When running in open mode invites can be freely generated by accessing
/create-invite. This displays an HTML page which creates and displays an
invite to the user.
This commit adds an additional way of creating invites in open mode. A
POST request can be sent to the same /create-invite endpoint with the
Accept header set to application/json. This returns a JSON response
which contains an invite url.
The purpose of this change is to make automatic invite generation easier
in SSB clients.
Previously notices could only be displayed as HTML. This commit makes it
possible to request a list of notices as JSON. This can be used to
programmatically display a description of a room server in SSB clients.
The behaviour is governed by a query parameter. To list notices as JSON
set a query parameter "encoding" to "JSON" when listing notices (for
example https://example.com/notice/list?encoding=json). This parameter
was chosen instead of using the "Accept" header as similar behaviour is
already exhibited by other endpoints (namely the invite mechanism).
also update AuthFallback database
* re-write fallback auth to use alias or ssbid
* replace Create() with SetPassword() which does an upsert
* Add reset tokens to sqlite
* add test for SetPassword with reset token
* disable ui if user is unelevated
* disable revoke button if unelevated and not own invite
* improve styling of disabled elements
* remove revoke if alias not made my current user
to make sure the list of languages is sorted, we now use a slice of
TagTranslation{Tag: string, Translation: string} structs, sorted
by `TagTranslation.Tag`.
while working on the /set-language route, i noticed that i was getting a
csrf error for all /admin views when setting the language, while it
worked well on non-admin routes.
the issue, it turned out, was that we needed to configure gorilla's csrf
feature to set all cookies on the same route. when unconfigured, the
set cookies will only be set for the path they are being set at.
see more in the gorilla.csrf documentation (in particular the csrf.Path
option): https://pkg.go.dev/github.com/gorilla/csrf?utm_source=godoc#Path
* fix test compilation
* fix aliases on member page
* add tests for aliases on member.GetByID and ByFeed
* fix admin tests
* use webassert helper for flash messages
* fix flashes
* fill in sid and sc
* fix logout
* cascade member removal
* fix links
* trim suffix from signature
* fix /sse/login link
* fix sse links and filenames
* fix logout
* fix typos
* fix test compilation
* fix bridge test
* correct alias url test
* add some comments
* fix potentiall "can't send" deadlock on bridge
some documentation and license headers