b835de2dc4
* Able to authenticate user against IndieAuth. For #1273 * WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272 * Add migration to remove access tokens from user * Add authenticated bool to user for display purposes * Add indieauth modal and auth flair to display names. For #1273 * Validate URLs and display errors * Renames, cleanups * Handle relative auth endpoint paths. Add error handling for missing redirects. * Disallow using display names in use by registered users. Closes #1810 * Verify code verifier via code challenge on callback * Use relative path to authorization_endpoint * Post-rebase fixes * Use a timestamp instead of a bool for authenticated * Propertly handle and display error in modal * Use auth'ed timestamp to derive authenticated flag to display in chat * don't redirect unless a URL is present avoids redirecting to `undefined` if there was an error * improve error message if owncast server URL isn't set * fix IndieAuth PKCE implementation use SHA256 instead of SHA1, generates a longer code verifier (must be 43-128 chars long), fixes URL-safe SHA256 encoding * return real profile data for IndieAuth response * check the code verifier in the IndieAuth server * Linting * Add new chat settings modal anad split up indieauth ui * Remove logging error * Update the IndieAuth modal UI. For #1273 * Add IndieAuth repsonse error checking * Disable IndieAuth client if server URL is not set. * Add explicit error messages for specific error types * Fix bad logic * Return OAuth-keyed error responses for indieauth server * Display IndieAuth error in plain text with link to return to main page * Remove redundant check * Add additional detail to error * Hide IndieAuth details behind disclosure details * Break out migration into two steps because some people have been runing dev in production * Add auth option to user dropdown Co-authored-by: Aaron Parecki <aaron@parecki.com>
82 lines
2.4 KiB
SQL
82 lines
2.4 KiB
SQL
-- Schema update to query.sql must be referenced in queries located in query.sql
|
|
-- and compiled into code with sqlc. Read README.md for details.
|
|
|
|
CREATE TABLE IF NOT EXISTS ap_followers (
|
|
"iri" TEXT NOT NULL,
|
|
"inbox" TEXT NOT NULL,
|
|
"name" TEXT,
|
|
"username" TEXT NOT NULL,
|
|
"image" TEXT,
|
|
"request" TEXT NOT NULL,
|
|
"request_object" BLOB,
|
|
"created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
"approved_at" TIMESTAMP,
|
|
"disabled_at" TIMESTAMP,
|
|
PRIMARY KEY (iri));
|
|
CREATE INDEX iri_index ON ap_followers (iri);
|
|
CREATE INDEX approved_at_index ON ap_followers (approved_at);
|
|
|
|
|
|
CREATE TABLE IF NOT EXISTS ap_outbox (
|
|
"iri" TEXT NOT NULL,
|
|
"value" BLOB,
|
|
"type" TEXT NOT NULL,
|
|
"created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
"live_notification" BOOLEAN DEFAULT FALSE,
|
|
PRIMARY KEY (iri));
|
|
CREATE INDEX iri ON ap_outbox (iri);
|
|
CREATE INDEX type ON ap_outbox (type);
|
|
CREATE INDEX live_notification ON ap_outbox (live_notification);
|
|
|
|
CREATE TABLE IF NOT EXISTS ap_accepted_activities (
|
|
"id" INTEGER NOT NULL PRIMARY KEY,
|
|
"iri" TEXT NOT NULL,
|
|
"actor" TEXT NOT NULL,
|
|
"type" TEXT NOT NULL,
|
|
"timestamp" TIMESTAMP NOT NULL
|
|
);
|
|
CREATE INDEX iri_actor_index ON ap_accepted_activities (iri,actor);
|
|
|
|
CREATE TABLE IF NOT EXISTS ip_bans (
|
|
"ip_address" TEXT NOT NULL PRIMARY KEY,
|
|
"notes" TEXT,
|
|
"created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS notifications (
|
|
"id" INTEGER NOT NULL PRIMARY KEY,
|
|
"channel" TEXT NOT NULL,
|
|
"destination" TEXT NOT NULL,
|
|
"created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP);
|
|
CREATE INDEX channel_index ON notifications (channel);
|
|
|
|
CREATE TABLE IF NOT EXISTS users (
|
|
"id" TEXT,
|
|
"display_name" TEXT NOT NULL,
|
|
"display_color" INTEGER NOT NULL,
|
|
"created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
"disabled_at" TIMESTAMP,
|
|
"previous_names" TEXT DEFAULT '',
|
|
"namechanged_at" TIMESTAMP,
|
|
"scopes" TEXT,
|
|
"authenticated_at" TIMESTAMP,
|
|
"type" TEXT DEFAULT 'STANDARD',
|
|
"last_used" DATETIME DEFAULT CURRENT_TIMESTAMP,
|
|
PRIMARY KEY (id)
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS user_access_tokens (
|
|
"token" TEXT NOT NULL PRIMARY KEY,
|
|
"user_id" TEXT NOT NULL,
|
|
"timestamp" DATE DEFAULT CURRENT_TIMESTAMP NOT NULL
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS auth (
|
|
"id" INTEGER NOT NULL PRIMARY KEY,
|
|
"user_id" TEXT NOT NULL,
|
|
"token" TEXT NOT NULL,
|
|
"type" TEXT NOT NULL,
|
|
"timestamp" DATE DEFAULT CURRENT_TIMESTAMP NOT NULL
|
|
);
|
|
CREATE INDEX auth_token ON auth (token);
|