Commit graph

359 commits

Author SHA1 Message Date
TLSM
9e2ceb28b0 Fix four routes with auth_desired misimplemented.
PR #374 removed `@auth_required` from a number of routes and changed
those which used their `v` parameters to `v=None` and removed the `v`
parameter from those which didn't internally use it. 1841134b47

PR #392 re-added `@auth_desired` to those routes to ensure the
templates rendered with awareness of the current logged-in user
(matters for search, header bar, etc). 9f042c1aeb

However, 500 errors occurred on /random_post, /random_user, /id/<uid>,
and /u/<username>. Those were the four which had their `v` parameter
removed entirely. This has been re-added, which fixes the bug.

The way to understand auth_required vs auth_desired is that they are
nearly identical, with the sole difference than auth_required
checks if v is None and aborts with 401 if so. This means that
auth_desired routes must handle the v=None case. They are the same in
that they always try to give a `v` kwarg to the decorated function,
which was the root cause of those four routes erroring.

Recommended style: the vast majority of routes which return a rendered
template should be auth_desired, because the top-level templates often
draw extensively from `v` state even when the route handler does not.
When a route is either auth_desired or auth_required, it should have a
`v` parameter, which we typically give as the first positional
parameter.
2022-11-06 03:11:59 -06:00
justcool393
7ff138f6f1 modlog: fix 500 when clicking on an action and then clicking on an admin, if that admin doesn't have any admin actions of that specific type 2022-10-30 20:19:09 -05:00
Ben Rog-Wilhelm
4197aded0e
Support non-logged-in admin contacts. (#377) 2022-10-27 22:16:42 -05:00
electricwhisk
9f042c1aeb
Stay logged in on certain routes (#392)
This commit adds the @auth_desired decorator to
routes that previous had the @auth_required decorator,
but had it removed in #374. This should cause
the user to remain logged in on these routes.
2022-10-27 22:16:22 -05:00
DinoInNameOnly
d354b0713d Allow search and other pages for logged out users 2022-10-14 06:26:08 -05:00
christopher morris
37396d42b5 remove email from admins contact form 2022-09-22 01:09:16 -05:00
Ben Rog-Wilhelm
41e5f38d19 Add the Support page. 2022-09-19 06:43:42 -05:00
TLSM
2d59865363 Fix #316: restrict access to /badges, remove link. 2022-09-11 23:18:14 -05:00
JulianRota
93400e531e
Require admin for blocks section 2022-09-09 17:09:13 -05:00
TLSM
e1244e9496 Fix flask-limiter having null limit_key.
Recently, unrelated changes led to enabling logging for flask-limiter
accidentally, at which point it was discovered that it wasn't actually
limiting requests due to Limiter.key_func = get_CF not being proper
for either prod (not behind Cloudflare) or localhost (likewise).

We instead use the remote_addr attached directly to the request using
the existing flask-limiter function to do so.

Detailed troubleshooting at:
https://github.com/themotte/rDrama/issues/222#issuecomment-1229489062
2022-08-30 06:37:56 -05:00
Ben Rog-Wilhelm
de4d923b32 Fix some mod log errors and make it more durable to future changes. 2022-08-27 11:23:12 -05:00
Michael House
f3f2aa3935 Made a lot of small changes in the frontend 2022-06-04 07:48:26 -05:00
iro84657
2eb2d6a034 Remove references to r/Drama archives 2022-05-09 22:02:15 -04:00
iro84657
8c2ee6a57a Remove references to Android apps 2022-05-09 21:59:20 -04:00
Ben Rog-Wilhelm
1ee9c1bfa7
Convert text file line endings to LF. 2022-05-09 07:20:47 -05:00
iro84657
71743a3bfc Remove special cases based on SITE_NAME 2022-05-09 01:40:09 -04:00
Michael House
d25d5aa70e Created rules page and updated sidebar 2022-05-08 07:29:01 -05:00
Aevann1
8536d93c87 fhg 2022-05-02 21:32:15 +02:00
Aevann1
eb68ac3907 fsd 2022-05-02 21:30:12 +02:00
Aevann1
9057d39729 sdf 2022-05-02 20:56:10 +02:00
Aevann1
128119a5dc sfd 2022-05-02 20:54:53 +02:00
Aevann1
fbf86d553f tre 2022-05-02 20:50:43 +02:00
TLSM
d60ee252a0
Add badge quantity and rarity to /badges. (#238)
Implements feature request to know how many of each badge exists and
to have a 'rarity', a la Steam or PSN badges, relative to number of
non-lurker users.

Because Postgres `COUNT()`s are notoriously costly, /badges has been
memoized for 1hr to avoid a DOS target.
2022-05-02 20:14:06 +02:00
Aevann1
cbd40daf97 6yutg 2022-05-02 04:11:01 +02:00
Aevann1
6fa44b38f9 sdgf 2022-05-02 04:00:14 +02:00
Aevann1
043e15775c sfd 2022-05-02 03:54:07 +02:00
Aevann1
709a7fc4b5 sfd 2022-05-01 23:44:38 +02:00
Aevann1
240b451962 fsd 2022-05-01 02:53:24 +02:00
Aevann1
4536f4e1d4 fsd 2022-04-29 02:02:00 +02:00
Aevann1
e8373173db fd 2022-04-26 14:59:28 +02:00
Aevann1
dde892d8c3 sfd 2022-04-25 23:16:32 +02:00
Aevann1
08c16336c7 fds 2022-04-25 23:15:02 +02:00
Aevann1
9ec7f2bec3 fsd 2022-04-25 23:10:55 +02:00
Aevann1
f9b7d10e1c fds 2022-04-25 23:04:50 +02:00
Aevann1
6a36400514 fsd 2022-04-25 22:31:30 +02:00
Aevann1
fca942e618 vxc 2022-04-25 21:42:35 +02:00
Aevann1
baf93edcdf fad 2022-04-24 22:39:37 +02:00
Aevann1
7768cfc9de vcx 2022-04-24 19:30:05 +02:00
Aevann1
a7e911e56d fds 2022-04-24 00:09:25 +02:00
Aevann1
c9339db73d fds 2022-04-22 17:45:26 +02:00
Aevann1
c2a0f90a82 fds 2022-04-21 18:10:15 +02:00
Aevann1
91540c161a Revert "RESTORE CACHE"
This reverts commit fe25f41fad.
2022-04-19 22:22:24 +02:00
Aevann1
fe25f41fad RESTORE CACHE 2022-04-19 22:21:47 +02:00
Aevann1
2b62d395b5 gf 2022-04-19 20:19:12 +02:00
Aevann1
eccfb31469 fds 2022-04-17 22:20:40 +02:00
Aevann1
07d782581d fsd 2022-04-16 17:05:33 +02:00
reality500
f4a87df8b5
Add logged_out redirect (#227) 2022-04-14 00:54:32 +02:00
Aevann1
32a3f90a03 fds 2022-04-11 13:25:58 +02:00
Aevann1
486837bcd6 gfd 2022-04-10 16:56:38 +02:00
Aevann1
440eb0aad1 fds 2022-04-07 03:18:46 +02:00