77f
feat: user exist route in write api
4 years ago
6b196a207f
fix: permanent redirect on user api redirect shorthand
4 years ago
f2bb42c076
fix: user exist route needs no authentication
4 years ago
60e1e99b4f
feat: new shorthand route /api/v3/users/bySlug/:userslug
...
closes #8844
4 years ago
512f6de6de
feat: allow passwords with length > 73 characters ( #8818 )
...
* feat: allow passwords longer than 73 characters
Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.
https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords
* feat: add additional test for passwords > 73 chars
* fix: remove 'password-too-long' error message and all invocations
* test: added test to show that a super long password won't bring down NodeBB
* fix: remove debug log
* Revert "fix: remove 'password-too-long' error message and all invocations"
This reverts commit 1e312bf7ef7e119fa0f1bd3517d756ca013d5e79.
* fix: added back password length checks, but at 512 chars
As processing a large string still uses a lot of memory
4 years ago
c61dee4b62
fix : #8840 , don't crash if /compose route is called with no query params
4 years ago
9e3eb5d41a
feat: #8821 , allow guest topic views
4 years ago
f68bce86a9
fix: XSS in event:banned messaging modal
4 years ago
76cd5b0fc1
fix : #8836 , truncate fullname
4 years ago
eec630f1ef
fix(acp): max-height for plugin menu list
4 years ago
891a1ea2af
fix : #8827 , do not require admin:users privilege to ban users
4 years ago
4b63f9937c
fix: check is banned in buildHeader
...
remove unused banReason
remove generateHeader function
4 years ago
a338f52780
feat: #8823 , remove hardcoded write concern
4 years ago
08ff4041aa
fix: missing await
4 years ago
c0f699e655
fix: disallow registration attempts with password length > 4096
...
This is a stopgap measure for v1.15.0
4 years ago
4818ec377e
fix: missing await
4 years ago
6e85920cb6
feat: allow mods/admins to see deleted posts on user profile
4 years ago
87bff6cd65
fix: broken test
4 years ago
dda5d42610
fix: restore old behaviour of empty json w/ 401 code in admin middleware
4 years ago
15e0731dd9
fix: deprecate middleware.isAdmin
...
Also, handle admin logout timer in middleware.admin.checkPrivileges
4 years ago
4439864ce0
fix: post editing not taking plugin hook results into account
4 years ago
a02ae6f5df
refactor: simpler check in user.blocks.filter
4 years ago
27016d221c
feat: rearrange buttons on manage/users
4 years ago
57ed6be78b
fix : #8805 define our own name for write API v3
4 years ago
266d7587b2
refactor: remove usage of middlewares
...
Specifically, middleware.isAdmin|exposePrivilegeSet|exposePrivileges
4 years ago
a6a52430ce
fix: remove setCategorySort and setTopicSort
4 years ago
aa8faf58a0
refactor: remove /users/{uid}/settings/{setting} route
...
@baris Also, I am now allowing the following properties to be saved in User.saveSettings:
- categoryTopicSort
- topicPostSort
- setCategorySort
- setTopicSort
4 years ago
6ac73ccb7e
feat: #8801 , disable express compression by default
4 years ago
3c98cd3d95
fix: topic object in post editing data return
4 years ago
1392d064a1
fix(writeapi): normalizing data
4 years ago
ec03af7a38
feat: allow passing subset of user settings on update route
4 years ago
618e098305
fix: bug where token generation route would fail on null case
4 years ago
b156b8b573
feat: wip, write api tests framework
...
re-using read api tests if possible
4 years ago
2e9f27d8ff
fix: typo
4 years ago
93bdfe2f10
perf: reorder async calls
4 years ago
88a07e69b5
feat: add filter:category.getFields
4 years ago
a05905f196
performance improvements ( #8795 )
...
* perf: nconf/winston/render
cache nconf.get calls
modify middleware.pageView to call next earlier
don't call winston.verbose on every hook see https://github.com/winstonjs/winston/issues/1669
translate header/footer separately and cache results for guests
* fix: copy paste fail
* refactor: style and fire hook only log in dev mode
* fix: cache key, header changes based on template
* perf: change replace
* fix: add missing await
* perf: category
* perf: lodash clone
* perf: remove escapeRegexChars
4 years ago
0db0231cff
feat: move postercount to topic hash
4 years ago
203db47b30
fix: return early for guests/spiders
4 years ago
156e1396f2
fix: #8789,cache meta.settings
4 years ago
a7b6d0dfe5
feat: add free and total mem usage to info
4 years ago
c26f2b6599
feat(writeapi): user settings API
4 years ago
db63f5e3f0
fix : #8781
4 years ago
Barış Soner Uşaklı
Barış Soner Uşaklı
Julian Lam
psychobunny