* 'hide' default email and password env variables
* first login API endpoint
* run code-generators
* frontend indicators for default username and pw
* remove old env variables from docs
* fix env set variable
* remove password from tests
* add groupSlug to most routes
* fixed more routing issues
* fixed jank and incorrect routes
* remove public explore links
* remove unused groupSlug and explore routes
* nuked explore pages
* fixed public toolstore bug
* fixed various routes missing group slug
* restored public app header menu
* fix janky login redirect
* 404 recipe API call returns to login
* removed unused explore layout
* force redirect when using the wrong group slug
* fixed dead admin links
* removed unused middleware from earlier attempt
* 🧹
* improve cookbooks sidebar
fixed sidebar link not working
fixed sidebar link target
hide cookbooks header when there are none
* added group slug to user
* fix $auth typehints
* vastly simplified groupSlug logic
* allow logged-in users to view other groups
* fixed some edgecases that bypassed isOwnGroup
* fixed static home ref
* 🧹
* fixed redirect logic
* lint warning
* removed group slug from group and user pages
refactored all components to use route groupSlug or user group slug
moved some group pages to recipe pages
* fixed some bad types
* 🧹
* moved groupSlug routes under /g/groupSlug
* move /recipe/ to /r/
* fix backend url generation and metadata injection
* moved shopping lists to root/other route fixes
* changed shared from /recipes/ to /r/
* fixed 404 redirect not awaiting
* removed unused import
* fix doc links
* fix public recipe setting not affecting public API
* fixed backend tests
* fix nuxt-generate command
---------
Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
* fix(security): reset login attempts after successful login
Enforce a maximum number of consecutive failed logins. Successfully logging in should reset the
count.
#2569
* fix(security): fix when user is unlocked
The user should be unlocked when locked_at is set, but the lock has expired.
#2569
`email.com` is not a reserved domain, incorrect configuration could result in unintentional effects.
`example.com` is reserved by IANA for bogus purposes, see RFC 6761.
* WIP: proof of concept
* basic meta tag injection
* add support for scraping public/private links
* make tests go brrrrr
* cleanup initialization
* rewrite build config
* remove recipe meta on frontend
* make type checker happy
* remove other deployment methods
* fix issue with JSON response on un-authenticated request
* docs updates
* update tivy scanner
* fix linter stuff
* change registry tag
* build fixes
* fix same mistake I always make
* fixed incorrect var ref
* added public recipe pagination route
* refactored frontend public/explore API
* fixed broken public cards
* hid context menu from cards when public
* fixed public app header
* fixed random recipe
* added public food, category, tag, and tool routes
* not sure why I thought that would work
* added public organizer/foods stores
* disabled clicking on tags/categories
* added public link to profile page
* linting
* force a 404 if the group slug is missing or invalid
* oops
* refactored to fit sidebar into explore
* fixed invalid logic for app header
* removed most sidebar options from public
* added backend routes for public cookbooks
* added explore cookbook pages/apis
* codegen
* added backend tests
* lint
* fixes v-for keys
* I do not understand but sure why not
---------
Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
* validate user attributes on user creation
add logs for invalid or missing attributes
* only update admin flag when admin status changes
* move ldap functions into separate file
* fix linter issues
* actually use the search_user function
* fix types
* add option to enable starttls for ldap
* add integration test for ldap service
* document new, optional environment variable
* fix: support anonymous bind
* id and mail attributes in LDAP_USER_FILTER should be implied
* remove print statement
* adds authentication method for users
* fix db migration with postgres
* tests for auth method
* update migration ids
* hide auth method on user creation form
* (docs): Added documentation for the new authentication method
* update migration
* add to auto-form instead of having hidden fields
* Corrected if statement to check if a results was returned by the LDAP search. And decoded the user_attributes from binary data to string
* removed trailing spaces
* Revert asserts in LDAP unit test back
Since an empty tuple is still a result, an user is created and the result should not be false.
* Simplified code
* Extended the LDAP implementation
* fix ldap authentication and user creation
* modified docs to include new LDAP environment variables
* update tests and linting
* add libldap-2.4-2 as runtime dependency for the api
---------
Co-authored-by: Erik Landkroon <eriklandkroon@gmail.com>
* Scheduled tasks log to Debug, not Info
* Add LOG_LEVEL config to .env
* Update some other log levels and fix typos
* fix logger initializer
---------
Co-authored-by: Jakob Rubin <647846+Grygon@users.noreply.github.com>
* docs: fix typos
* typos: fix typos found by `codespell` across the codebase
* docs: fix `macOS` spelling
* docs: fix `authentification` terminology
"Authentification" is not a thing.
* docs: fix `localhost` typo in example link
* typos: fix in-code typos
These are potentially higher risk, but no other mentions of these typos
show up in the codebase.
* Use Base DN for LDAP and fetch user attrs
Requires that a Base DN be set for LDAP
Set `full_name` and `email` based on LDAP attributes when creating user
* Add support for secure LDAP
Allow insecure LDAP connection (disabled by default)
Use CA when connecting to secure LDAP server
* Added missing quotes to example
* Update security.py
* Update security.py formatting
* Update security.py
Switched to f-String formatting
* formatting
* Update test_security.py
Added at attributes for testing
* Update test_security.py
Modified tests for base DN
* Update test_security.py
Set proper base DN for testing
* Update test_security.py
Corrected testing for LDAP
* Update test_security.py
Defined base_dn
* Authenticated user not in base DN
Add check for when user can authenticate but is not in base DN
* Update test_security.py
LDAP user cannot exist as it is searched before it is created and the list returns False
Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
* refactored event dispatching
added EventDocumentType and EventOperation to Event
added event listeners to bulk recipe changes
overhauled shopping list item events to be more useful
modified shopping list item repo to return more information
* added internal documentation for event types
* renamed message_types.py to event_types.py
* added unique event id and fixed instantiation
* generalized event listeners and publishers
moved apprise publisher to new apprise event listener
fixed duplicate message bug with apprise publisher
* added JWT field for user-specified integration id
* removed obselete test notification route
* tuned up existing notification tests
* added dependency to get integration_id from jwt
* added base crud controller to facilitate events
* simplified event publishing
* temporarily fixed test notification
* add data-types required for login security
* implement user lockout checking at login
* cleanup legacy patterns
* expose passwords in test_user
* test user lockout after bad attempts
* test user service
* bump alembic version
* save increment to database
* add locked_at to datetime transformer on import
* do proper test cleanup
* implement scheduled task
* spelling
* document env variables
* implement context manager for session
* use context manager
* implement reset script
* cleanup generator
* run generator
* implement API endpoint for resetting locked users
* add button to reset all locked users
* add info when account is locked
* use ignore instead of expect-error
* Delay server response whenever username is non existing
* utilize hasher to achieve constant timing
Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
* Changes Settings to use new SMTP_AUTH_STRATEGY variable in place of SMTP_TLS with transition support
#1187
* Wires up default email client to use ssl or tls authentication if enabled in settings
* Updates the docs
* Update template file
* remove SMTP_TLS and use staticmethod for validate
* consolidate test cases with params
Co-authored-by: Hayden <64056131+hay-kot@users.noreply.github.com>
* use locale to set language header
* rewrite i18n provider and drop dependency
* rename file
* rename CrudMixin to HttpRepo
* refactor: code-cleanup
* add crowdin source
* remove unused translations
* grab translations from dev branch
* add translation support for foods, units, and labels
* remove rich import
* fix disable button
* add backend env for restricting registration
* update state management
* add allow_signup to app info
* move allow_signup to backend only
* cleanup docker-compose
* potential darkmode fix
* fix missing variable
* add banner on login page
* use random bools for tests
* fix initial state bug
* fix state reset
* Set up alembic migration usage
* Fix import order, add isort as alembic hook
* Only run migrations if needed
* Include date as part of migration file name for better sorting
* Skip initial migrations if tables already exist
This eases the transition from a pre-alembic state
* Fix deprecation warning in alembic revision
* Add alembic test stubs
* update naming
* refactor tests to use shared structure
* shorten names
* add tools test case
* refactor to support multi-tenant
* set group_id on creation
* initial refactor for multitenant tags/cats
* spelling
* additional test case for same valued resources
* fix recipe update tests
* apply indexes to foreign keys
* fix performance regressions
* handle unknown exception
* utility decorator for function debugging
* migrate recipe_id to UUID
* GUID for recipes
* remove unused import
* move image functions into package
* move utilities to packages dir
* update import
* linter
* image image and asset routes
* update assets and images to use UUIDs
* fix migration base
* image asset test coverage
* use ids for categories and tag crud functions
* refactor recipe organizer test suite to reduce duplication
* add uuid serlization utility
* organizer base router
* slug routes testing and fixes
* fix postgres error
* adopt UUIDs
* move tags, categories, and tools under "organizers" umbrella
* update composite label
* generate ts types
* fix import error
* update frontend types
* fix type errors
* fix postgres errors
* fix#978
* add null check for title validation
* add note in docs on multi-tenancy
* fix group page
* setup group notification for backend
* update type generators
* script to auto-generate schema exports
* setup frontend CRUD interface
* remove old notifications UI
* drop old events api
* add test functionality
* update naming for fields
* add event dispatcher functionality
* bump to python 3.10
* bump python version
* purge old event code
* use-async apprise
* set mealie logo as image
* unify styles for buttons rows
* add links to banners
* add default assets for user profile
* add recipe avatar
* change user_id to UUID
* add profile image upload
* setup image cache keys
* cleanup tests and add image tests
* purge user data on delete
* new user repository tests
* add user_id validator for int -> UUID conversion
* delete depreciated route
* force set content type
* refactor tests to use temp directory
* validate parent exists before createing
* set user_id to correct type
* update instruction id
* reset primary key on migration
