Commit Graph

3706 Commits

Author SHA1 Message Date
Fang
a66cfc31da
eyre: fake duct for on-load logout binding
Empty duct is considered not good.
2020-06-03 14:29:13 +02:00
Fang
6e3284feac
eyre: use 303 to redirect to login post-logout
This ensures the client sends a GET request, which is more appropriate.
2020-06-03 14:28:30 +02:00
Fang
2f83797a07
dbug fe: add eyre logout buttons 2020-06-03 01:40:57 +02:00
Fang
4d93349402
eyre: provide logout endpoint
Set up, by default, on /~/logout.

Sending a POST request to this expires the current session and redirects
to the login page. If the "all" key is set in the request body, expires
all open sessions.
2020-06-03 01:40:32 +02:00
Fang
574b05a88a
Merge pull request #2959 from urbit/m/eyre-cookies
eyre: augmented cookie handling
2020-06-01 22:11:57 +02:00
Fang
2c02a91633
tests: update eyre tests
To account for recent cookie-related changes.
2020-06-01 21:42:32 +02:00
Fang
750ff6e5e1
eyre: respect "forwarded" header from localhost
For request transparency, HTTP proxies may set the Forwarded header to
specify who the original requester is.

For requests from localhost only, we make Eyre respect the Forwarded
header, and adjust the handled ip address accordingly.

Note that we do not support X-Forwarded or other non-standard variants.
The header remains in the request, so server applications can handle
them as desired.

Fixes #2723.
2020-05-31 17:45:22 +02:00
Fang
a87000149d
zuse: add parsers for http header field values
Multi-value format as used by some headers.

Also updates pill with recent zuse changes.
2020-05-31 17:45:20 +02:00
Fang
b1daaec7bf
zuse: add parsers for ip addresses
Parses into +address:eyre.
2020-05-31 17:45:18 +02:00
Fang
63c26151a3
eyre: extend session duration on-use
When sending a response to an authenticated request, update the session
to last for +session-timeout again, and send an updated cookie to match.

Assuming the user makes an actual HTTP request at least once a week,
this will make sure they don't get logged out automatically. Simply
keeping a channel open, unfortunately, doesn't count.
2020-05-30 02:29:20 +02:00
Fang
a51d93326a
eyre: clean up old +load code
Removes pre-breach state adapter logic and touches up code style.
2020-05-29 15:33:22 +02:00
Fang
00e3159287
eyre: clear expired sessions/cookies from state
Instead of setting a timer for every session, we set a single expiry
timer when the first session is created. On the subsequent wake event,
we clear all cookies that have expired at that time, then set a timer
for when the next session expires.

This approach gives us flexibility wrt sessions going forward, allowing
extending or early deleting of sessions without having to care about the
related timers.

Note that in +load, we clear all existing sessions. We would start the
expiry timer flow there, but can't. Forcing the user to login again
post-ota once isn't the end of the world.
2020-05-29 15:28:44 +02:00
Philip Monk
472ad18c90
behn: already deleted, don't need to do it again 2020-05-27 18:47:50 -07:00
Philip Monk
86fb78d933
Merge remote-tracking branch 'origin/ted/behn-same-date' into release/hotfix 2020-05-27 18:36:10 -07:00
Philip Monk
ff01a1ea04
ames: don't set new timer if we woke up too early
Otherwise if we end up having multple outstanding timers, they never
coalesce to a single timer.
2020-05-27 17:38:18 -07:00
Ted Blackman
8ed07dfc7e behn: fix bug with timers at same date 2020-05-27 02:59:07 -04:00
Philip Monk
d0b4d5a02e
release: urbit-os-v1.0.18 2020-05-26 17:41:42 -07:00
Fang
049cacfa51
Merge pull request #2932 from urbit/m/shoe
shoe: console application library
2020-05-27 00:39:27 +02:00
Fang
4b9ec0c9a4
shoe: include example usage of %klr sole-effect
Seems worthwhile to signal the existence of richer console output.

Also adds a brief description of what the example app does.
2020-05-26 23:45:45 +02:00
Fang
127355c381
shoe: simplify default +can-connect
This belongs in /app/shoe (and indeed already is there).
2020-05-26 23:14:51 +02:00
Fang
509fec7f7c
shoe: improve +on-load logic
Turns out that if we use a tag we can just check the value without
needing vase operations.
2020-05-26 23:10:54 +02:00
Fang
36b7fc2e4f
Merge branch 'release/next-sys' into m/debug-dashboard 2020-05-26 20:36:27 +02:00
pkova
28cd252ce7 zuse: improve json to rn parsing
Allow the exponent token to be 'e' or 'E', allow the explicit sign of '+'.
Following the spec at https://json.org. Fixes #2935.
2020-05-26 19:29:24 +03:00
Fang
41448d5b05
chat-cli: use /lib/shoe 2020-05-24 17:57:54 +02:00
Fang
f103c65051
shoe: console application library
Deals with sole events, deferring to the underlying app only for higher-
level sole-handling logic.

Currently doesn't offer fancy printing logic, but can easily be extended
to do so.

Passes sole-ids on to the underlying app in all arms so that it may run
session-specific logic wherever it desires.
2020-05-24 17:57:18 +02:00
Fang
2fddfea082
sole: include details in stack trace 2020-05-24 17:57:09 +02:00
Fang
1238047b48
Merge branch 'master' into release/next-sys 2020-05-24 17:51:48 +02:00
Fang
58e85fa661
Merge branch 'release/next-sys' into m/debug-dashboard 2020-05-23 01:00:45 +02:00
Fang
309d30a0c8
dbug: support more eyre scries 2020-05-22 23:57:41 +02:00
Fang
52ef23ccca
eyre, zuse: add scry interfaces for eyre state
Scries for getting out open connections, cookie sessions, and existing
channels.

Moves the involved types from eyre into zuse.
2020-05-22 23:55:17 +02:00
Fang
8ab1098a1c
dbug fe: render result count alongside list filter 2020-05-22 23:53:23 +02:00
Philip Monk
096149713a
drum: relink to chat-cli
The subscription changes in drum broke existing subscriptions.  This
worked alright (though loud) for dojo, but it left chat-cli "frozen"
unless you manually unlinked/relinked.  This does that automatically.

It also includes a refactoring of +on-load in drum, to avoid vain
repetition.
2020-05-22 00:17:56 -07:00
Philip Monk
cce32194c1
pill: update 2020-05-21 23:15:23 -07:00
Philip Monk
4fcd9f23c0
Merge branch 'release/behn-fast' (#2915)
* release/behn-fast:
  zuse: add +ordered-map
  behn: switch to ordered-map
  chat: virtualize message-to-json conversion
2020-05-21 22:43:53 -07:00
Philip Monk
0e7b07e061
Merge branch 'release/link-dojo' (#2867)
* origin/release/link-dojo:
  chat-cli: allow sending • character
  chat-cli: always talk to local ship only
  chat-cli: single-target sole effects as needed
  chat-cli: don't allow excessively small cli widths
  chat-cli: pull in sole-sur namespace where relevant
  chat-cli: remove unused entropy from state
  chat-cli: print newlines correctly
  chat-cli: support multiple sole connections
  chat-cli: don't crash on %bad-text
  dojo: rename remote access generators
  gall: fix handling of empty path list
  dojo: remove unused %json poke
  dojo: add remote access controls
  drum: switch to per-ship /sole/drum duct

Signed-off-by: Philip Monk <phil@pcmonk.me>
2020-05-21 22:42:18 -07:00
Philip Monk
274215ec6b
zuse: add +ordered-map
At some point this should be more properly styled similar to +by, +in,
and +to, but for now this reduces duplication and makes the ordered map
available to everyone.
2020-05-21 22:28:16 -07:00
Fang
4c9d18e5c0
Merge branch 'release/next-sys' into m/debug-dashboard 2020-05-21 20:09:58 +02:00
Fang
5877ed4cb2
dbug fe: clean up unneeded console logs 2020-05-21 18:12:24 +02:00
Fang
6ae326470a
dbug fe: separate list query term with space
Allows searching for multiple parts of the item key separately,
returning only items that match all.
2020-05-21 18:03:56 +02:00
Fang
d218541e4f
dbug fe: include "active" in active ames flow keys
Also adds more clear visual "snd" and "rcv" distinction.
2020-05-21 17:58:39 +02:00
Fang
9f4bb4b295
dbug: no such thing as fallback duct 2020-05-21 12:31:28 +02:00
Philip Monk
8c4c0f31fc
Merge pull request #2920 from urbit/ted/ames-mass-alien
ames: fix %alien |mass over-reporting
2020-05-21 01:40:30 -07:00
Ted Blackman
a0eafa8aa3 zuse,ames: handle %trim task 2020-05-21 03:45:08 -04:00
Ted Blackman
0f7b213f38 ames: fix %alien |mass over-reporting 2020-05-21 03:19:20 -04:00
Fang
826b27df53
dbug: separate flows by forward & backward
Instead of send and receive.
2020-05-21 00:59:31 +02:00
ixv
0092c68833
Merge pull request #2914 from urbit/ixv/migrate-groups
os1: migrate app data to new group
2020-05-20 14:27:45 -07:00
Fang
f96c83a4a9
spider, debug fe: actually support killing threads 2020-05-20 22:35:53 +02:00
Fang
da4274d490
dbug: allow custom state queries
Try to give state version number on first load. Run custom queries on
demand, similar to +dbug [%state 'whatever'].
2020-05-20 22:34:13 +02:00
ixv
a79f73c091
Merge pull request #2913 from urbit/ixv/fix-chat
chat-view: don't forget to sync permissions
2020-05-20 13:25:16 -07:00
Isaac Visintainer
8e6cbbb1d6 migrate-channels: addressed review 2020-05-20 14:24:24 -06:00