leap_web.git - [leap

Age	Commit message (Collapse)	Author
2013-04-09	adopting tests to new behavior	Azul

2013-04-09	return token on successful login via api	Azul

2013-04-09	let's use safe ids instead of the default couch ones	Azul
	Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe.
2013-04-09	initial token model and unit test	Azul

2013-04-09	added vim tempfiles to gitignore	Azul

2013-04-08	Merge pull request #39 from azul/feature/keep-session-secret	jessib
	fetch secret token for signing cookies from config
2013-04-08	Merge pull request #38 from azul/feature/meainingful_couch_error	jessib
	catch Errno's and RestClient errors and throw a more meaningful error
2013-04-08	Merge pull request #41 from azul/feature/allow-getting-salt	jessib
	Allow getting salt and proper error messages for invalid login attempts
2013-04-05	Merge pull request #42 from azul/bugfix/fix-migration-requiring-active-record	azul
	make sure only our own models are loaded
2013-04-05	make sure only our own models are loaded	Azul
	This is just a quick hack. we should move all engines to a dir of their own.
2013-04-03	make sure user tests also run when run from users subdir	Azul
	* The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root.
2013-04-03	fixed tests to use setup and teardown blocks	Azul

2013-04-02	send more meaningful error message on completely failed login attempt	Azul

2013-04-02	send salt on Session#create without srp ephemeral A	Azul

2013-03-15	fetch secret token for signing cookies from config	Azul

2013-03-14	catch Errno's and RestClient errors and throw a more meaningful couchrest error	Azul

2013-03-14	Merge pull request #37 from azul/feature/migration-flow	azul
	Migration flow for couch db
2013-03-06	updated deploy documentation	Azul
	INSTALL is mostly for development and we do not include couch security advices in there
2013-03-06	simulate couch migration workflow on travis	Azul
	* first setup couch similar to what we'll have on the platform * then run migrations as admin * then drop admin privileges * then proceed with the normal test script
2013-03-06	setup user and restrict db access	Azul

2013-03-06	create sessions db - it's not a CouchRest Model db.	Azul

2013-03-06	make sure couchrest actually finds our models in the engines	Azul

2013-03-06	restrict couch access to admin	Azul

2013-03-06	no auto update - migrate the couch before	Azul

2013-03-06	certs - changed the logic of free/paid certs to be limited/unlimited.	elijah

2013-03-05	Merge pull request #36 from leapcode/feature/limit_user_leak	jessib
	When attempting to login, the error messages should not leak information...
2013-03-05	Merge branch 'master' into feature/limit_user_leak	Azul
	Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-05	minor: fixed logout link	Azul

2013-03-04	Update tests and documentation to reflect changed error messages with ↵	jessib
	incorrect username or password on login attempt.
2013-03-04	make api test script work with bitmask and print log	Azul

2013-03-01	Merge pull request #32 from azul/feature/api-version-1-fixes	azul
	Feature: API version 1 fixes
2013-03-01	Merge pull request #35 from azul/feature/update-install-instructions	azul
	use binstubs to make sure we use the right rails version
2013-02-28	When attempting to login, the error messages should not leak information ↵	jessib
	about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-28	Merge pull request #34 from leapcode/feature/limit_usernames	jessib
	Feature/limit usernames to specific formats, and give specific error messages
2013-02-28	Have specific error messages for usernames with incorrect formats.	jessib
	Signed-off-by: jessib <jessib@leap.se>
2013-02-28	use binstubs to make sure we use the right rails version	Azul

2013-02-27	change free cert postfix to be a prefix (this is required for how openvpn ↵	elijah
	does common name matching)
2013-02-27	seperated troubleshoot from install	Azul

2013-02-27	use debugger for ruby 1.9 - not supporting 1.8.7 anymore	Azul
	ruby-debug breaks with 1.9 debugger breaks with 1.8.7
2013-02-27	added TL;DR - fixed some issues with documentation	Azul
	* using ruby 1.9.3 now * not using leap_ca anymore
2013-02-26	Merge branch 'master' into feature/limit_usernames	jessib

2013-02-26	Change to language for when updating username/password.	jessib

2013-02-26	Changes to valid format for usernames.	jessib

2013-02-26	Not using secure random, at least now, as using the couchrest ID as the code ↵	jessib
	for unauthenticated ticket access.
2013-02-26	Merge pull request #28 from leapcode/feature/change_login	jessib
	Feature/change login
2013-02-26	Merge pull request #27 from leapcode/feature/free-certs	azul
	Enable free certs
2013-02-26	minor: using ?: operator for cert postfix	Azul

2013-02-26	api for sessions fixed	Azul
	* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
2013-02-26	git ignore binstubs	Azul

2013-02-25	Admins cannot update a user. Eventually we will want to allow admins to ↵	jessib
	update some user fields.