threadr.lostcave.ddnss.de

History

Joca 9138dfe650 Remove CSRF, add password change, admin user management Stripped all CSRF token generation, injection, and validation since it breaks behind Apache reverse proxy. Removed handlers/csrf.go, stripped CSRFToken from PageData, removed validateCSRFToken from all POST handlers, and cleaned up hidden inputs and JS CSRF references. Added self-service password change at /password/ with current-password verification and bcrypt update. New Password link in navbar. Extended admin panel with user management: lists all users with join dates and allows admins to delete other users (self-deletion blocked). Added GetAllUsers() and DeleteUser() to models.		2026-05-13 18:01:03 -03:00
..
about.go	Add admin-controlled signup toggle and hide signup links.	2026-04-19 14:03:24 -03:00
accept_cookie.go	Initial Commit	2025-06-15 02:37:02 +02:00
admin.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
app.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
board.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
boards.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
chat.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
file.go	Harden profile image uploads.	2026-03-06 14:58:53 -03:00
home.go	Add admin-controlled signup toggle and hide signup links.	2026-04-19 14:03:24 -03:00
like.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
login.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
logout.go	Initial Commit	2025-06-15 02:37:02 +02:00
news.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
password.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
preferences.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
profile.go	Add admin-controlled signup toggle and hide signup links.	2026-04-19 14:03:24 -03:00
profile_edit.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
signup.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
site_settings.go	Add admin-controlled signup toggle and hide signup links.	2026-04-19 14:03:24 -03:00
thread.go	Remove CSRF, add password change, admin user management	2026-05-13 18:01:03 -03:00
userhome.go	Add admin-controlled signup toggle and hide signup links.	2026-04-19 14:03:24 -03:00