Commit Graph

1797 Commits

Author SHA1 Message Date
Bobby
ab4f8263de
feat: ignore option for ServeStaticQuick class 2022-08-23 15:13:04 +07:00
Bobby
414afc7ae6
feat: allow specifying root path in serve classes
when used on non-root paths
2022-08-23 15:12:25 +07:00
Bobby
ff7ec4aeaf
fix: /users/edit throw with empty edits 2022-08-23 15:09:47 +07:00
Bobby
2b6fd37ba1
feat: use execFile() to parse git commit
does not pointlessly spawn a new shell
2022-08-21 22:16:24 +07:00
Bobby
82937b57db
feat: assert lolisafe process working directory
in case lolisafe is attempted to be ran from elsewhere
2022-08-21 22:15:19 +07:00
Bobby
8fcfc29ea3
feat: package.json scripts
explicitly enable NODE_ENV=production env var for start scripts
2022-08-21 21:44:24 +07:00
Bobby
09fea107f3
feat: env SERVE_STATIC_QUICK=0 yarn start
restore an older behavior of serving static files with
ServeLiveDirectory middleware instead of ServeStaticQuick, in case of
issues with streaming files from disk via createReadStream

if you do encounter this issue, serving uploaded files with node will
likely encounter issues as well, but you can choose to serve them
directly with nginx, etc., so i guess it's not beyond hope
2022-08-21 21:23:14 +07:00
Bobby
3f08b966ef
chore: typos in README 2022-08-20 06:55:25 +07:00
Bobby
3ba93c3a95
chore: link volta in readme 2022-08-20 06:53:06 +07:00
Bobby
18ff2f0893
feat: volta pinned node & yarn versions 2022-08-20 06:38:37 +07:00
Bobby Wibowo
bd71035517
fix: missing cpu temp and swap logic 2022-08-19 10:48:45 +07:00
renovate[bot]
83c6cee482
chore(deps): update dependency postcss-preset-env to ~7.8.0 (#564)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-19 10:45:55 +07:00
renovate[bot]
e554c0c031
chore(deps): update dependency eslint to ~8.22.0 (#563)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-19 10:43:46 +07:00
renovate[bot]
0cd747aa22
chore(deps): update dependency stylelint to ~14.10.0 (#562)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-19 10:43:34 +07:00
renovate[bot]
bfe46b90cb
chore(deps): update dependency cssnano to ~5.1.13 (#561)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-19 10:40:35 +07:00
renovate[bot]
96c7d6b7e4
chore(deps): update dependency postcss to ~8.4.16 (#559)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-19 10:40:25 +07:00
renovate[bot]
f3e4f1cd57
fix(deps): update dependency systeminformation to ~5.12.6 (#560)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-19 10:40:04 +07:00
BobbyWibowo
1ddc8eeabd dist: rebuilt client assets and bumped v1 version string 2022-08-19 03:39:23 +00:00
Bobby Wibowo
991cfe134e
feat: add cpu temp and swap memory to statistics
temp is currently hard-coded to C

also increased system info caching to 1s
2022-08-19 10:38:24 +07:00
Bobby Wibowo
86d9db3137
feat: split service info in statistics
additionally add cpu detail in system info
2022-08-19 10:18:35 +07:00
Bobby Wibowo
ea30e5dee5
feat: enable persistent cache for nojs uploader
also slight improvement to NunjucksRenderer class
2022-08-19 09:50:08 +07:00
Bobby Wibowo
19eac1d98a
chore: routes/nojs.js 2022-08-19 09:30:09 +07:00
Bobby Wibowo
0d05da40b0
fix: fallback deletion url to relative path
if homeDomain is not configured via config file or env var

the deletion url is a frontend page, so it cannot simply assume it's on
the same domain as uploaded files
2022-08-19 09:29:11 +07:00
BobbyWibowo
b18b2ee312 dist: rebuilt client assets and bumped v1 version string 2022-08-19 00:42:07 +00:00
Bobby Wibowo
29c05a9046
fix: home uploader standardized headers set
it'd previously set the string-representation for non-string values
e.g. "null" for null, etc.

auth token is now also set on as axios' default common headers,
just like in dashboard.js, etc., to avoid re-setting it everytime
2022-08-19 07:40:48 +07:00
Bobby Wibowo
6c929efa7b
fix: less strict missing token header check
previously would still assume token is provided when the header is
simply an empty string, which may be unavoidable for some clients
2022-08-19 07:30:32 +07:00
Bobby Wibowo
59c5c8b7b0
fix: guest uploads hanging
caused by auth middleware not passing the request when token is missing
2022-08-19 07:01:45 +07:00
Bobby
4c850f4731
fix: default sharex config download url
used to be always appended with ?v=undefined regardless of cacheControl
option's value in config file

this never came into attention usually, because the default url would
only be presented to non-logged in users when the safe is private
2022-08-10 09:17:48 +07:00
Bobby Wibowo
8142eae9df
refactor: /users/{delete,disable,edit} API routes
simplify self.assertPermission function to only assert permission

fixed hard-coded "root" user protection not being asserted first
2022-08-09 17:51:31 +07:00
Bobby Wibowo
0a62002a6e
fix: re-create "root" user if users table is empty
previously it'd always re-create it if "root" user itself is missing
from users table

this facilitates not having "root" user altogether
2022-08-09 17:28:21 +07:00
Bobby Wibowo
6ff735badb
feat: wrap add to album db query in transaction
additionally allow superadmins to arbitrarily add/remove files to/from
albums via manual API calls, instead of only allowing root user
2022-08-09 17:18:56 +07:00
Bobby Wibowo
4907ef9ad7
chore: indent albumsController.js 2022-08-09 17:00:26 +07:00
Bobby Wibowo
edf7c091e4
feat: wrap upload db insert within transaction 2022-08-09 16:57:55 +07:00
Bobby Wibowo
d8b78d29ed
feat: hard-code prevent registering as "root"
and allow migration script to not throw when root user is missing

this facilitates safely removing root user altogether via database query
if you don't use it
2022-08-08 06:22:18 +07:00
BobbyWibowo
493d2a8df3 dist: rebuilt client assets and bumped v1 version string 2022-08-07 23:09:47 +00:00
Bobby Wibowo
253042e24e
fix: improve filtering uploads by album ids
database logic and dashboard display
2022-08-08 06:08:40 +07:00
Bobby Wibowo
e0d0694a30
fix: frontend errors handling 2022-08-08 05:42:40 +07:00
BobbyWibowo
52299408ae dist: rebuilt client assets and bumped v1 version string 2022-08-07 14:50:44 +00:00
Bobby
b48d8678fd
fix: bump version string for fontello font files
i forgot this is required
2022-08-07 21:50:05 +07:00
BobbyWibowo
b352de8395 dist: rebuilt client assets and bumped v1 version string 2022-08-07 14:45:42 +00:00
Bobby
d86501996b
chore: updated _globals.sample.njk
other than showing how the new server icon is being used, it's also
because paste.fiery.me is currently offline
2022-08-07 21:44:25 +07:00
Bobby
a46a488dfd
feat: added server icon to fontello 2022-08-07 21:43:18 +07:00
Bobby Wibowo
4bb0af4ca7
revert: last 2 commits
this reverts commit 0e4f483506 and aca4a02f53

lel, im going crazy with this
2022-08-05 01:12:58 +07:00
Bobby Wibowo
0e4f483506
refactor: some routes init
this format is now fixed with hyper-express@6.4.5
2022-08-05 01:01:18 +07:00
renovate[bot]
aca4a02f53
fix(deps): update dependency hyper-express to v6.4.5 (#558)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-05 00:59:16 +07:00
Bobby Wibowo
b21fa66e59
fix: possible event listeners memory leak 2022-08-05 00:54:44 +07:00
BobbyWibowo
bdf6557368 dist: rebuilt client assets and bumped v1 version string 2022-08-04 16:49:25 +00:00
Bobby Wibowo
8c26fa4ffa
feat: better axios errors handling 2022-08-04 23:47:48 +07:00
Bobby Wibowo
c6c485447f
feat: token failure rate limit on login/register
also removed default 2 reqs in 5s rate limiter for login/register routes
from sample config, as it's pretty much redundant now
2022-08-04 23:34:58 +07:00
Bobby Wibowo
a406f85215
feat: rate limit token auth failures
hard-coded to max 6 failures in 10 minutes
2022-08-04 23:09:14 +07:00