Max Wu
6585976e4d
Merge pull request #1588 from tamo/google-oauth-verified
2021-05-11 17:41:33 +08:00
Yukai Huang
ee1230b6f4
Merge pull request #1532 from freitagsrunde/feature/customTocLevel
...
Set TOC depth freely for every note by using YAML metadata or an option within `[toc]`
2021-05-11 17:30:31 +08:00
Yukai Huang
98bf5a6148
Fix async series been interrupted by parse alias
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2021-05-11 16:51:27 +08:00
Yukai Huang
0c3171b17d
Merge pull request #1570 from hackmdio/bugfix/update-history-usage
...
Use encoded noteId when calling updateHistory
2021-05-11 16:27:50 +08:00
Yukai Huang
ab58cd45b4
Use encoded noteId in updateHistory call
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2021-05-11 16:21:46 +08:00
Raccoon
965cca9d39
fix: lint
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2021-04-28 17:37:43 +08:00
Raccoon
20b10b7bb7
refactor: beforeCreate and parseNoteId
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2021-04-27 19:25:46 +08:00
Raccoon
d3bbdfc7d3
fix: can traversal any md files
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2021-04-27 18:25:06 +08:00
Yukai Huang
bf5325b37f
Merge pull request #1609 from mic4ael/return-to-note-on-login
...
Better redirection after a successful login
2021-04-16 12:20:09 +08:00
Giuseppe Lo Presti
dc37e5df63
Better update of the authorship of anonymous users
...
Co-authored-by: Yukai Huang <yukaihuangtw@gmail.com>
Signed-off-by: Giuseppe Lo Presti <giuseppe.lopresti@cern.ch>
2021-03-18 09:13:22 +01:00
Giuseppe Lo Presti
c9399f33d1
Support anonymous updates via API if allowAnonymousEdits is true
...
Signed-off-by: Giuseppe Lo Presti <giuseppe.lopresti@cern.ch>
2021-03-09 12:32:54 +01:00
Yukai Huang
de0f4588ac
Fix getImageMimeType mime usage
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 22:16:28 +08:00
Yukai Huang
c9e23985d3
Check image type from file extension
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 15:46:19 +08:00
Yukai Huang
e19e6642fb
Allow bmp/tiff image to be uploaded
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 15:45:49 +08:00
Yukai Huang
c1a22a5318
Replace hard coded impl in getImageMimeType
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 15:43:14 +08:00
Yukai Huang
7a88f9d95a
Check upload image mime type
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-22 16:48:13 +08:00
Michal Kolodziejski
7d815cc90c
Better redirection after a successful login
...
Signed-off-by: Michal Kolodziejski <michal.kolodziejski@cern.ch>
2020-10-17 12:57:23 +02:00
Tamotsu Takahashi
f42d1c3e3e
Add privacyPolicyURL (CMD_PRIVACY_POLICY_URL)
...
If you use Google OAuth, you need to add Privacy Policy to the top.
https://support.google.com/cloud/answer/9110914#all-apps-zippy
https://github.com/hackmdio/codimd/issues/1582#issuecomment-682270394
Signed-off-by: Tamotsu Takahashi <ttakah@gmail.com>
2020-09-01 20:54:08 +09:00
Yukai Huang
ab0ac83582
Fix updateHistory parameter
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-08-12 18:10:39 +08:00
James Tsai
4792908169
Fix linter
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-08-04 17:11:09 +08:00
James Tsai
e7a4996cbe
Update note title and history in update api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-08-04 16:48:33 +08:00
James Tsai
091c77bdb1
Refactor, change response type to json in update-api user online checking
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-30 18:56:57 +08:00
James Tsai
04fe74d520
Refactor, use body parser, adjust update api content column
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-30 18:14:10 +08:00
James Tsai
53526c154a
Check online users, update authorships, save revisions in update note content API
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
James Tsai
96f8f06b00
Disconnect online users by delete API
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
James Tsai
b3cf98b329
Fix linter
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
James Tsai
b597dc9811
Add update note api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
James Tsai
66d53956c4
Add delete note api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
Yukai Huang
8e72eb5aca
Merge pull request #1548 from hackmdio/feature/list-my-note-api
...
List-my-note API
2020-07-15 17:13:35 +08:00
James Tsai
03bc329b3f
Fix linter
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-14 17:34:32 +08:00
James Tsai
a22cf73f60
Refactor, variable naming and myNoteList mapping
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-14 17:34:32 +08:00
James Tsai
dcf48e749e
Update route of list-my-notes api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-14 17:34:32 +08:00
gereon
3438c5701b
removed default value for toc depth
...
seems to be set elsewhere
Co-authored-by: Yukai Huang <yukaihuangtw@gmail.com>
Signed-off-by: Gereon Dusella <git@gereondusella.de>
2020-07-13 11:04:46 +02:00
Yukai Huang
91fb54539a
Merge pull request #1546 from schokotets/develop
...
feature: pass-through yaml metadata image to html meta tag
2020-07-10 10:33:55 +08:00
Yukai Huang
3e09c7a21f
Merge pull request #1505 from daniele-athome/pr/feature/tags-array
...
Use array for tags when available (close #1496 )
2020-07-09 15:50:57 +08:00
James Tsai
07f32f5bbf
Fix standard
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-01 11:42:28 +08:00
James Tsai
2973bfbceb
Add list-my-note API
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-01 11:42:28 +08:00
schokotets
2c9f73cfb2
feature: pass-through yaml metadata image to html meta tag
...
Signed-off-by: schokotets <moritzleni@gmail.com>
2020-06-27 17:22:11 +02:00
Gereon Dusella
1248bc9cd4
added default value `3` to CMD_DEFAULT_TOC_DEPTH
...
Signed-off-by: Gereon Dusella <git@gereondusella.de>
2020-06-03 20:17:06 +02:00
Gereon Dusella
56e01fa76e
added an Environment Variable `CMD_DEFAULT_TOC_DEPTH` to set default toc depth
...
Signed-off-by: Gereon Dusella <git@gereondusella.de>
2020-06-03 17:38:28 +02:00
Raccoon
8b67d6916d
fix: improve image upload to filesystem may caused app crash
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-31 00:41:01 +08:00
Raccoon
ac6021a579
fix: returning 500 when getStatus failed
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-17 03:25:57 +08:00
Raccoon
a3742e4564
fix: getStatus should reject promise
...
1. reject promise when getStatus failed
2. change to use promise-way call getStatus in debug message
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-17 03:25:20 +08:00
Raccoon
54ab0a08de
Merge pull request #1512 from stregouet/oauth2-state
...
fix: add state parameter for oauth2
2020-05-13 16:26:26 +08:00
Raccoon
20bacfbaf1
Merge pull request #1507 from tarlety/feature-metrics-merge-develop
...
Exporting metrics for node.js, express, router, and codimd realtime status.
2020-05-13 16:25:38 +08:00
Samuel Trégouët
6ff6d215ab
fix: add state parameter for oauth2
...
state parameter is recommended with oauth2 authentification
to mitigate CSRF attacks (see [1]).
hydra [2] will throw the following error message if state is
missing:
description="The state is missing or has less than 8 characters and is therefore considered too weak" error=invalid_state hint="Request
parameter \"state\" must be at least be 8 characters long to ensure sufficient entropy."
[1]: https://auth0.com/docs/protocols/oauth2/oauth-state
[2]: https://www.ory.sh/hydra/
Signed-off-by: Samuel Trégouët <samuel.tregouet@gmail.com>
2020-05-11 15:59:49 +02:00
tarlety
ac31e51d67
Fix session flood issue after prometheus metrics are implemented.
...
Root cause:
- prometheus metrics '/metrics/codimd' exported by 3ca0341 are still in 'routes need sessions' section.
- prometheus scrapes metrics repeatedly.
- new session created every time while prometheus scrapes metrics '/metrics/codimd'.
Solution:
- move /metrics/codimd from lib/routes.js to lib/metrics.js.
- move /metrics/codimd from section 'routes need sessions' of app.js to 'routes without sessions'.
Signed-off-by: tarlety <tarlety@gmail.com>
2020-05-04 20:57:46 +08:00
tarlety
09eb8556db
Exporting metrics for node.js, express, router, and codimd realtime status.
...
1. **/metrics/router** : exporting node.js/express Prometheus metrics by
[prometheus-api-metrics](https://www.npmjs.com/package/prometheus-api-metrics )
2. **/metrics/codimd** : exporting codimd realtime status (/status) as
Prometheus metrics
Signed-off-by: tarlety <tarlety@gmail.com>
2020-05-01 22:17:22 +08:00
Daniele Ricci
5463c8412c
Use array for tags when available ( close #1496 )
...
Signed-off-by: Daniele Ricci <daniele@casaricci.it>
2020-04-30 20:31:22 +02:00
Lucas Druschke
bcd92f500f
return errorForbidden when anonymous user tries to create freeUrl pad ( closes #1499 )
...
Signed-off-by: Lucas Druschke <ldruschk@posteo.de>
2020-04-29 22:42:56 +02:00