simon/smeagol
1
0
Fork 0
mirror of https://github.com/journeyman-cc/smeagol.git synced 2026-04-12 18:05:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Seems all to be working now. You can't actually delete users through the user

Browse source 
interface, but you can add and edit them.
This commit is contained in:
simon 2016-09-11 16:01:51 +01:00
parent de7a553a86
commit 09fe67a26e
13 changed files with 351 additions and 193 deletions
Download patch file Download diff file Expand all files Collapse all files

6
resources/public/content/Introduction.md
View file

@ -8,18 +8,16 @@ Smeagol is now a fully working small Wiki engine, and meets my own immediate nee
things which could be improved - see **TODO** list below - but it works now and doesn't seem to have any major problems.
## Markup syntax
Smeagol uses the Markdown format as provided by [markdown-clj](https://github.com/yogthos/markdown-clj), with the addition that anything enclosed in double square brackets, \[\[like this\]\], will be treated as a link into the wiki itself.
Smeagol uses the Markdown format as provided by [markdown-clj](https://github.com/yogthos/markdown-clj), with the addition that anything enclosed in double square brackets, \[\[like this\]\], will be treated as a link into the wiki itself. Here's an example [[Internal Link]].
## Security and authentication
Security is now greatly improved. There is a file called *passwd* in the *resources* directory, which contains a clojure map which maps usernames to maps with plain-text passwords and emails thus:
{:admin {:password "admin" :email "admin@localhost"}
{:admin {:password "admin" :email "admin@localhost" :admin true}
:adam {:password "secret" :email "adam@localhost"}}
that is to say, the username is a keyword and the corresponding password is a string. However, since version 0.5.0, users can now change their own passwords, and when the user changes their password their new password is encrypted using the [scrypt](http://www.tarsnap.com/scrypt.html) one-way encryption scheme. The password file is now no longer either in the *resources/public* directory so cannot be downloaded through the browser, nor in the git archive to which the Wiki content is stored, so that even if that git archive is remotely clonable an attacker cannot get the password file that way.
There's still no mechanism to add a new user to the system through the user interface; you do still have to do that by editing the password file in an editor.
## Images
Smeagol does not currently have any mechanism to upload images. You can, however, link to images already available on the web, like this: