ivatar issueshttps://git.linux-kernel.at/oliver/ivatar/-/issues2024-01-16T14:00:42Zhttps://git.linux-kernel.at/oliver/ivatar/-/issues/95Logout leading to HTTP error 4052024-01-16T14:00:42ZOliver Falkoliver@linux-kernel.atLogout leading to HTTP error 405Django 5 deprecated logout via GET request - only POST is allowed.
Reference: https://docs.djangoproject.com/en/5.0/releases/5.0/#features-removed-in-5-0
Also partially outlined here: https://codereviewdoctor.medium.com/3-awesome-django...Django 5 deprecated logout via GET request - only POST is allowed.
Reference: https://docs.djangoproject.com/en/5.0/releases/5.0/#features-removed-in-5-0
Also partially outlined here: https://codereviewdoctor.medium.com/3-awesome-django-4-1-changes-1-is-a-logout-deprecation-you-need-to-know-about-1d8166ccbdb2
This needs to be fixed in navigation and home pages.https://git.linux-kernel.at/oliver/ivatar/-/issues/92Dicebear implementation needs update2023-02-01T16:17:39ZOliver Falkoliver@linux-kernel.atDicebear implementation needs updateAllowed URLs need an update: https://git.linux-kernel.at/oliver/ivatar/-/blob/master/config.py#L213
Dicebear API docs: https://dicebear.com/how-to-use/http-api
Maybe keep the 'avatars' subdomain and just add the 'api' subdomain in case...Allowed URLs need an update: https://git.linux-kernel.at/oliver/ivatar/-/blob/master/config.py#L213
Dicebear API docs: https://dicebear.com/how-to-use/http-api
Maybe keep the 'avatars' subdomain and just add the 'api' subdomain in case it would break some implementation.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/91Error 500 if trying to confirm a mail address that is already confirmed for a...2023-01-24T21:00:19ZOliver Falkoliver@linux-kernel.atError 500 if trying to confirm a mail address that is already confirmed for another userError logged:
```
IntegrityError at /accounts/confirm_email/<verify digest>
duplicate key value violates unique constraint "ivataraccount_confirmedemail_email_key"
DETAIL: Key (email)=(<some mail address>) already exists.
```Error logged:
```
IntegrityError at /accounts/confirm_email/<verify digest>
duplicate key value violates unique constraint "ivataraccount_confirmedemail_email_key"
DETAIL: Key (email)=(<some mail address>) already exists.
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/90Trusted URLs improvements/refactors2022-09-15T17:06:45ZSeth Falcoseth@falco.funTrusted URLs improvements/refactorsJust making some notes to resolve later if you don't disagree with them anyway:
* Given that the list of TRUSTED_DEFAULT_URLs can be overridden, it's probably best to handle None explicitly.
* Add backward compatibility to work with stri...Just making some notes to resolve later if you don't disagree with them anyway:
* Given that the list of TRUSTED_DEFAULT_URLs can be overridden, it's probably best to handle None explicitly.
* Add backward compatibility to work with string literals and check the start of the string.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/89Password reset raises error if multiple accounts with the same mail address e...2022-11-17T11:39:14ZOliver Falkoliver@linux-kernel.atPassword reset raises error if multiple accounts with the same mail address existLog from the error:
```
Internal Server Error: /accounts/password_reset/
Traceback (most recent call last):
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
response =...Log from the error:
```
Internal Server Error: /accounts/password_reset/
Traceback (most recent call last):
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
response = get_response(request)
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/views/generic/base.py", line 70, in view
return self.dispatch(request, *args, **kwargs)
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
return bound_method(*args, **kwargs)
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/utils/decorators.py", line 130, in _wrapped_view
response = view_func(request, *args, **kwargs)
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/contrib/auth/views.py", line 222, in dispatch
return super().dispatch(*args, **kwargs)
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/views/generic/base.py", line 98, in dispatch
return handler(request, *args, **kwargs)
File "/srv/libravatar/ivatar/ivataraccount/views.py", line 1084, in post
user = User.objects.get(email=request.POST["email"])
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/db/models/manager.py", line 85, in manager_method
return getattr(self.get_queryset(), name)(*args, **kwargs)
File "/data/venvs/libravatar/lib/python3.10/site-packages/django/db/models/query.py", line 439, in get
raise self.model.MultipleObjectsReturned(
django.contrib.auth.models.User.MultipleObjectsReturned: get() returned more than one User -- it returned 4!
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/87Add webp support2022-12-06T18:10:22ZOliver Falkoliver@linux-kernel.atAdd webp supportIt would be great to use WebP (or even AVIF) for the generated avatar icons by appending the file extension as a suffix in the URL.
https://caniuse.com/webp
https://caniuse.com/avif
Then the website that uses Libravatar can choose if ...It would be great to use WebP (or even AVIF) for the generated avatar icons by appending the file extension as a suffix in the URL.
https://caniuse.com/webp
https://caniuse.com/avif
Then the website that uses Libravatar can choose if they want it in PNG or WebP format.
https://www.libravatar.org/static/img/nobody/80.png -- works today
https://www.libravatar.org/static/img/nobody/80.webp -- does not work
https://www.libravatar.org/avatar/23463b99b62a72f26ed677cc556c44e8?s=80 -- works today
https://www.libravatar.org/avatar/23463b99b62a72f26ed677cc556c44e8.webp?s=80 -- does not workWinter Sprint 2022Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/86Missing Cache-Control headers2022-12-30T12:26:39ZDaniel AleksandersenMissing Cache-Control headersHi,
There’s quite a few responses that are missing `Cache-Control` headers. Especially the 404 not found responses (default image), redirects, and even when an avatar image is found and served.
Secondarily, the cache efficiency can be ...Hi,
There’s quite a few responses that are missing `Cache-Control` headers. Especially the 404 not found responses (default image), redirects, and even when an avatar image is found and served.
Secondarily, the cache efficiency can be increased significantly by adding `stale-while-revalidate` handling (e.g. `Cache-Cotrol: max-age=600,stale-while-revalidate=259200`.) Intermediary caches and even browsers will keep using a cached image and revalidate and update the cached image in the background. (So, the page load isn’t delayed after the `max-age` has expired.) It lets you keep a short 15-min max-age while still letting browsers use a cached image for a month.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/85Matrix contact details2021-09-06T12:18:16ZGhost UserMatrix contact detailsSince I didn't manage to fork the project on this gitlab instance due to project restrictions, I just provide this handy patch, that should provide an updated version of the contact page.
It's a first draft, so feel free to criticise an...Since I didn't manage to fork the project on this gitlab instance due to project restrictions, I just provide this handy patch, that should provide an updated version of the contact page.
It's a first draft, so feel free to criticise and adjust :)
[0001-Add-newer-version-of-matrix-contact-page.patch](/uploads/7c01d8cd8d94e357b463fc380b650ef6/0001-Add-newer-version-of-matrix-contact-page.patch)Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/84Support for self signed certificates - openid2022-12-30T12:25:48ZMinecraftchest1Support for self signed certificates - openidWhen logging in with an openid connect provider that uses a self-signed cert (such as a self-hosted keycloak install), the following error is generated.
```
OpenID discovery failed: Error fetching XRDS document: <urlopen error [SSL: CERT...When logging in with an openid connect provider that uses a self-signed cert (such as a self-hosted keycloak install), the following error is generated.
```
OpenID discovery failed: Error fetching XRDS document: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1056)>
```
![image](/uploads/17c6d103dfd7481a10b29287aabbb858/image.png)Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/83Verification links not working2021-09-06T12:18:00ZGhost UserVerification links not workingWhen adding a new email address on my install, the verification links don't seem to work. The links have a different hash than the database table. When I take the hash from the database and use it in the link, it works. I tested this ...When adding a new email address on my install, the verification links don't seem to work. The links have a different hash than the database table. When I take the hash from the database and use it in the link, it works. I tested this using both the SQLite and PostgreSQL options.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.at2021-04-16https://git.linux-kernel.at/oliver/ivatar/-/issues/81No module named 'PIL2021-09-06T12:17:47ZGhost UserNo module named 'PILWhen installing on my RaspberryPi, I get this error when running `pip install -r requirements.txt`
```
ERROR: Command errored out with exit status 1:
command: /opt/ivatar/ivatar/.virtualenv/bin/python3 -c 'import sys, setuptools, to...When installing on my RaspberryPi, I get this error when running `pip install -r requirements.txt`
```
ERROR: Command errored out with exit status 1:
command: /opt/ivatar/ivatar/.virtualenv/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-req-build-9qiryzy2/setup.py'"'"'; __file__='"'"'/tmp/pip-req-build-9qiryzy2/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-ofy7p5ap
cwd: /tmp/pip-req-build-9qiryzy2/
Complete output (7 lines):
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-req-build-9qiryzy2/setup.py", line 4, in <module>
import Identicon
File "/tmp/pip-req-build-9qiryzy2/Identicon/__init__.py", line 6, in <module>
from PIL import Image, ImageDraw
ModuleNotFoundError: No module named 'PIL'
----------------------------------------
WARNING: Discarding git+https://github.com/flavono123/identicon.git. Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/80No confirmation email2021-09-06T12:17:40ZGhost UserNo confirmation emailHello there,
I am using this service for a while now,
when I use google, yahoo ..etc email, it's completely fine, I can just ask for a confirmation email, and done.
But this can't be done with "@outlook" email.
I have checked the inbox a...Hello there,
I am using this service for a while now,
when I use google, yahoo ..etc email, it's completely fine, I can just ask for a confirmation email, and done.
But this can't be done with "@outlook" email.
I have checked the inbox and junk as well.
Thank you.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/77Check ID form: email not normalized for sha2562021-09-06T12:18:02ZGhost UserCheck ID form: email not normalized for sha256I just noticed that depending on the casing of the email address, the sha256 icon is found or not, when using the [check form on libravatar.org](https://www.libravatar.org/tools/check/)
Using `test@example.com` vs `Test@example.com` **s...I just noticed that depending on the casing of the email address, the sha256 icon is found or not, when using the [check form on libravatar.org](https://www.libravatar.org/tools/check/)
Using `test@example.com` vs `Test@example.com` **should not** cause different sha256 hashes to be produced. And **does not** cause different md5 hashes.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/74Reduce profile data2021-09-10T11:07:35ZGhost UserReduce profile dataIn order to encourage privacy by design, I would recommend to reduce the information that is hold on in the account data.
In explicit, I would recommend/encourage to get rid of the actual identity strings and replace them with aliases a...In order to encourage privacy by design, I would recommend to reduce the information that is hold on in the account data.
In explicit, I would recommend/encourage to get rid of the actual identity strings and replace them with aliases and only store the hashed version.
[As we recently saw with gravatar](https://www.bleepingcomputer.com/news/security/online-avatar-service-gravatar-allows-mass-collection-of-user-info/) vulnerabilities allow account enumeration and like in worst case. This is not necessary when one takes some trade-offs.
We can just store the hash of most identities in the database. There should be a primary identity that is used as an emergency contact, but otherwise identities should just get an alias field that is used as their UI identifier and otherwise be stored in form of a hash. This reduces the ability to collect mail addresses and OpenIDs even when the database would be breached.
From a workflow perspective it's not necessary to store an identity after successful verification as all further actions are performed with the hash only.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/73Create an avatar maker2021-09-06T12:17:56ZGhost UserCreate an avatar makerTo be able to create your own avatar to host on Libravatar it would be nice with an own avatar maker directly on the website.
The avatar maker could have a web UI that lets you create your own avatar. The avatar could also be stored in ...To be able to create your own avatar to host on Libravatar it would be nice with an own avatar maker directly on the website.
The avatar maker could have a web UI that lets you create your own avatar. The avatar could also be stored in a format that can be fed to the avatar maker. It could output SVG and export to PNG.
Things could be rendered in layers:
- Layer 1: The background
- Layer 2: Skin tone
- Layer 3: Eyes, nose, mouth
- Layer 4: Hair
- Layer 5: Glasses, hat, shirt
# Avatar description language
An avatar description language based on JSON or XML could be defined. It could be documented, a specification could be written, maybe even standardized. The data could be fed to the Libravatar avatar maker as well as other third-party avatar makers, games and animation software which could render it in 3D or animated.
## Example format
```json
{
"skinTone": 1,
"eyebrowColor": "brown-200",
"eyebrowShape": 7,
"eyeColor": "green-500",
"eyeShape": 5,
"eyeSize": "m",
"lipColor": "red-300",
"lipSize": "m",
"noseShape": 3,
"noseSize": "m",
"shirtColor": "grey-700",
"background": "wall-2",
"mood": "happy"
}
```
## JavaScript
You could pass the format to a JavaScript library that renders it to either a SVG element or to a `<canvas>` element.
```javascript
const element = document.getElementById('output');
let libravatar = new Libravatar();
libravatar.load(example_data);
libravatar.render(element);
```
### JavaScript API
- `load(obj)` - Load avatar object.
- `export_png()` - Returns a [`Blob`](https://developer.mozilla.org/en-US/docs/Web/API/Blob) object containing the avatar in PNG format.
- `export_svg()` - Returns a `Blob` object containing the avatar in SVG format.
- `setEyebrowColor(value)` - Sets the eyebrow color.
- `setEyeColor(value)` - Sets the eye color.
## React
There could be a React component.
```jsx
<Avatar
skinTone="1"
eyebrowColor="brown-200"
eyebrowShape="7"
eyeColor="green-500"
eyeShape="5"
eyeSize="m"
lipColor="red-300"
lipSize="m"
noseShape="3"
noseSize="m"
shirtColor="grey-700"
/>
```
## Get avatar using URL
You could base64 encode the JSON object and pass it as a query parameter.
```http
GET /avatar?data=ewogICAgInNraW5Ub25lIjogMSwKICAgICJleWVicm93Q29sb3IiOiAiY... HTTP/1.1
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/71Bitmoji integration2022-12-30T12:24:15ZGhost UserBitmoji integrationIt would be nice with integration with [Bitmoji](https://www.bitmoji.com/) since those avatars are very customizable and pretty.
Links that might be of relevance:
* https://github.com/matthewnau/libmoji
* https://kit.snapchat.com/docs/b...It would be nice with integration with [Bitmoji](https://www.bitmoji.com/) since those avatars are very customizable and pretty.
Links that might be of relevance:
* https://github.com/matthewnau/libmoji
* https://kit.snapchat.com/docs/bitmoji-kit-web
* https://kit.snapchat.com/docs/reference-webOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/69Automatically associate added emails with "other service" default2021-09-16T11:27:12ZGhost UserAutomatically associate added emails with "other service" defaultI've been importing all my previous email associated to Gravatar, however the experience was a bit annoying as I was expecting this to set the previously used image as default for such email, instead of having me to redo the same process...I've been importing all my previous email associated to Gravatar, however the experience was a bit annoying as I was expecting this to set the previously used image as default for such email, instead of having me to redo the same process for them all (and I had like 8 with different images).
So, please... I like the idea of a free service, but make the migration a nicer experience.Winter Sprint 2022Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/67big confusion in login2021-11-22T13:14:06ZGhost Userbig confusion in loginAs described in https://git.linux-kernel.at/oliver/ivatar/-/issues/64 . Since the rewrite in 2018, my avatar wasn't display correctly until yesterday, but I had to fight a lot to discover my problem . with https://www.libravatar.org/tool...As described in https://git.linux-kernel.at/oliver/ivatar/-/issues/64 . Since the rewrite in 2018, my avatar wasn't display correctly until yesterday, but I had to fight a lot to discover my problem . with https://www.libravatar.org/tools/check/ I found that what Fedora sites are looking for http://sergiomb.id.fedoraproject.org/ , and when I logged in with http://sergiomb.id.fedoraproject.org/ I went to my first registered user "sergiomb" but I usually I use just id.fedoraproject.org to login in my main user which is "sergiomb2"
Here in sergiomb2 profile I defined a lot similar openIds https://sergiomb.id.fedoraproject.org/ (with https) and http://id.fedoraproject.org/openid/id/sergiomb/ and https://id.fedoraproject.org/openid/id/sergiomb .
At least iavatar shouldn't allow:
- equal openIds with / or not in end
- with http and https with same URL
this cases allow 4 cases that are exactly the same thing:
```
http://id.fedoraproject.org/openid/id/sergiomb/
http://id.fedoraproject.org/openid/id/sergiomb
https://id.fedoraproject.org/openid/id/sergiomb/
https://id.fedoraproject.org/openid/id/sergiomb
```
but I missed the most important one ! what I needed was http://sergiomb.id.fedoraproject.org/ :(, I even can add just https://id.fedoraproject.org ,I guess.
And at last when we try login, we just need write "id.fedoraproject.org", We don't need specify the user and neither the protocol.
If we specify an openId that is the same in practice , and are different registered, lets says: https://id.fedoraproject.org/openid/id/sergiomb/ and http://sergiomb.id.fedoraproject.org/ the iavatar creates a new login automatically , for example I have sergiomb , sergiomb2 to sergiomb11 already . But all the records have the same email , which makes us not allow to recover the password (because uses the email).
In conclusion I think you shouldn't allow new records if the email associated is the same, and that can be the key point to allow a better service .
ThanksOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/66libravatar disable upload new photo when user reached max allowed photos limit2021-09-06T11:54:36ZGhost Userlibravatar disable upload new photo when user reached max allowed photos limitFrom libravatar IRC:
```
18:20:10 opal | suggestion: disable the "upload new photo" button if user has reached max allowed photos
18:20:26 opal | its annoying to go through the upload process only to find out it wouldnt have worked a...From libravatar IRC:
```
18:20:10 opal | suggestion: disable the "upload new photo" button if user has reached max allowed photos
18:20:26 opal | its annoying to go through the upload process only to find out it wouldnt have worked anyway
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/65„+“ in mail address doesn‘t work for photo import2020-04-23T09:17:26ZOliver Falkoliver@linux-kernel.at„+“ in mail address doesn‘t work for photo importAccording to
https://twitter.com/webknjaz/status/1252558228518559746?s=21
„+“ in mail address doesn‘t work.According to
https://twitter.com/webknjaz/status/1252558228518559746?s=21
„+“ in mail address doesn‘t work.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.at