radex
60d6f2e9d5
Admin: tighter user list layout
2023-10-29 19:36:56 +01:00
radex
d29a57233f
Admin: Important avatar changes lmao
2023-10-28 15:36:19 +02:00
radex
564b3e9888
vcard: fix avatar preview
2023-10-24 10:21:10 +02:00
radex
f59886c33f
ldaputils: allow dot in names
...
turns out we have 3 users with dots in their uid ¯\_(ツ)_/¯
2023-10-23 19:50:30 +02:00
radex
6f51489194
Add Gravatar-style avatar endpoint, rename user-based requests to /avatar/user/<uid>
2023-10-23 19:48:03 +02:00
radex
20acdee93c
avatar: remove expired cache entries
2023-10-14 16:03:39 +02:00
radex
b10f6478da
avatar: don't generate avatars for non-users
2023-10-14 16:02:47 +02:00
radex
a6cc147595
avatar: move timeout to config
2023-10-14 15:59:55 +02:00
radex
fede3f68e5
preprocess avatar when uploading
2023-10-14 15:53:06 +02:00
radex
e01267c49f
upload avatar
2023-10-14 15:32:20 +02:00
radex
92a5ebac2f
delete user avatar
2023-10-14 15:31:27 +02:00
radex
a38c451c66
show user avatar in /vcard
2023-10-14 14:35:32 +02:00
radex
7afee30c14
clean up vcard template
2023-10-13 23:05:05 +02:00
q3k
a435e15698
Implement LDAP avatar serving
...
This adds a /avatar/<uid> endpoint which serves any jpegPhoto associated
with a given user account.
In true 'lol ldap' fashion, only `photo` and `jpegPhoto` fields are
defined. The first one is for G3 photos (a fax format!). The latter is
technically for JPEG. But we expect to abuse this and basically contain
_any_ sensible photo format in there, as long as Python's PIL can parse
it.
The serving function always resamples images to a 256x256 PNG. This
makes sure people don't leak EXIF and lets us depend on square avatars.
This entire code assumes that it is safe to PIL.Image.open untrusted
user data. My understanding is that it is, bar some DoS for very large
images. We limit the potential for DoS by storing the images in LDAP,
which I hope has some kind of field length limit...
Oh, and this also adds a 'default avatar' functionality which serves
simple generative mermaid art for any user who doesn't have an explicit
avatar set. To prevent leaking the existence of users who don't have an
avatar set, we serve such a generated avatar for all UIDs, including
UIDs which don't exist.
2023-10-08 18:14:00 +02:00
radex
3752e0c558
rename config.py.dist to config.py
2023-09-23 18:28:02 +02:00
radex
bdd0de0b53
admin: add group list and group details pages
2023-09-23 18:25:37 +02:00
radex
dc2bb81f61
config and ldap handling refactor
2023-09-23 15:56:06 +02:00
radex
64d62692d4
clean up python2 syntax
2023-09-23 11:23:28 +02:00
radex
78458f6211
tweaks to vcard
2023-09-23 10:55:17 +02:00
radex
e358bafcca
clean up
2023-09-23 10:45:52 +02:00
radex
3fd36123de
split views into blueprints
2023-09-23 10:30:58 +02:00
radex
f82e60e277
remove dead code
2023-09-23 10:04:46 +02:00
radex
b4e185ff31
tweaks based on q3k's feedback
2023-09-22 22:35:14 +02:00
radex
def69fb5d3
ldap user: show groups
2023-09-22 21:58:49 +02:00
radex
84abc355b9
remove dead code
2023-09-22 21:18:53 +02:00
radex
bdfefcb234
require admin for /admin/* paths
2023-09-22 21:15:02 +02:00
radex
3fcb7d2a4f
link from admin user profile to kasownik
2023-09-20 23:12:13 +02:00
radex
4732fb7066
render barebones ldap profile of any user
2023-09-20 23:02:56 +02:00
radex
a94c138829
render list of all ldap users
2023-09-20 22:00:23 +02:00
radex
e876fd65a5
show "admin" link if user is ldap admin
2023-09-20 20:51:47 +02:00
radex
ccdacec835
deps: update flask to latest
2023-09-19 22:42:12 +02:00
radex
ad93a80fac
remove unused header image
2023-09-19 18:45:51 +02:00
radex
50891a9b08
remove unused dependencies
2023-09-19 18:43:07 +02:00
radex
7796c3273a
cleanup: remove legacy coding directive & shebang
2023-09-19 17:18:02 +02:00
radex
33693311ae
remove unused /keys, /key/*, /upload_key
2023-09-19 17:15:27 +02:00
radex
ee95d91d4d
remove unused /ldap/claim_nick
2023-09-19 17:12:47 +02:00
radex
f26ce59bbf
add configurable mifareHashID
2023-09-18 23:59:22 +02:00
radex
b9f45d8bff
sync default config with hscloud
2023-09-18 23:59:06 +02:00
informatic
cde7e6cf76
webapp: move secret_key and debug flags to config
2021-10-09 11:15:24 +02:00
informatic
50e47d2413
webapp: remove DST Root CA X3 certificate pin
2021-10-09 11:06:55 +02:00
q3k
1cced0d613
login: use case-sensitive names for display/kerberos
2020-08-15 20:26:05 +02:00
q3k
50dbd3087a
*: port to python3, update deps, fix cn mod
2019-10-18 14:13:10 +02:00
q3k
46ee9f5334
Allow modifying personal data, fix ssh key css
2019-10-18 13:20:06 +02:00
informatic
d468b6ad71
Cleanup CSS
2018-03-18 14:56:12 +01:00
informatic
ee8ca0e1e6
Migrate to kerberos module
2018-03-18 14:42:27 +01:00
q3k
a097e314a0
Add hackerspace name config option
...
Also move config.py to config.py.dist for distribution purposes :)
2018-02-26 10:03:33 +00:00
q3k
0b9e737dba
Import changes from Tog development repo
...
Most notably, this adds Kerberos support and changes the theme.
2018-01-26 17:45:24 +00:00
q3k
d03f876670
First public import
2016-02-15 20:30:53 +00:00