Aevann
33575e545e
remove pizzashilling new users
2023-05-19 17:37:44 +03:00
Aevann
c08fffd048
fuck u carp
2023-05-17 21:57:25 +03:00
Aevann
b302fd8fab
fix last commit
2023-05-03 23:45:41 +03:00
Aevann
abb62aefcd
fix last commit
2023-05-03 23:43:56 +03:00
Aevann
a606d9ed67
implement cloudflare caching instead of redis caching
2023-05-03 23:41:41 +03:00
Aevann
c4263c9439
fix prev commit
2023-04-02 10:04:32 +02:00
Aevann
5bc6597188
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 08:52:26 +02:00
Aevann
96330210e8
use SITE as a prefix for flask_cache
2023-03-25 22:57:27 +02:00
Aevann
5b80166bed
2fa -> two-factor authentication
2023-03-16 17:17:53 +02:00
Aevann
57765f0776
revert sqlalchemy changes
2023-03-16 08:27:58 +02:00
Aevann
c6a7051200
flush instead of committing inside requests
2023-03-15 07:19:35 +02:00
Aevann
f768d81103
keep db sessions open
2023-03-15 05:58:00 +02:00
Aevann
117624f313
add session["GLOBAL"]
2023-03-02 22:29:22 +02:00
Aevann
c6af523b5d
handle turnstile outages
2023-02-28 19:02:03 +02:00
Aevann
17bb6dad48
blackjack fix exploit
2023-02-27 07:33:45 +02:00
Aevann
fe0b8887bc
change 1/second ratelimit to 1/2 second
2023-02-26 12:26:26 +02:00
Aevann
82a73392a9
fix errors
2023-02-26 10:49:09 +02:00
Aevann
8c495c914a
default ratelimit doesnt apply implicitly if theres other @limiter.limit before the function, so add it explicity before all functions
2023-02-26 10:41:04 +02:00
Aevann
4c35f0b07f
remove unnecessary line
2023-02-26 08:35:59 +02:00
Aevann
7aaeedea36
better ratelimiting
2023-02-26 03:42:39 +02:00
Aevann
8cf4b6fda6
reduce default admin level
2023-02-21 17:14:37 +02:00
Aevann
349fa17836
use exlamation marks instead of dots in responses to users
2023-01-27 13:57:29 +02:00
Aevann
d01d6e183a
change endpoint path to be the same as GET version
2023-01-27 11:53:04 +02:00
Aevann
75a9a20bc2
fix 500 error
2023-01-27 09:11:06 +02:00
Aevann
b23dc76d78
fix muting linking alts
2023-01-25 04:53:52 +02:00
Aevann
24edb49f3b
add jl5 (for me)
2023-01-22 10:04:49 +02:00
Aevann
e96f121f3f
tell ppl to check their spam folder just in case
2023-01-21 07:36:27 +02:00
Aevann
a40dee5bd8
improve user ratelimiting
2023-01-21 06:39:46 +02:00
Aevann
ae1eced819
minor syntax change
2023-01-03 13:34:21 +02:00
Aevann
e6e5225a42
minor fix
2023-01-03 10:00:37 +02:00
Aevann
6cbefa6e82
fix 500 error
2023-01-01 14:34:53 +02:00
Aevann
044664a25e
get rid of useless tabs and spaces
2023-01-01 13:36:20 +02:00
Aevann
8ee189022b
seething hatred
2022-12-30 21:01:47 +02:00
Aevann
c4872ecb07
Revert "attempt to fix ratelimiting user"
...
This reverts commit 99597fc36c
.
2022-12-30 20:43:13 +02:00
Aevann
99597fc36c
attempt to fix ratelimiting user
2022-12-30 20:40:58 +02:00
Aevann
9a8c986f93
attempt to fix ratelimiting user
2022-12-30 20:33:07 +02:00
Aevann
4c371408da
make /signup more friendly to retards
2022-12-30 19:29:04 +02:00
Aevann
ccfb99cb63
fix 500 error
2022-12-28 11:44:39 +02:00
Aevann
678f40ccba
consistency
2022-12-28 10:35:41 +02:00
Aevann
3b8bb2576b
fix jc mistake
2022-12-27 08:19:36 +02:00
Aevann
ff5df9e610
fix prev commit
2022-12-27 04:52:25 +02:00
Aevann
4add61d045
fix devrama jannying
2022-12-27 04:50:42 +02:00
Aevann1
3ae5292ce4
remove pcm from code
2022-12-21 14:42:41 +02:00
Aevann1
e217cc9758
give new user notifs to 3 jannies in PCM
2022-12-19 22:32:24 +02:00
Aevann1
0376124eb0
clearer notifications for hole and admin actions
2022-12-13 19:11:26 +02:00
justcool393
ab41db22b7
[DO NOT MERGE] multiple sub banners ( #59 )
...
allows multiple sub banners
Snakes note: By request of Carp, especially for WPD.
Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
justcool393
6dbad04f08
band-aid fix for frozen session issue on signup ( #50 )
...
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.
this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.
~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~
~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~
~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~
**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
justcool393
69a44baea7
settings: convert all to snek_case
2022-11-30 12:26:07 -06:00
justcool393
d395bcab69
logging: create somewhat sane logging
2022-11-30 12:09:31 -06:00
justcool393
b59e4cadaa
login: don't allow logged in users to attempt to login
2022-11-30 10:49:15 -06:00