Merge pull request #4548 from pixelfed/staging

Staging
This commit is contained in:
daniel 2023-07-18 00:12:43 -06:00 committed by GitHub
commit 1a3176c996
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 68 additions and 7 deletions

View File

@ -39,6 +39,7 @@
- Update MediaStorageService, improve head header handling ([3590adbd](https://github.com/pixelfed/pixelfed/commit/3590adbd))
- Update admin user view, improve previews ([ff2c16fe](https://github.com/pixelfed/pixelfed/commit/ff2c16fe))
- Update FanoutDeletePipeline, fix AP object ([0d802c31](https://github.com/pixelfed/pixelfed/commit/0d802c31))
- Update Remote Auth feature, fix custom domain bug and enforce banned domains ([acabf603](https://github.com/pixelfed/pixelfed/commit/acabf603))
- ([](https://github.com/pixelfed/pixelfed/commit/))
## [v0.11.8 (2023-05-29)](https://github.com/pixelfed/pixelfed/compare/v0.11.7...v0.11.8)

View File

@ -7,6 +7,7 @@ use Illuminate\Http\Request;
use App\Services\Account\RemoteAuthService;
use App\Models\RemoteAuth;
use App\Profile;
use App\Instance;
use App\User;
use Purify;
use Illuminate\Support\Facades\Auth;
@ -36,6 +37,8 @@ class RemoteAuthController extends Controller
public function getAuthDomains(Request $request)
{
abort_unless(config_cache('pixelfed.open_registration') && config('remote-auth.mastodon.enabled'), 404);
if(config('remote-auth.mastodon.domains.only_custom')) {
$res = config('remote-auth.mastodon.domains.custom');
if(!$res || !strlen($res)) {
@ -45,6 +48,19 @@ class RemoteAuthController extends Controller
return response()->json($res);
}
if( config('remote-auth.mastodon.domains.custom') &&
!config('remote-auth.mastodon.domains.only_default') &&
strlen(config('remote-auth.mastodon.domains.custom')) > 3 &&
strpos(config('remote-auth.mastodon.domains.custom'), '.') > -1
) {
$res = config('remote-auth.mastodon.domains.custom');
if(!$res || !strlen($res)) {
return [];
}
$res = explode(',', $res);
return response()->json($res);
}
$res = config('remote-auth.mastodon.domains.default');
$res = explode(',', $res);
@ -57,6 +73,27 @@ class RemoteAuthController extends Controller
$this->validate($request, ['domain' => 'required']);
$domain = $request->input('domain');
if(str_starts_with(strtolower($domain), 'http')) {
$res = [
'domain' => $domain,
'ready' => false,
'action' => 'incompatible_domain'
];
return response()->json($res);
}
$validateInstance = Helpers::validateUrl('https://' . $domain . '/?block-check=' . time());
if(!$validateInstance) {
$res = [
'domain' => $domain,
'ready' => false,
'action' => 'blocked_domain'
];
return response()->json($res);
}
$compatible = RemoteAuthService::isDomainCompatible($domain);
if(!$compatible) {

View File

@ -12,6 +12,14 @@ class RemoteAuthService
{
const CACHE_KEY = 'pf:services:remoteauth:';
public static function getConfig()
{
return json_encode([
'default_only' => config('remote-auth.mastodon.domains.only_default'),
'custom_only' => config('remote-auth.mastodon.domains.only_custom'),
]);
}
public static function getMastodonClient($domain)
{
if(RemoteAuthInstance::whereDomain($domain)->exists()) {

File diff suppressed because one or more lines are too long

View File

@ -23,7 +23,7 @@
"/js/account-import.js": "/js/account-import.js?id=00ea9b73c8e17dff27e4a7767d9553d7",
"/js/admin_invite.js": "/js/admin_invite.js?id=307a53250701e3b12164af9495e88447",
"/js/landing.js": "/js/landing.js?id=7e3ab65813c4bf28182f5bdf0825774c",
"/js/remote_auth.js": "/js/remote_auth.js?id=55a409bf33c2f1e9950e4b83dc664a2a",
"/js/remote_auth.js": "/js/remote_auth.js?id=0840f85f648319858b72c299b8c51f9e",
"/js/manifest.js": "/js/manifest.js?id=1a9e092e7f4051b3ce0af3c638c8d2c5",
"/js/home.chunk.2d93b527d492e6de.js": "/js/home.chunk.2d93b527d492e6de.js?id=809ef226cf2383e3a8973f65d4269d1c",
"/js/compose.chunk.6464688bf5b5ef97.js": "/js/compose.chunk.6464688bf5b5ef97.js?id=45753d769a16276c2d3ad8d7d6bf3e88",

View File

@ -24,8 +24,8 @@
@click="handleRedirect(domain)">
<span class="font-weight-bold">{{ domain }}</span>
</button>
<hr>
<p class="text-center">
<hr v-if="!config.default_only && !config.custom_only">
<p v-if="!config.default_only && !config.custom_only" class="text-center">
<button type="button" class="other-server-btn" @click="handleOther()">Sign-in with a different server</button>
</p>
<div class="w-100">
@ -43,6 +43,12 @@
<script type="text/javascript">
export default {
props: {
config: {
type: Object
}
},
data() {
return {
loaded: false,
@ -79,6 +85,11 @@
return;
}
if(res.data.hasOwnProperty('action') && res.data.action === 'blocked_domain') {
swal('Server Blocked', 'This server is blocked by admins and cannot be used, please try another server!', 'error');
return;
}
if(res.data.ready) {
window.location.href = '/auth/raw/mastodon/preflight?d=' + domain + '&dsh=' + res.data.dsh;
}
@ -95,9 +106,13 @@
},
})
.then(domain => {
if (!domain) throw null;
if (!domain || domain.length < 2 || domain.indexOf('.') == -1) {
swal('Oops!', "Please enter a valid domain!", 'error');
return;
};
if(domain.startsWith('https://')) {
if(domain.startsWith('http')) {
swal('Oops!', "The domain you enter should not start with http(s://)\nUse the domain format, like mastodon.social", 'error');
return;
}

View File

@ -1,7 +1,7 @@
@extends('layouts.app')
@section('content')
<remote-auth-start-component />
<remote-auth-start-component :config='{!!\App\Services\Account\RemoteAuthService::getConfig()!!}'/>
@endsection
@push('scripts')