root
/
threadr.lostcave.ddnss.de
3
1
Fork 2
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity
1,221 Commits
3 Branches
0 Tags
16 MiB
Commit Graph

8 Commits (9138dfe65011c402a40452ea4fab7eca457918fd)

Author SHA1 Message Date
Joca 9138dfe650
Remove CSRF, add password change, admin user management 
Stripped all CSRF token generation, injection, and validation since it
breaks behind Apache reverse proxy. Removed handlers/csrf.go, stripped
CSRFToken from PageData, removed validateCSRFToken from all POST handlers,
and cleaned up hidden inputs and JS CSRF references.

Added self-service password change at /password/ with current-password
verification and bcrypt update. New Password link in navbar.

Extended admin panel with user management: lists all users with join dates
and allows admins to delete other users (self-deletion blocked). Added
GetAllUsers() and DeleteUser() to models.
 2026-05-13 18:01:03 -03:00
Joca a5a2e7063a
Add admin-controlled signup toggle and hide signup links. 2026-04-19 14:03:24 -03:00
Joca 82a7e48827
Add CSRF checks to boards and threads. 2026-03-06 14:51:54 -03:00
Joca 6e6eba2ca1
Fix accept cookie button and reestyle the reply button 2026-02-23 20:38:03 -03:00
Joca 3a82e2a0d1
All: Migrate boards from global to board specific 
Massive commit. Rewrites some of the chat logic to work individually
rather than a global chat.
 2025-08-22 00:07:13 -03:00
Joca b1c3f80afb Implemented features for creating and deleting boards and threads, removed thread types, enhanced CSS for boards and comments 2025-06-15 02:44:03 +02:00
Joca 6b6ca1d85d Fix cookie banner 2025-06-15 02:41:19 +02:00
Joca eee9540bdc Initial Commit 2025-06-15 02:37:02 +02:00