diff --git a/CHANGELOG.md b/CHANGELOG.md index 682ef87..a52dbee 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,8 @@ +## Version 1.0.2 - 2016-06-28 + + * Fixed a default configuration issue which caused Cabins to be disabled. + * Improved the UX of the Installer. Populate more default settings. + ## Version 1.0.1 - 2016-06-27 * Fixed a syntax error that snuck into our installer SQL code. diff --git a/src/Cabin/Hull/Landing/IndexPage.php b/src/Cabin/Hull/Landing/IndexPage.php index 09511aa..5fb1b05 100755 --- a/src/Cabin/Hull/Landing/IndexPage.php +++ b/src/Cabin/Hull/Landing/IndexPage.php @@ -35,7 +35,7 @@ public function index() } $blogRoll = $this->blog->recentFullPosts( - $this->config('homepage.blog-posts') ?? 5 + (int) ($this->config('homepage.blog-posts') ?? 5) ); $mathJAX = false; foreach ($blogRoll as $i => $blog) { diff --git a/src/Installer/Install.php b/src/Installer/Install.php index 38aae71..151420e 100755 --- a/src/Installer/Install.php +++ b/src/Installer/Install.php @@ -8,6 +8,7 @@ }; use \Airship\Engine\Security\CSRF; use \GuzzleHttp\Client; +use ParagonIE\ConstantTime\Base64UrlSafe; use \ParagonIE\Halite\Password; use \ParagonIE\ConstantTime\Base64; @@ -611,9 +612,11 @@ protected function databaseFinalPgsql() */ protected function finalProcessAdminAccount() { + $sessionCanary = Base64UrlSafe::encode(\random_bytes(33)); $this->db->insert('airship_users', [ 'username' => $this->data['admin']['username'], 'password' => $this->data['admin']['passphrase'], + 'session_canary' => $sessionCanary, 'uniqueid' => \Airship\uniqueId() ]); @@ -632,6 +635,7 @@ protected function finalProcessAdminAccount() // Log in as the user $_SESSION['userid'] = $userid; + $_SESSION['session_canary'] = $sessionCanary; } /** diff --git a/src/Installer/skins/cabins.twig b/src/Installer/skins/cabins.twig index 21e7989..11fc7cd 100755 --- a/src/Installer/skins/cabins.twig +++ b/src/Installer/skins/cabins.twig @@ -64,14 +64,42 @@ "enabled": true, "captcha": true }, + "editor": { + "default-format": "Markdown" + }, "file": { - "cache": 900 + "cache": 3600 + }, + "password-reset": { + "enabled": true, + "logout": true, + "ttl": 30 + }, + "recaptcha": { + "secret-key": "", + "site-key": "" }, "two-factor": { + "issuer": "", + "label": "", "length": 6, "period": 30 + }, + "user-directory": { + "per-page": 20 } } %} + {% set motifs = + { + "name": { + "config": { + "display_name": "Airship Classic (You can change this later)", + "name": "airship-classic", + "supplier": "paragonie", + } + } + } + %} {% set twig_vars = { "title": "Airship Blog", "tagline": "Even the sky shall not limit you." @@ -94,8 +122,14 @@ <label for="hull_url"> Canon URL (for hyperlinks from other Cabins): </label> - <input id="hull_url" class="pure-input-1" type="text" name="cabin[Hull][canon_url]" value="http://{{ SERVER.HTTP_HOST|e('html_attr') }}" /> - + <input + id="hull_url" + class="pure-input-1" + type="text" + name="cabin[Hull][canon_url]" + value="http://{{ SERVER.HTTP_HOST|e('html_attr') }}" + /> + <div> <input id="hull_https" class="inblock" type="checkbox" name="cabin[Hull][https]" value="1" checked="checked" /> <label for="hull_https" class="inblock"> @@ -122,18 +156,24 @@ {% set config_extra = { "blog": { "cachelists": false, - "per_page": "20", "comments": { + "depth_max": 5, "enabled": true, "guests": true, "recaptcha": true - } + }, + "per_page": 20 }, + "cache-secret": "", "file": { - "cache": 900 + "cache": 3600 }, "homepage": { - "blog-posts": 5 + "blog-posts": 3 + }, + "recaptcha": { + "secret-key": "", + "site-key": "" } } %} {% set twig_vars = {