* fix 401-302-401-302-429 loop
* don't logout users on bad form key, just treat the request as unauthenticated
* Handle None/empty case in validate_formkey.
A supplied empty formkey, or the lack of a supplied formkey (None) is not a valid formkey. Handle this inside the function rather than at the call-site.
* Validate as false if no hashstr or string
Co-authored-by: Snakes <104547575+TLSM@users.noreply.github.com>
Ported in from upstream with adjustments for TheMotte, most notably
universal default to 'new' and fixes to 'hot'. Lumped into this PR
because eager comment loading uses it.
Removes the following awards / fields on User:
- flairlock
- progressivestack
- bird
- longpost (pizzashill)
- marseyawarded
- rehab
- deflector
- mute
- unmutable
- eye (All-Seeing Eye)
- alt (Alt-Seeing Eye)
Primarily motivated by starting to remove some un-Mottelike cruft
from core commenting/posting routes. Cleared out other inapplicable
awards while in the process.
The last places coins were visible to non-admins were in user popovers
and, potentially, via direct access of /@<username>/coins. These have
been removed.
Additionally, there are a number of routes which, despite being removed
from the UI, were still operative and usable. These are disabled
pending possible(?) future uses of coins.
Using the new assetcache module, we replace (almost) all instances
of `?v=` cachebusting query parameters in Python and in Jinja templates.
The primary exceptions were: user site backgrounds, and some
infrequently changed graphics referenced literally from .js files.
Fixes#221. Provides custom message behavior for the user DM route
and slightly refactors the `@is_not_permabanned` wrapper to not be
deliberately misleading to users.
* #39 Add Flask-Migrate dep
* #39 Make it such that flask db init can run
https://github.com/miguelgrinberg/Flask-Migrate/issues/196#issuecomment-381343393
* Run flask db init, update migrations.env, commit artifacts
* Set up a script such that you can `docker-compose exec files bash -c 'cd /service; FLASK_APP="files/cli:app" flask '` and have it do whatever flask thing you want
* Fix circular dependency
* import * is evil
* Initial alembic migration, has issues with constraints and nullable columns
* Bring alts table up to date with alembic autogenerate
* Rerun flask db revision autogenerate
* Bring award_relationships table up to date with alembic autogenerate
* [#39/alembic] files/classes/__init__.py is evil but is at least explicitly evil now
* #39 fix model in files/classes/badges.py
* #39 fix model in files/classes/domains.py and files/classes/clients.py
* #39 fix models: comment saves, comment flags
* #39 fix models: comments
* Few more imports
* #39 columns that are not nullable should be flagged as not nullable
* #39 Add missing indexes to model defs
* [#39] add missing unique constraints to model defs
* [#39] Temporarily undo any model changes which cause the sqlalchemy model to be out of sync with the actual dump
* #39 Deforeignkeyify the correct column to make alembic happy
* #39 flask db revision --autogenerate now creates an empty migration
* #39 Migration format such that files are listed in creation order
* #39 Better first revision
* #39 Revert the model changes that were required to get to zero differences between db revision --autogenerate and the existing schema
* #39 The first real migration
* #39 Ensure that foreign key constraints are named in migration
* #39 Alembic migrations for FK constraints, column defs
* [#39] Run DB migrations before starting tests
* [#39] New test to ensure migrations are up to date
* [#39] More descriptive test failure message
* Add -T flag to docker-compose exec
* [#39] Run alembic migrations when starting the container
I created a new theme, "TheMotte" in /assests/css. Someone with any design
skill at all should try improving this. Currently it is a copy of light.css
__main__.py defines the experience for a user without an account. I removed the
check for an OS environment variable, and defaulted to the new theme.
/classes/user.py defines the default for a new account. I removed the check for an OS
environment variable, and defaulted to the new theme.
/routes/settings.py has a list of the themes that checks them for... something.
I added the new one here, just in case.
/templates/settings_profile.html has a hardcoded list that controls which
themes appear in the user settings page. Added the new theme here, so you can
select it.
