881dfe6f0d
navbar user dropdown, logout icon
2026-03-14 11:53:35 +01:00
0bc9384b6a
logout form w/ back to root page
2026-03-13 12:01:29 +01:00
b0013f9962
run TW LSP against .rs files, enforce canonical twcss
2026-03-11 14:41:08 +01:00
f753fcf5b4
user profiles
2026-03-10 21:21:23 +01:00
9e678c5586
quote frontend init, chips, basic stats
2026-03-09 22:56:13 +01:00
4a4e97f7be
users::page, users::created_at, nav gating, icons, misc
2026-03-08 23:50:06 +01:00
8d18c858b3
mobile responsiveness
2026-03-08 12:08:53 +01:00
e1578af68e
web UI, tailwind, icons, login
2026-03-08 11:35:23 +01:00
149bf43c01
add potential sqlite db names to gitignore
2026-03-07 16:53:32 +01:00
766e9029bf
quotes create&getbyid, migration renew, misc
2026-03-07 16:08:29 +01:00
ca84b7e4b4
Persons & Names full implementation
2026-03-07 12:13:34 +01:00
f8f47cc3ff
tag rename
2026-03-07 00:24:52 +01:00
5645fdb4e6
tag delete
2026-03-06 23:52:50 +01:00
1597ee3e05
check tag create permission...
...
i forgor
2026-03-06 23:29:58 +01:00
9931bbe306
create & getall for tags
2026-03-06 15:33:39 +01:00
2ebbc88c0a
user list, user create w/ endpoints, misc
2026-03-04 22:46:46 +01:00
de6ea0d913
handle unique constraint on users.handle properly, misc
2026-03-04 19:31:55 +01:00
f253ff1157
unify DB errors
2026-03-03 17:59:38 +01:00
da5300b713
switch logging over to log & env_logger crate
2026-03-02 15:52:18 +01:00
f6a9807794
unuseds & cargo clippy
2026-03-01 23:59:42 +01:00
e60172527c
change handle endpoint & why was changepassword a GET?
2026-03-01 14:53:54 +01:00
b2a80ffa58
setpassword endpoint, misc
2026-03-01 00:31:15 +01:00
c8d15f8c6b
session revoking, perm, DatabaseError (partially)
2026-02-28 23:27:56 +01:00
94dcc1816d
permissions stub wo/ DB model
2026-02-28 13:16:22 +01:00
ea3dd17261
the most insignificant change you could imagine lowkey
2026-02-28 01:42:58 +01:00
f754e47221
centralize Argon2 setup
2026-02-28 00:23:15 +01:00
b6a211bbcf
login & logout
2026-02-27 23:46:37 +01:00
969401658f
login endpoint
2026-02-26 00:39:33 +01:00
ba3b3413d0
quote&line stub
2026-02-25 21:38:01 +01:00
edc8ea1598
allow 2-letter, 24-letter tags
2026-02-25 17:14:43 +01:00
11476f7c5b
implement tags
2026-02-25 02:45:42 +01:00
5a92740785
mitigate sidechannel timing attack for basic auth
...
Information on whether a user with a given handle exists or not could be
collected by checking the difference between response times of
auth-required endpoints with and without a real handle being passed into
Basic auth. This is because the time-expensive password hash would only
be computed for users that exist, lengthening the response time. In
local testing, this was a difference of 8ms vs. 35-60ms.
A hash is now computed even if a user with the requested handle doesn't
exist, mitigating the issue and leaving only negligible differences
inbetween all response times, from which no information can be obtained.
2026-02-24 14:49:30 +01:00
f6feec2469
make get_user_by_id return canonical handle
2026-02-24 02:20:01 +01:00
fcf43dc0bc
case-insensitive UserHandles
2026-02-24 02:06:24 +01:00
1e7866a293
fight unuseds, sessions endpoint
2026-02-24 01:42:19 +01:00
ee7ed48144
CompositeError, UserAuthRequired, /users/self & users/:id, misc
2026-02-24 00:55:19 +01:00
085764f06a
basic HTTP server
2026-02-23 13:17:09 +01:00
b31c85647e
remove obsolete auth module
2026-02-23 10:24:13 +01:00
e11ba79b37
dumb typo
2026-02-23 02:22:30 +01:00
52b70d4ee9
a whole lot of preem User/Session/Auth work
2026-02-23 02:17:49 +01:00
7a62819d9c
UserHandle newtype, Users & boilerplate
2026-02-22 14:53:40 +01:00
53f9e40477
first pass db schema & deps
2026-02-20 21:33:41 +01:00
