Commit Graph

39 Commits

Author SHA1 Message Date
Noah Petherbridge
1b3e8cb250 Private Photo Sharing Improvements
* Add a user privacy setting so they can gate who is allowed to share private
  photos with them (for people who dislike unsolicited shares):
  * Anybody (default)
  * Friends only
  * Friends + people whom they have sent a DM to (on the main website)
  * Nobody
* Add gating around whether to display the prompt to unlock your private photos
  while you are viewing somebody's gallery:
  * The current user needs at least one private photo to share.
  * The target user's new privacy preference is taken into consideration.
* The "should show private photo share prompt" logic is also used on the actual
  share page, e.g. for people who manually paste in a username to share with.
  You can not grant access to private photos which don't exist.
* Improve the UI on the private photo shares page.
  * Profile cards to add elements from the Member Directory page, such as a
    Friends and Liked indicator.
  * A count of the user's Private photos is shown, which links directly to
    their private gallery.
* Add "Decline" buttons to the Shared With Me page: so the target of a private
  photo share is able to remove/cancel shares with them.
2024-10-19 12:44:47 -07:00
Noah Petherbridge
b7bee75e1f Function to re-sign photo URLs on profile pages
* With the new JWT signatures on photo URLs, it was no longer possible for
  creative users to embed their gallery photos on their profile page.
* Add a function to ReSignPhotoLinks that finds/replaces (on the server side)
  all references to paths under "/static/photos/" and gives them a fresh
  ?jwt= query string signature.
* Note: only applies to the profile page essays, ReSignPhotoLinks is a
  template func that must be opted-in on a per page basis.

Other miscellaneous fixes

* Add "Edit" buttons in the corners of profile cards, when the current user
  looks at their profile page. They link to URIs like
  "/settings#profile/about_me" which will now:
  1. Select the "Profile settings" tab like #profile
  2. Scroll and focus the profile essay field that the user clicked to edit.
2024-10-13 19:50:11 -07:00
Noah Petherbridge
ae84ddf449 Web Push Notifications: Disable script when impersonated
If an admin needs to impersonate a regular user (to diagnose a support
issue or investigate a reported conversation thread), the web push
script is disabled so that the admin doesn't get subscribed to push
notifications for that user.
2024-09-14 12:07:18 -07:00
Noah Petherbridge
5b0f8e7774 Dark Theme fixes for MS Edge 2024-08-22 22:53:37 -07:00
Noah Petherbridge
d11631c574 Theme update 2024-08-22 22:44:19 -07:00
Noah Petherbridge
a8dda91c3c Debug Notification API failures 2024-08-12 20:41:04 -07:00
Noah Petherbridge
a314aab7ec Web Push Notifications
* Add support for Web Push Notifications when users receive a new Message or
  Friend Request on the main website.
* Users opt in or out of this on their Notification Settings. They can also
  individually opt out of Message and Friend Request push notifications.
2024-07-20 19:44:22 -07:00
Noah Petherbridge
1134128a71 Revert "Public Avatar Consent Page"
This reverts commit 4f04323d5a.
2024-06-29 21:42:35 -07:00
Noah Petherbridge
4f04323d5a Public Avatar Consent Page
The nonshy website is changing the policy on profile pictures. From August 30,
the square cropped avatar images will need to be publicly viewable to everyone.

This implements the first pass of the rollout:

* Add the Public Avatar Consent Page which explains the change to users and
  asks for their acknowledgement. The link is available from their User Settings
  page, near their Certification Photo link.
* When users (with non-public avatars) accept the change: their square cropped
  avatar will become visible to everybody, instead of showing a placeholder
  avatar.
* Users can change their mind and opt back out, which will again show the
  placeholder avatar.
* The Certification Required middleware will automatically enforce the consent
  page once the scheduled go-live date arrives.

Next steps are:

1. Post an announcement on the forum about the upcoming change and link users
   to the consent form if they want to check it out early.
2. Update the nonshy site to add banners to places like the User Dashboard for
   users who will be affected by the change, to link them to the forum post
   and the consent page.
2024-06-29 16:44:18 -07:00
Noah Petherbridge
e7f7f4d0d3 Fix Bulma menu-list on settings page 2024-04-18 20:21:22 -07:00
Noah Petherbridge
2d0fd25a08 Upgrade to Bulma CSS 1.0 and theme picker support 2024-03-30 13:49:36 -07:00
Noah Petherbridge
fedfbed4eb Ability to change username 2024-01-27 13:57:24 -08:00
Noah Petherbridge
2d8cdad601 Advertise new Look & Feel feature on the Dashboard 2023-12-26 15:58:21 -08:00
Noah Petherbridge
90270572f1 Look & Feel settings for profile pages 2023-12-26 15:44:34 -08:00
Noah Petherbridge
f9a2d471f5 My User Notes page 2023-10-29 12:29:11 -07:00
Noah Petherbridge
c0bff8ee18 Settings to opt-out of certain notification types 2023-10-28 14:34:35 -07:00
Noah Petherbridge
481bd0ae61 Deactivate Account; Friends Lists on Profiles
* Add a way for users to temporarily deactivate their accounts, in a
  recoverable way should they decide to return later.
* A deactivated account may log in but have limited options: to
  reactivate their account, permanently delete it, or log out.
* Fix several bugs around the display of comments, messages and
  forum threads for disabled, banned, or blocked users:
  * Messages (inbox and sentbox) will be hidden and the unread indicator
    will not count unread messages the user can't access.
  * Comments on photos and forum posts are hidden, and top-level threads
    on the "Newest" tab will show "[unavailable]" for their text and
    username.
  * Your historical notifications will hide users who are blocked, banned
    or disabled.
* Add a "Friends" tab to user profile pages, to see other users' friends.
  * The page is Certification Required so non-cert users can't easily
    discover any members on the site.
2023-10-22 15:02:24 -07:00
Noah Petherbridge
a856b9d01b Blur explicit videos + GIF auto-play option 2023-09-24 11:41:19 -07:00
Noah Petherbridge
50ce31f6ac Blur explicit photos option 2023-09-19 18:24:57 -07:00
Noah Petherbridge
6acdd22d4b Bugfix on Settings page 2023-09-18 17:41:26 -07:00
Noah Petherbridge
07feaaa4e7 Minor fixes 2023-09-18 17:31:02 -07:00
Noah Petherbridge
c3a3b7e35c Two Factor Authentication 2023-09-18 17:22:50 -07:00
Noah Petherbridge
3543dd3e42 Allow updating birthdate, with admin report 2023-09-11 19:24:09 -07:00
Noah Petherbridge
6dc84bed33 Minor typo 2023-08-19 21:26:31 -07:00
Noah Petherbridge
a785b093e7 Tweaks to Who's Nearby 2023-08-19 21:09:23 -07:00
Noah Petherbridge
cc628afd44 Who's Nearby Feature 2023-08-19 19:11:33 -07:00
Noah Petherbridge
67ec9e5ce3 Various small website tweaks
* Add they/them as example pronouns on the Edit Profile page and make
  the examples clickable to fill them in easily.
* When viewing a photo gallery and you opt-out of explicit, have a link
  to your settings page to opt-in.
* Update the rules on the homepage and signup page.
* Add a notice on DM pages about the privacy policy and TOS.
2023-07-27 20:19:50 -07:00
Noah Petherbridge
45cb4d260e DM Privacy + Settings Page Tabs
* Refactor the Settings page into a tabbed UI to reduce confusion with
  all the different forms and save buttons
* Add a DM Privacy setting to your page
* Update the About page
2023-06-23 22:18:09 -07:00
Noah Petherbridge
ae8ef83115 Option to hide age from profile display 2023-06-16 17:11:52 -07:00
Noah Petherbridge
d36e71549a Age gate: collect birthdates retroactively and on new signup 2023-06-16 13:05:33 -07:00
Noah Petherbridge
050ce19160 Chat launch page for BareRTC 2023-02-05 20:26:36 -08:00
31712eba4a Dark mode style tweaks 2022-08-31 22:58:32 -07:00
8419958b25 Likes on Comments, and other minor improvements
* Add "Like" buttons to comments and forum posts.
* Make "private" profiles more private (logged-in users see only their profile
  pic, display name, and can friend request or message, if they are not approved
  friends of the private user)
* Add "logged-out view" visibility setting to profiles: to share a link to your
  page on other sites. Opt-in setting - default is login required to view your
  public profile page.
* CSRF cookie fix.
* Updated FAQ & Privacy pages.
2022-08-29 20:00:15 -07:00
27a7abaae7 Private Profiles & Misc Improvements
* Add setting to mark profile as "private"
* If a profile is private you can't see their profile page or user photo
  gallery unless you are friends (or admin)
* The Site Gallery never shows pictures from private profiles.
* Add HTML5 drag/drop upload support for photo gallery.
* Suppress SQL logging except in debug mode.
* Clean up extra logs.
2022-08-21 17:29:39 -07:00
75c9e22b19 Reserved Usernames on Signup 2022-08-21 15:56:41 -07:00
030fadcf8d Block Lists
Implement block lists. They work like friend lists but are unidirectional,
but take effect in both directions (blocker and blockee can not see one
another on the site -- except admin users can always see all users).

* Profile page says 404
* User gallery says 404
* User search page filters out blocked users
* Compose endpoint blocks sending messages to blocked users (except admin)
* Site Gallery filters photos by blocked (and uncertified) users
* Inbox page hides chat list for blocked users (can still read the chat
  history if you have a link to the old thread)
2022-08-14 17:45:55 -07:00
49ffa277e8 User Account Busywork
* Add "forgot password" workflow.
* Add ability to change user email address (confirmation link sent)
* Add ability to change user's password.
* Add rate limiter to deter brute force login attempts.
* Add user deep delete functionality (delete account).
* Ping user LastLoginAt every 8 hours for long-lived session cookies.
* Add age filters to user search page.
* Add sort options to user search (last login, created, username/name)
2022-08-14 14:40:57 -07:00
400a256ec8 Certification Photo Workflow
* Add "Site Gallery" page showing all public+gallery member photos.
* Add "Certification Required" decorator for gallery and other main pages.
* Add the Certification Photo workflow:
  * Users have a checklist on their dashboard to upload a profile pic
    and post a certification selfie (two requirements)
  * Admins notified by email when a new certification pic comes in.
  * Admin can reject (w/ comment) or approve the pic.
  * Users can re-upload or delete their pic at the cost of losing
    certification status if they make any such changes.
  * Users are emailed when their photo is either approved or rejected.
* User Preferences: can now save the explicit pref to your account.
* Explicit photos on user pages and site gallery are hidden if the
  current user hasn't opted-in (user can always see their own explicit
  photos regardless of the setting)
* If a user is viewing a member gallery and explicit pics are hidden, a
  count of the number of explicit pics is shown to inform the user that
  more DO exist, they just don't see them. The site gallery does not do
  this and simply hides explicit photos.
2022-08-13 15:39:31 -07:00
de3d6e9315 User Profile and Settings Pages
* Vendor fontawesome icons
* User settings page: to edit profile details (other features not hooked
  up yet)
* Initial user profile page
2022-08-10 20:59:59 -07:00