diff --git a/crates/app/src/public/html/profile/base.html b/crates/app/src/public/html/profile/base.html
index 0504174..410755e 100644
--- a/crates/app/src/public/html/profile/base.html
+++ b/crates/app/src/public/html/profile/base.html
@@ -1,5 +1,35 @@
{% extends "root.html" %} {% block head %}
{{ profile.username }} - {{ config.name }}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
{% endblock %} {% block body %} {{ macros::nav() }}
diff --git a/crates/app/src/routes/api/v1/auth/images.rs b/crates/app/src/routes/api/v1/auth/images.rs
index 3c0fd56..bea651d 100644
--- a/crates/app/src/routes/api/v1/auth/images.rs
+++ b/crates/app/src/routes/api/v1/auth/images.rs
@@ -52,8 +52,20 @@ pub async fn avatar_request(
let data = &(data.read().await).0;
let user = match if req.selector_type == AvatarSelectorType::Id {
- data.get_user_by_id(selector.parse::().unwrap())
- .await
+ data.get_user_by_id(match selector.parse::() {
+ Ok(d) => d,
+ Err(_) => {
+ return (
+ [("Content-Type", "image/svg+xml")],
+ Body::from(read_image(PathBufD::current().extend(&[
+ data.0.dirs.media.as_str(),
+ "images",
+ "default-avatar.svg",
+ ]))),
+ );
+ }
+ })
+ .await
} else {
data.get_user_by_username(&selector).await
} {
diff --git a/crates/core/src/config.rs b/crates/core/src/config.rs
index 608d4a6..916cd72 100644
--- a/crates/core/src/config.rs
+++ b/crates/core/src/config.rs
@@ -173,6 +173,10 @@ pub struct Config {
/// order to prevent a way too easy DOS.
#[serde(default = "default_banned_hosts")]
pub banned_hosts: Vec,
+ /// The main public host of the server. **Not** used to check against banned hosts,
+ /// so this host should be included in there as well.
+ #[serde(default = "default_host")]
+ pub host: String,
/// Database security.
#[serde(default = "default_security")]
pub security: SecurityConfig,
@@ -222,6 +226,10 @@ fn default_banned_hosts() -> Vec {
Vec::new()
}
+fn default_host() -> String {
+ String::new()
+}
+
fn default_security() -> SecurityConfig {
SecurityConfig::default()
}
@@ -268,6 +276,7 @@ impl Default for Config {
color: default_color(),
port: default_port(),
banned_hosts: default_banned_hosts(),
+ host: default_host(),
database: default_database(),
security: default_security(),
dirs: default_dirs(),
diff --git a/crates/core/src/database/auth.rs b/crates/core/src/database/auth.rs
index 1510927..8f2f3c4 100644
--- a/crates/core/src/database/auth.rs
+++ b/crates/core/src/database/auth.rs
@@ -423,9 +423,7 @@ impl DataManager {
pub fn check_totp(&self, ua: &User, code: &str) -> bool {
let totp = ua.totp(Some(
self.0
- .banned_hosts
- .get(0)
- .unwrap_or(&"https://tetratto.com".to_string())
+ .host
.replace("http://", "")
.replace("https://", "")
.replace(":", "_"),
@@ -527,9 +525,7 @@ impl DataManager {
// get totp
let totp = other_user.totp(Some(
self.0
- .banned_hosts
- .get(0)
- .unwrap_or(&"https://tetratto.com".to_string())
+ .host
.replace("http://", "")
.replace("https://", "")
.replace(":", "_"),
diff --git a/example/tetratto.toml b/example/tetratto.toml
index 1ecc882..f97e9cc 100644
--- a/example/tetratto.toml
+++ b/example/tetratto.toml
@@ -4,6 +4,7 @@ color = "#c9b1bc"
port = 4118
banned_hosts = []
no_track = []
+host = "http://localhost:4118"
banned_usernames = [
"admin",
"owner",