- Allow users to enable TOTP 2FA from the profile page by scanning a QR code.
- Create new `internal/tmptokens` in-memory token store for temp tokens for
temporary login -> 2FA flow.
- Refactor reset methods to use this package instead of inline locked map.
- `Forgot password` link+form on the login page.
- A temporary TTL'd token (in-memory) is e-emailed to the user if the account is active.
- Simple reset password page followed by an instant login+redirect to the admin dashboard.
* feat: add subscriber activity tracking UI in admin panel
* Apply minor cosmetic fixes to the subscriber activity forum.
- Remove dead icon references
- Remove new i18n language strings and reuse existing ones
- Refresh i18n languages with new strings
- Tweak styles
---------
Co-authored-by: Kailash Nadh <kailash@nadh.in>
This patch adds 3 new options to OIDC settings.
Toggle user auto-creation, and select default user/list roles
for auto-created users.
Co-authored-by: Kailash Nadh <kailash@nadh.in>
This patch introduces a new `Domain allowlist` input in Settings -> Privacy UI
as a new tab alongside domain `Domain blocklist`. If any domains are entered
here, then only subscriptions/imports/additions of e-mails from those particular
domains are accepted. blocklist is mutually exclusive with allowlist when there
are values in the allowlist.
This patch adds a new optional `name` field to SMTP server config on the UI.
When a name is given to an SMTP server, it's initialized as a standalone messenger
which shows up as a sub-group item under the main "email" messenger
on the campaign page.
Co-authored-by: Kailash Nadh <kailash@nadh.in>
- Add materialized views for list -> subscriber counts, dashboard chart,
and dashboard aggregate stats that slow down significantly on large
databases (with millions or tens of millions of subscribers). These
slow queries involve full table scan COUNTS().
- Add a toggle to enable caching slow results in Settings -> Performance.
- Add support for setting a cron string that crons and periodically
refreshes aggregated stats in materialized views.
Closes#1019.
- Add new 'Subscriptions' table on the subscriber list form that shows subs,
IP, and other data.
- Add new `meta` JSONB field to `subscriber_lsts` table.
Closes#1329.
This PR masks all the password fields in the UI with a pseudo dot character
retaining the rune length of the original password so that the password
fields on the UI appear to be containing the entered value as-is.
The earlier implementation would revert to a fixed length dummy password
confusing certain users and making it look like the password they entered
wasn't being saved.
- Add support for `complaint` to the SES bounce processor.
- Add support for `hard/soft` to Sendgrid bounce processor.
- Add new bounce actions `None` and `Unsubscribe`.
- Add per type (`soft/hard/complaint`) bounce rule configuration to
admin settings UI.
- Refactor Cypress bounce tests.
- Introduces a new option on the settings UI to optionally publish the full campaign body in
public archive RSS feeds.
Closes#1033
Co-authored-by: Kailash Nadh <kailash@nadh.in>
Bots easily bypass the simple `nonce` hack. This commit adds support
for the hcaptcha.com widget.
- New `Security` tab in the admin settings UI.
- Enable/disable CAPTCHA.
- Render CAPTCHA on the public subscription form.
Closes#1116.
This patch adds new array fields on `POST /tx`: `subscriber_emails[]`, `subscriber_ids[]`.
Either of these array fields can be sent with multiple subscribers.
The individual non-array fields `subscriber_id` and `subscriber_email` are deprecated.
Closes#994.
This commit adds a new API `POST /api/tx` that sends an ad-hoc message
to a subscriber based on a pre-defined transactional template. This is
a large commit that adds the following:
- New campaign / tx template types on the UI. tx templates have an
additional subject field.
- New fields `type` and `subject` to the templates table.
- Refactor template CRUD operations and models.
- Refactor template func assignment in manager.
- Add pre-compiled template caching to manager runtime.
- Pre-compile all tx templates into memory on program boot to avoid
expensive template compilation on ad-hoc tx messages.
