#### What type of PR is this?
/area core
/kind cleanup
#### What this PR does / why we need it:
Remove unused dependencies and configuration files
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area ui
/kind bug
/milestone 2.20.x
#### What this PR does / why we need it:
修复文章自动生成别名不按照别名生成策略生成的问题。
#### Which issue(s) this PR fixes:
Fixes#6913
#### Special notes for your reviewer:
需要测试:
1. 分类、标签创建和更新时的别名生成
2. 文章新建时,别名是否按照生成策略生成。
#### Does this PR introduce a user-facing change?
```release-note
修复文章自动生成别名不按照别名生成策略生成的问题。
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR excludes console and uc assets in security configuration to make them access by anonymous users.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/6908
#### Special notes for your reviewer:
```bash
http http://localhost:8090/uc/assets/index-E-uvwInx.css -ph
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 26213
Content-Type: text/css
Vary: Accept-Encoding
```
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area core
/kind bug
/milestone 2.20.x
#### What this PR does / why we need it:
修复在低版本 Safari 浏览器中,注册表单中的按钮高度溢出的问题。
#### Which issue(s) this PR fixes:
Fixes#6910
#### Does this PR introduce a user-facing change?
```release-note
修复在低版本 Safari 浏览器中,注册表单中的按钮高度溢出的问题。
```
<!-- Fuck Safari -->
#### What type of PR is this?
/area ui
/kind bug
/milestone 2.20.x
#### What this PR does / why we need it:
修复通过登录跳转到文章编辑页面时,发布文章会跳转到个人中心的问题。
#### Which issue(s) this PR fixes:
Fixes#6901
#### Special notes for your reviewer:
测试步骤:
1. 新建文章,编写内容,但是不发布
2. 在新的浏览器选项卡中退出登录
3. 回到文章编辑页面,跳转到登录页面重新登录之后,发布文章
4. 观察是否会返回到 Console 的文章管理页面。
#### Does this PR introduce a user-facing change?
```release-note
修复通过登录跳转到文章编辑页面时,发布文章会跳转到个人中心的问题。
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
将 MySQL 的表创建脚本 name 列字符集改为 utf8mb4_bin 以使其对大小写敏感
Fixes https://github.com/halo-dev/halo/issues/4372
**how to test it?**
使用 docker 运行 MySQL
```shell
# mariadb 同样将镜像改为 mariadb 后执行相同步骤
docker run --name mysql-test -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE=halo -p 3306:3306 --rm -d mysql:latest
```
然后执行表创建脚本并手动执行以下两条 SQL 能成功插入
```sql
insert into extensions(name,data,version) values('a', 'a', 0)
insert into extensions(name,data,version) values('A', 'A', 0)
```
#### Does this PR introduce a user-facing change?
```release-note
修改 MySQL 表创建脚本 name 列的字符集使其大小写敏感以解决可能会遇到切换数据库时因为数据冲突而无法导入备份的问题(这只对此版本及之后的新用户有效)
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复非 HTTPS 连接下无法记住用户语言偏好的问题
#### Which issue(s) this PR fixes:
Fixes#6888
#### Does this PR introduce a user-facing change?
```release-note
修复非 HTTPS 连接下无法记住用户语言偏好的问题
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR refactors sign up data binding using internal `bind` method in `ServerRequest` instead of binding my hand. It's more convenient and simpler.
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR appends query `method=local` after redirection location in authentication failure handler to redirect to login page with local method.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/6894
#### Does this PR introduce a user-facing change?
```release-note
修复非默认登录方式登录失败之后跳转至默认登录方式的问题
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复从旧版本升级到 2.20 会因为默认主题目录已经存在而无法初始化的问题
#### Which issue(s) this PR fixes:
Fixes#6887
#### Does this PR introduce a user-facing change?
```release-note
修复从旧版本升级到 2.20 会因为默认主题目录已经存在而无法初始化的问题
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR exposes ReactiveUserDetailsService to authentication plugins.
#### Does this PR introduce a user-facing change?
```release-note
支持在插件中使用 ReactiveUserDetailsService
```
#### What type of PR is this?
/area core
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
Bump app store plugin to 1.6.0
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR makes PAT configuration standalone and removes unused configuration related with `JWT`.
After this, we can define additional authentications in plugins with correct configuration order.
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind feature
/area plugin
/milestone 2.20.x
#### What this PR does / why we need it:
This PR exposes user and role services into plugins. Some authentication plugins may interact with users and users' roles.
#### Does this PR introduce a user-facing change?
```release-note
允许在插件中使用 UserService 和 RoleService
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复由 #6680 导致的插件模板处理扩展中无法获取到请求上下文的问题
#6680 修复了插件可以在模板处理扩展中通过请求上下文获取到 Halo 的 ApplicationContext 的问题
但这也引入了新的问题就是导致模板处理扩展无法获取到请求上下文,此 PR 通过判断传递给插件的 ITemplateContext 是否为 IWebContext,如果是则包装为 SecureTemplateWebContext 传递给插件,以解决此问题
#### Which issue(s) this PR fixes:
Fixes#6875
#### Does this PR introduce a user-facing change?
```release-note
修复插件模板处理扩展中无法获取到请求上下文的问题
```
#### What type of PR is this?
/kind documentation
#### What this PR does / why we need it:
添加 Gitpod 的演示环境链接。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind documentation
#### What this PR does / why we need it:
更新快速开始的版本号。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR refactors check of whether the current user is a real user to fix the problem of not being able to create PAT for OAuth2 user.
#### Does this PR introduce a user-facing change?
```release-note
修复通过 OAuth2 登录之后无法正常创建和恢复个人令牌的问题
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR corrects typo of `apisGroups` to `apiGroups` to fix the problem of not being able to disconnect OAuth2 user.
#### Special notes for your reviewer:
0. Install OAuth2 plugin
1. Log in as a normal user
2. Bind a OAuth2 user
3. Try to unbind it
#### Does this PR introduce a user-facing change?
```release-note
修复无法正常解绑 OAuth2 用户
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复初始化 Halo 之后无法进入登录页面的问题
此问题原因是更改了 AuthProvider 的逻辑,当系统启动之后缺少默认的登录方式导致登录页面无法正确渲染
此 PR 将确保默认的登录方式始终存在来解决此问题
how to test it?
重新初始化 Halo 之后能正确渲染登录页面并登录即为符合预期
#### Does this PR introduce a user-facing change?
```release-note
修复初始化 Halo 之后无法进入登录页面的问题
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR ignores URI fragment while removing redirect URI. Before that, users may be redirected to previous redirect URI that contains fragment.
#### Does this PR introduce a user-facing change?
```release-note
修复二次登录后重定向跳转至旧地址的问题
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
恢复 https://github.com/halo-dev/halo/pull/6846 中删除的 SystemSetting.AuthProvider#enabled 字段避免插件应用到了它可能会发生错误,将其标记为过时
#### Does this PR introduce a user-facing change?
```release-note
None
```
* refactor: auth provider sorting logic for better maintainability and clarity
* Refine UI
* chore: remove other auth type
* Remove other auth providers
---------
Co-authored-by: Ryan Wang <i@ryanc.cc>
#### What type of PR is this?
/area core
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
注册表单发送邮箱验证码时,支持显示来自后端的异常。
<img width="693" alt="image" src="https://github.com/user-attachments/assets/78d1d793-7673-4442-9b0b-1eb7c4d91ebd">
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area core
/kind bug
/milestone 2.20.x
#### What this PR does / why we need it:
修复首次初始化之后,个人中心使用的附件存储策略没有默认值的问题。
#### Which issue(s) this PR fixes:
Fixes#6834
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area core
/kind bug
/milestone 2.20.x
#### What this PR does / why we need it:
修复初始化登录之后,没有正确重定向到 /console 的问题。
#### Which issue(s) this PR fixes:
Fixes#6850
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR fills operation ID while building setup route to prevent errors when generating OpenAPI docs.
```java
2024-10-13T22:09:46.997+08:00 ERROR 68966 --- [ parallel-4] a.w.r.e.AbstractErrorWebExceptionHandler : [88654f05-3] 500 Server Error for HTTP GET "/v3/api-docs/apis_aggregated.api_v1alpha1"
java.lang.IllegalStateException: You should either fill, the Operation or at least the bean class and the bean method
at org.springdoc.core.fn.builders.operation.Builder.build(Builder.java:467) ~[springdoc-openapi-starter-common-2.6.0.jar:2.6.0]
Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException:
```
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/milestone 2.20.x
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
忽略预设插件安装时的错误避免无法初始化
可能因为没有预先 download 预设插件到项目目录而发生 IO 异常影响初始化流程
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
修复竖向图片生成缩略图后会丢失方向信息展示为横向图片的问题
#### Which issue(s) this PR fixes:
Fixes#6802
#### Does this PR introduce a user-facing change?
```release-note
修复竖向图片生成缩略图后会丢失方向信息展示为横向图片的问题
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR preserves `remember-me` option after authentication failure.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/6835
#### Special notes for your reviewer:
1. Go to login page
2. Input invalid username or password and select `remember-me` option
3. Click `Login` button
4. See the result
#### Does this PR introduce a user-facing change?
```release-note
修复登录失败后记住我选项被重置的问题
```
#### What type of PR is this?
/area core
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
优化登录等页面的 UI,主要优化低分屏下的 UI 表现,防止元素过大。
#### Does this PR introduce a user-facing change?
```release-note
优化登录等页面的 UI,优化低分屏下的 UI 表现,防止元素过大。
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR makes users not be able to configure a invalid external URL like `https:www/halo.run` even if it is an valid URL format.
#### Which issue(s) this PR fixes:
Fixes#6837
#### Does this PR introduce a user-facing change?
```release-note
修复可配置无效的外部访问地址的问题
```
#### What type of PR is this?
/area core
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
提升登录页面的可访问性。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR adds globalInfo data into logout template model.
#### Which issue(s) this PR fixes:
Fixes https://github.com/halo-dev/halo/issues/6821
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR disables CSRF protection for actuator endpoints because they are not state-changing operations.
#### Which issue(s) this PR fixes:
Fixes#6827
#### Special notes for your reviewer:
Try to restore Halo.
#### Does this PR introduce a user-facing change?
```release-note
修复恢复备份后无法自动重启的问题
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR prevents caching from cache plugin for pre-auth pages and logout page.
#### Which issue(s) this PR fixes:
Fixes#6826
#### Special notes for your reviewer:
1. Install `Page Cache Plugin` from <https://www.halo.run/store/apps/app-BaamQ>.
2. Open a private browser window
3. Access login page twice
4. Try to login
5. See the result
#### Does this PR introduce a user-facing change?
```release-note
解决因缓存插件缓存登录页面导致无法登录的问题
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR adds globalInfo into template models and refactors password reset to adapt data binding.
Fixes https://github.com/halo-dev/halo/issues/6821
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area core
/kind bug
/milestone 2.20.x
#### What this PR does / why we need it:
修复不能正常显示邮箱验证提示的问题。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area core
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
重置密码跳转到登录页面之后,在顶部添加重置成功的提示。
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/area core
/kind improvement
/milestone 2.20.x
#### What this PR does / why we need it:
优化登录页面的 UI。
<img width="1910" alt="image" src="https://github.com/user-attachments/assets/736b1f72-e7c1-4c19-a0d9-dc935c738931">
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind improvement
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
优化校验提示信息根据用户选择的语言代替 `Locale#getDefault()#getLanguage()`
#### Does this PR introduce a user-facing change?
```release-note
None
```
#### What type of PR is this?
/kind bug
/area core
/milestone 2.20.x
#### What this PR does / why we need it:
This PR supports redirecting to URI with fragment. e.g.: <http://localhost:8090/login?redirect_uri=%2F%23afragment>(redirect_uri is `/#afragment`).
#### Which issue(s) this PR fixes:
Fixes#6767
#### Special notes for your reviewer:
1. Request <http://localhost:8090/login?redirect_uri=%2F%23afragment>
2. Log in
3. See the redirection
#### Does this PR introduce a user-facing change?
```release-note
None
```
Ryan Wang