No description

Find a file

Armaël Guéneau d7e6646226 add small todo		2024-12-20 20:51:06 +01:00
src	Move "lock account + send email" to a worker with retries	2024-12-20 20:48:16 +01:00
static	Add a new /classified page that allows editing classifications	2024-12-18 17:06:45 +01:00
templates	Add a new /classified page that allows editing classifications	2024-12-18 17:06:45 +01:00
.gitignore	.	2024-12-18 08:36:18 +01:00
Cargo.lock	Notify users by email when locking their account (wip: error handling)	2024-12-20 10:18:37 +01:00
Cargo.toml	Notify users by email when locking their account (wip: error handling)	2024-12-20 10:18:37 +01:00
model.json	Fix redirect response on POST by explicitly sending the page URI	2024-12-19 12:49:16 +01:00
README.md	add small todo	2024-12-20 20:51:06 +01:00

spam management for forgejo

Usage

create an API token for your admin account, and write it in an api_token file at the root of the repo
remove model.json if you want to start with no pre-existing model of what is spam or not. Or keep it to use the current classifier. The file gets updated when using the tool: the classifier learns from spam/legit decisions and should get progressively better at identifying spam.
run: cargo run
classify users as spam/not spam. Right now the classification is stored locally in db.json, no concrete action is taken. (Ultimately we will want to lock/delete accounts, etc.)

gate the actual account lock/email/deletion behind an environment variable for easy testing and to limit bad surprises
discuss the current design choices for when locking the account/sending a notification email fails. (Current behavior is to periodically retry, avoid deleting if the account could not be locked, but delete the account after the grace period even if the email could not be sent…)
add backend to store data on garage instead of local files
replate the api_token file with a better mechanism: oauth maybe?
improve error handling