* Add recovery code support for two-factor auth
When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.
The two-factor prompt during login now accepts both OTP codes and
recovery codes.
The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.
Fixes#563 and fixes#987
* Set OTP_SECRET in test enviroment
* add missing .html to view file names
* Begin coverage for account search service
* Coverage for hashtag query
* Coverage for calling local vs remote find based on domain presence
* Spec to check that exact matches are not duped
* Coverage of resolve option
* Coverage for account being provided
* Start to refactor account search service
* Isolate query username and domain methods
* Isolate exact_match method
* Extract methods for local and remote results
* Simplify local vs remote and account isoliation
* Extract methods for local and remote results
* Simplify de-dupe of exact match
* Simplify logic to check for non exact remotes
* Cache some methods
* Remove nil from exact_match from results array
* Return exact matches first
* Use find_remote even with no domain
Account.find_local is just an alias for Account.find_remote(user, nil) - so we
can not bother with the conditional here, and call find_remote directly.
* Refresh local info for remote accounts when webfinger returns new values
It only refreshes account info if one of the URLs or the public-key changes,
in which cases it refreshes the full info, re-downloading the feeds from that
user.
Some special handling should probably be done when the public key changes,
but I have been unable to find any use for it in Mastodon yet.
* Re-fetch remote users we aren't subscribed to.
This might induce performance issues, we might want to only do that for users
we explicitly attempted to subscribe but failed to.
* Refactor changes
* Do not refresh existing remote account details more than once a day
* Avoid re-fetching webfinger info in tests unless otherwise specified
* Working translation for Norwegian.
* Fixes to Norwegian translation.
* Further adjustments to Norwegian translation.
* Further adjustments to Norwegian translation.
* Yet more improvements to the Norwegian translation.
* More Norwegian translations. Better terminology.
This value was changed recently, and every locale which had it set was using the
same value as the default. This value is still the default in the new location.
* Polish translation (needs more love though)
* Polish translation bugfix
* bugfix for new colon-containing texts
* another bugfix. yaml is evil
* minor fix
* fixing issues pointed out by reviewers
* Uwierzytelnianie dwustopniowe -> dwuetapowe, as suggested by a reviewer
* Etyczny dizajn zbyt sarkastyczny, to będą założenia
* Allow running mastodon on a different domain as the one used for identifying users
* Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing
* Compare to web_domain instead of local_domain when dealing with feeds/API
* Correctly identify mentions to local accounts
Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
This commit introduces Capybara and the first feature spec.
I focused on coverage for log in for the first feature spec because that would
have prevented 624a9a7136 causing #1236.
* Add locale spec with failing locale plus region check
* Use a more accurate locale when supplied by browser headers
Previously we were using a matching option which would use the first locale
available which matched the locale portion, even if a region was specified.
This changes to first try to find an exact match, and then fall back to the
region, and then fall back to the default.
* Clean up default_locale method
The pkg-config gem was necessary in order for nokogiri to find the system
libraries when building on OpenBSD.
Closes#1637
Signed-off-by: Bryce Chidester <bryce@cobryce.com>
* Simplify admin/reports controller filtering for index
* Rename parameter to resolved
* Fix issue where reports view could not access filter_link_to
* Add coverage for admin/reports controller
* DRY up resolution of related reports for target account
* Clean up admin/reports routes
* Add Report#statuses method
* DRY up current account action taken params
* Rubocop styles
Patrick Figel
luigi
Amakasu Ryoma
Setuu
Alda Marteau-Hardi
Keiji, Yoshimi
Andrew
alpaca-tc
Matt Jankowski
ThibG
Koala Yeung
goofy-bz
Shouko Yu
Fjoerfoks
Olivier Humbert
Ratmir Karabut
Ben Roberts
Thor Harald Johansen
Joachim Viide
Darío Hereñú
Alex Dunn
rysiekpl
Les Orchard
Pierre Ozoux
Valentin Lorentz
Chad Pytel
Kazuhiro NISHIYAMA
Takayuki KUSANO
Luc Didry
Effy Elden
西小倉宏信
Bryce Chidester
JP DeVries
maxypy
Ian Kelling
Eugen Rochko