Talon/chat_grid
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
390 Commits 3 Branches 0 Tags
ba34ce4e9ba97aca2013839dd74950a9ab61fef8
Commit Graph

74 Commits

Author SHA1 Message Date
Jage9
ba34ce4e9b Tighten auth helper origin checks 2026-03-08 21:58:19 -04:00
Jage9
6e8ecf44c1 Require auth session for media proxy 2026-03-08 21:44:27 -04:00
Jage9
78bc931cce Harden origin and media URL security 2026-03-08 20:51:50 -04:00
Jage9
873b00e070 Harden forwarded IP parsing for auth throttling 2026-03-02 00:41:58 -05:00
Jage9
2956fa8083 Fix session cookie routing and proxy-aware auth throttling 2026-03-01 23:57:31 -05:00
Jage9
a57e48a265 Allow pre-ready heartbeat pings and include local doc updates 2026-02-28 21:20:59 -05:00
Jage9
429b295a64 Defer world activation until welcome preflight confirmation 2026-02-28 20:58:23 -05:00
Jage9
449f2c9530 Require targetUserId for item transfers 2026-02-28 20:26:40 -05:00
Jage9
daab7bb759 Support account-wide item transfer targets and fix delete confirm exit 2026-02-28 20:24:37 -05:00
Jage9
9fe9c6da4d Allow valid self-target item transfers 2026-02-28 20:17:49 -05:00
Jage9
c1cf100898 Refine confirm menu speech and item action notifications 2026-02-28 20:09:52 -05:00
Jage9
906c320e51 Add admin delete-account flow with yes/no confirmation 2026-02-28 20:06:43 -05:00
Jage9
b0fa040d33 Add z item management menu with transfer and yes/no confirmation 2026-02-28 05:11:49 -05:00
Jage9
8a2b95ce68 Reapply "Return friendly generic auth messages for login and resume failures" 
This reverts commit 9c5011a8fd.
 2026-02-28 04:53:11 -05:00
Jage9
9c5011a8fd Revert "Return friendly generic auth messages for login and resume failures" 
This reverts commit 9f3cd1fbdc.
 2026-02-28 04:52:44 -05:00
Jage9
027f04e58d Revert "Enforce websocket origin allowlist with secure-mode config" 
This reverts commit cf30229b37.
 2026-02-28 04:52:44 -05:00
Jage9
cf30229b37 Enforce websocket origin allowlist with secure-mode config 2026-02-28 04:47:07 -05:00
Jage9
9f3cd1fbdc Return friendly generic auth messages for login and resume failures 2026-02-28 04:39:26 -05:00
Jage9
b8843e7c21 Move auth session persistence to true HttpOnly cookies 2026-02-28 04:29:57 -05:00
Jage9
cf54132c25 Make websocket transport secure by default 2026-02-28 03:52:05 -05:00
Jage9
37419a5592 Lock admin role permissions on server and client 2026-02-27 19:36:09 -05:00
Jage9
0867e7b4c1 Fix reboot notice scope and preserve raw slash command input 2026-02-27 19:25:36 -05:00
Jage9
ef5fa024c0 Refine reboot notices and sounds for in-progress state 2026-02-27 19:23:09 -05:00
Jage9
d522ba10a8 Protect user role from deletion and use action sound asset 2026-02-27 19:15:13 -05:00
Jage9
8ba0398d25 Add reboot and version slash commands with permission guard 2026-02-27 04:40:36 -05:00
Jage9
464d39f78b Add server chat slash commands for me and uptime 2026-02-27 04:33:54 -05:00
Jage9
4fcd006856 Track item updatedBy as readonly metadata and inspect field 2026-02-27 02:27:16 -05:00
Jage9
ac88195c6e Add tooltips for readonly item system properties 2026-02-27 02:22:59 -05:00
Jage9
d74937b2dc Set default clock alarm time and gate alarm time field by visibility 2026-02-27 02:11:08 -05:00
Jage9
78be266fcf Add clock alarm scheduling with formatted alarm time options 2026-02-27 02:06:51 -05:00
Jage9
4ed52649f1 Add spoken spatial clock announcements with top-of-hour mode 2026-02-27 01:05:23 -05:00
Jage9
6143798b83 Make radio secondary now-playing message self-only 2026-02-25 01:14:17 -05:00
Jage9
08d74b8e2c Add Shift+Enter secondary item action with radio handler 2026-02-25 01:11:47 -05:00
Jage9
9eaa330c3e Add radio now-playing metadata polling and readonly props 2026-02-25 00:52:28 -05:00
Jage9
e7d3b41782 Harden auth flow against timing and event-loop blocking 2026-02-25 00:17:05 -05:00
Jage9
bf3bc90f2a Add account auth with websocket login/register and sessions 2026-02-24 22:03:10 -05:00
Jage9
4ea5419d30 Fix position desync causing item interaction failures 2026-02-24 21:01:21 -05:00
Jage9
297f1c0c1a Broadcast teleport landing sound to nearby users 2026-02-24 20:55:02 -05:00
Jage9
a1132ea22a Fix movement pacing defaults and remove config knobs 2026-02-24 20:43:24 -05:00
Jage9
686d065bf9 Fix carried use-sound origin and centralize sound normalization 2026-02-24 20:34:48 -05:00
Jage9
fa65d7bd0d Enforce cumulative per-tick movement budget on server 2026-02-24 20:15:24 -05:00
Jage9
fe07fa3e8f Use structured piano status packets instead of message text matching 2026-02-24 19:56:44 -05:00
Jage9
3c52d35983 refactor: remove per-type module.py and simplify plugin wiring 2026-02-24 18:56:42 -05:00
Jage9
fcb5e85b13 refactor: complete server-first item schema wiring and plugin contract checks 2026-02-24 18:48:08 -05:00
Jage9
d4dbb807da server: make state-save debounce timing configurable 2026-02-24 02:50:47 -05:00
Jage9
477b4d2cf4 server: debounce item state saves and add schema contract tests 2026-02-24 02:49:13 -05:00
Jage9
9f8a6bdcc8 Enforce strict item params validation and stripping on server 2026-02-24 02:39:51 -05:00
Jage9
ccbe41e618 Refine piano recording controls and stop behavior 2026-02-23 02:00:01 -05:00
Jage9
5d88fce752 Remove legacy piano fallback and add state-indexed song events 2026-02-23 01:49:27 -05:00
Jage9
6595c15fa4 Migrate piano songs to songId registry with compact storage 2026-02-23 01:43:02 -05:00