root
/
threadr.lostcave.ddnss.de
3
1
Fork 2
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity
1,221 Commits
3 Branches
0 Tags
16 MiB
Commit Graph

8 Commits (9138dfe65011c402a40452ea4fab7eca457918fd)

Author SHA1 Message Date
Joca 9138dfe650
Remove CSRF, add password change, admin user management 
Stripped all CSRF token generation, injection, and validation since it
breaks behind Apache reverse proxy. Removed handlers/csrf.go, stripped
CSRFToken from PageData, removed validateCSRFToken from all POST handlers,
and cleaned up hidden inputs and JS CSRF references.

Added self-service password change at /password/ with current-password
verification and bcrypt update. New Password link in navbar.

Extended admin panel with user management: lists all users with join dates
and allows admins to delete other users (self-deletion blocked). Added
GetAllUsers() and DeleteUser() to models.
 2026-05-13 18:01:03 -03:00
Joca a5a2e7063a
Add admin-controlled signup toggle and hide signup links. 2026-04-19 14:03:24 -03:00
Joca ff4e05fd0b
Add CSRF checks to login. 2026-03-06 14:50:50 -03:00
Joca 6e6eba2ca1
Fix accept cookie button and reestyle the reply button 2026-02-23 20:38:03 -03:00
Joca ef06bf160a
All: Enhance session management and security features 
Using proper auth + security on login.
 2025-12-21 21:26:02 -03:00
Joca 3b56c7e831 Initial implementation of the chat feature. 2025-06-15 02:47:16 +02:00
Joca de1f442082 Refactor signup and login handlers, add auto table creation 2025-06-15 02:40:40 +02:00
Joca eee9540bdc Initial Commit 2025-06-15 02:37:02 +02:00