Commit graph

436 commits

Author SHA1 Message Date
Daniel Friesel
d6bdc0ae10 add cron DB maintenance script (prune unverified accounts)
Does not cover account deletion yet
2019-03-11 17:09:35 +01:00
Daniel Friesel
1c074c2b9a secure session cookies 2019-03-10 19:44:51 +01:00
Daniel Friesel
558585895f oops 2019-03-10 19:34:10 +01:00
Daniel Friesel
5970a5a350 redirect users after login to protected page 2019-03-10 19:32:45 +01:00
Daniel Friesel
c27c108f48 really do not hardcode travelynx.de 2019-03-10 09:19:34 +01:00
Daniel Friesel
126714f44f Do not hardcode travelynx URL in registration mail 2019-03-10 09:17:24 +01:00
Daniel Friesel
a87c139271 add statistics for munin 2019-03-10 09:00:06 +01:00
Daniel Friesel
3ae14d47f9 add JSON export for history 2019-03-09 14:35:23 +01:00
Daniel Friesel
6f1b488d26 Slightly more helpful texts for checkin/checkout pages 2019-03-09 12:17:59 +01:00
Daniel Friesel
0f51f40661 show separate errors for 'invalid credentials' and 'not confirmed yet' 2019-03-09 08:40:46 +01:00
Daniel Friesel
844a95f77f registration form: note that user name must be alphanumeric 2019-03-09 08:30:18 +01:00
Daniel Friesel
7206292163 fix timeout on unauthenticated access to account-specific pages 2019-03-09 00:13:51 +01:00
Daniel Friesel
8c4df88032 allow filtering by train for external travelynx links 2019-03-08 21:23:36 +01:00
Daniel Friesel
98fc5a3aba add password manager hints to login/registration forms 2019-03-08 21:07:54 +01:00
Daniel Friesel
df0a59eb9d travelynx.finalrewind.org -> travelynx.de 2019-03-08 20:47:01 +01:00
Daniel Friesel
13d81d72ee show hint in case of geolocation error 2019-03-08 19:40:57 +01:00
Daniel Friesel
a0040bceb6 checkout UX 2019-03-08 19:12:45 +01:00
Daniel Friesel
c2be5fe97b account: Note that deletion is not implemented yet 2019-03-08 19:12:32 +01:00
Daniel Friesel
42385e4d55 add link to github issues 2019-03-08 19:12:23 +01:00
Daniel Friesel
ff6a7512d5 do not allow multiple pending registrations for one mail 2019-03-08 18:52:12 +01:00
Daniel Friesel
bee0930d1b derp 2019-03-08 18:07:32 +01:00
Daniel Friesel
03f4210736 add hypnotoad config 2019-03-08 18:05:49 +01:00
Daniel Friesel
6e961420aa departures: Add hint (tap == checkin) 2019-03-08 18:02:18 +01:00
Daniel Friesel
da4f532fb3 add logout link to account page 2019-03-08 17:59:48 +01:00
Daniel Friesel
6f4a5cef71 add intro blurb and login/register links for landing page 2019-03-08 17:16:19 +01:00
Daniel Friesel
ec82ac0f2e move /action to non-authenticated area to handle session issues 2019-03-08 16:55:45 +01:00
Daniel Friesel
bf4ccb0eab Logout: Use a POST form as it's a stateful action 2019-03-08 16:54:54 +01:00
Daniel Friesel
fd60839116 switch from HTTP Auth to Cookie Auth 2019-03-07 18:36:11 +01:00
Daniel Friesel
ba6b517e5b working registration and verification 2019-03-06 20:48:21 +01:00
Daniel Friesel
4ae0217662 work-in-progress registration process 2019-03-06 18:35:59 +01:00
Daniel Friesel
f2efaef2b9 bump DB schema to v2
Add token to "users" (for mail verification etc)
Add new table "pending_mails" (to avoid spamming individual addresses)
2019-03-06 18:11:26 +01:00
Daniel Friesel
058d93a6fd add password hashing 2019-03-06 17:59:00 +01:00
Daniel Friesel
8057c16cc4 enable form validation for login page 2019-03-05 22:18:11 +01:00
Daniel Friesel
4dc0a90ef8 register: Add simple client-side validation 2019-03-05 18:29:25 +01:00
Daniel Friesel
8d353fcf9d registration: more error handling 2019-03-05 18:19:14 +01:00
Daniel Friesel
32f3334b5c forbid the user name 'dev' 2019-03-04 19:36:11 +01:00
Daniel Friesel
a47d76958c Use proper Mojolicious input fields (-> no need to re-type everything on errors) 2019-03-04 19:28:57 +01:00
Daniel Friesel
5b523ff2f0 prepare registration support 2019-03-04 19:22:40 +01:00
Daniel Friesel
8adca327fd prepare DB schema for public registration 2019-03-04 18:17:03 +01:00
Daniel Friesel
3096091f11 do not show username in navbar (won't fit on small screens otherwise) 2019-03-04 17:14:03 +01:00
Daniel Friesel
40fe8db0c4 Add account info and data export 2019-03-03 22:35:20 +01:00
Daniel Friesel
41076aafd5 history: Fix typo in HTML element name 2019-03-03 22:19:57 +01:00
Daniel Friesel
5cc43d9c59 Alwayse use 3 hours of lookbehind
Hashtag Verpeilungsfaktor
2019-03-03 22:02:25 +01:00
Daniel Friesel
833c8878d1 add logout link 2019-03-03 21:46:06 +01:00
Daniel Friesel
ad585c3fec set cookie lifetime to 6 months 2019-03-03 21:45:55 +01:00
Daniel Friesel
c6532906df add imprint 2019-03-02 18:12:10 +01:00
Daniel Friesel
856a66c0be implement user/password/csrf checks for login form 2019-03-02 18:08:48 +01:00
Daniel Friesel
c6fd0a0efb Fix encoding of station name in checkin/checkout screen 2019-03-01 20:11:40 +01:00
Daniel Friesel
abf81ea638 add (unfinished) db migration script 2019-02-22 21:56:32 +01:00
Daniel Friesel
d32c2ad1b9 prepare account support 2019-02-22 21:56:19 +01:00