* protocol changes
* server changes
* client changes for password reset and registration
* add hashed password to change password in client
* always use hashed password to log in
* add warning to client when using plain text password
* require real password for changing email on server
this is backwards compatible as users logged in with a real password on
older clients will not need this, only users logged in with a hashed
password
* implement password dialog when changing email
* require min password length
* use qstringlist to build query instead
* use clear instead of = ""
* add max to password dialog
* use proper const ness in abstractclient
* reject too long passwords instead of trimming
the long type has different sizes across operating systems and should
not be used
in the timeline an overflow could occur if the width in pixels
multiplied by the total amount of milliseconds in the replay is larger
than 2^31 which is easy enough considering with only 500 pixels width
you'll reach this number with only 1.2 hours of replay (about 4 million
millis), note that this would be windows exclusive as *nix uses 64 bits
~~qt-json's own repo suggests using qt5's implementation instead, testing
revealed this is quite a bit faster, contrary to #3480~~ testing proved
this to not be compatible with older qt versions
servatrice uses the qthread usleep function which used to be protected
but is now public
cockatrice is not compatible with qt4 and hasn't been for a while
* implement max lengths for input dialogs that are sent to the server
* missed a double setMaxLength
* implement max string lengths server side
* add custom getText dialog with max length
* fix deck storage tab and miscellaneous server side
* add max size for deck uploads
* final pass on client side limits
* deprecate the gender property from the protocol entirely
* use obsolete instead of deprecated
* add the database migration
* update internal database version as well
* Support getting a user's password salt via initial websocket connection (added to Event_ServerIdentification)
* Nonsense stuff to figure out later
* move passwordhasher to correct location
* protobuf changes
* add ext to protobuf
* implement request password salt server side
* add supportspasswordhash to server identification
* check backwards compatibility
* reset some changes to master
* implement get password salt client side
* implement checking hashed passwords on server login
* check for registration requirement on getting password salt
* properly check password salt response and show errors
* remove unused property
* add password salt to list of response types
Co-authored-by: ZeldaZach <zahalpern+github@gmail.com>
* add option to delete a user's messages
add optional parameter remove_messages to the ban and warn commands
add event for clients to redact messages
implement server side command and message handling
implement server history removal
todo: client side implementation
add option to remove messages to moderator action dialogs
add storage of message beginnings to chatview
add redactMessage command
handle Event_RemoveMessages on rooms
this approach is favored over parsing the chatroom after the fact but
will use additional memory to store the block indexes
this also leaves a problem in that user messages from the chat backlog
are not removed in the same way because they don't have a user
associated with them
add workaround for old qt versions
add action for users to remove messages from users in chats
add chat history to userMessagePositions with regex
proper const usage for userName
allow removing the messages of unregistered users
add menus to usernames in chat history
this allows you to remove user messages on chat history as well
this also allows moderators to take actions on users in chat history
Apply suggestions from code review
* readd missing call to handler
* Support registration domain whitelist (registration/emailproviderwhitelist) that, if set, will require a user to have an email with one of the specified domain providers. Will require client updates to see the Whitelist message, otherwise they'll be greeted with a default alert.
This also works to remove the pain of Google Email addresses and their infinite combination of usernames for the same account (i.e. remove periods and everything after the first plus sign).
* Make blacklist response show custom dialog
The returned number of users from `getUsersWithAddress` will include the already connected user. The predicate `>= maxUsers` is incorrectly assuming that the new user is not already counted by `getUsersWithAddress`. This change corrects this off-by-one error by only closing connections after their are strictly too many users.
the settings command_counting_interval and
max_command_count_per_interval are now in the [security] group as hinted
by their location in servatrice.ini.example
check values of comand interval settings before use
* Some improvements to Servatice network code
1. fix crash on fuzzy connection (tcp server only)
2. ensure websockets are parent()ed to avoid leaking them
3. quick catch disconnect()ed sockets instead of waiting for a socket error to happen
4. supporto mulltiple connection pools on the websocket server; they are still bound to the same thread due to a qt5 limitation.
* Added few unsigned to ints in order to get rid of warnings.
Added column to users table, for when password is changed(issue#3015).
Moved password length check to separate method, to make it cleaner.
* Added migration file and changed schema version to 27 due to servatrice.sql schema modification.
* Make password length configurable.
* Portable mode for windows
* fix start menu in portable mode
* Make gcc an happy puppy
* Clean old installation if we are installing over an old portable mode installation
* Default to Desktop\CockatricePortable
* Settings dialog fixes
* wording
Looks like an addition to the table shifted things. We probably should look into some how use the actual column names (if it can be done). But for now this should fix the server room chat history.
* Added VIP only room
* Added DONATOR room.
* Extended Room to include privilege level.
* Updated room join logic
* Updated server tab permissions column display based on perm+privlevel definitions
* Fixed new client -> old server blank permissions column on server tab
Added the ability for registered user - VIP/DONATOR/PRIVILEGED room.
* Creating of server side audit table for auditing actions such as password resets, account registrations and log queries.
* Add migration script
Add migration script for database
* Update database script
Update database script to reflect new audit table
* Creating of server side audit table for auditing actions such as password resets, account registrations and log queries.
* Add migration script
Add migration script for database
* Update database script
Update database script to reflect new audit table
* Corrected results column possible value(s).
* Fixed migration script.
* Added boolean audit logic
Added enable/disable audit options
Added audit functionality for forgot password
* Added registration auditing
Added registration auditing
* Updated ActivateAccount Function
Created clientid variable and used it in preporation for future
potential protocol expansion.
* Extended activation protocol
Added clientid to activation command protocol
* Typo correction
Fix typo's
* Missed type fix
Found the infamous E!
* Updated database function syntax
Updated if/else syntax in db add audit function
* Untabify content
Untab files changed in PR
* Added registration email blacklist
Added the ability to define email blacklist for user registration. Now
server operators can prevent users from registering accounts that
contain providers they do not wish users to use.
* Update ini option for clarity
Updated servatrice ini option name for clarity.
* Updated description for clarity
Added implicit explination
* Add ability to limit number of account registrations with same email address
This commit adds server side functionality that will allow operators to
limit the number of accounts that can be registered to the server with
the same email address.
* Updated ini wording
Updated configuration file wording for better description.
Fix#1881
This change allows the server operator to enable or disable the internal
SMTP client that sends activation emails. With this new configuration
option server operators can choose to require email activation yet use
an external method of account verification and/or account token
notification.
* Added privilege level start/end columns
Added 2 new columns to the users table to indicate when a users
privilege level date / time was recognised and when the privilege level
should end.
* Updated database header
Always forget about the database header file...
* Added priv level maintenance script
Added a bash maintenance script that can be run on a scheduled basis
that will demote privileged users that have the end times on the
accounts that are prior to the date/time the script is executed.
* Added donations table
Added donations table to db for tracking user donations
* New user gummys based on account privilege level
This change add's new user gummy icons for vip/donator priv levels that
are now available.
YaY for Zach!
* Update sessions table columns for consistency
Fix#2276
This update changes two columns in the sessions table to match the
column declartations in the users table.
* Update servatrice.sql
Update servatrice.sql to reflect new db schema version
