summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-02-28When attempting to login, the error messages should not leak information ↵jessib
about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-26Change to language for when updating username/password.jessib
2013-02-26Not using secure random, at least now, as using the couchrest ID as the code ↵jessib
for unauthenticated ticket access.
2013-02-26Merge pull request #28 from leapcode/feature/change_loginjessib
Feature/change login
2013-02-26Merge pull request #27 from leapcode/feature/free-certsazul
Enable free certs
2013-02-26minor: using ?: operator for cert postfixAzul
2013-02-25Admins cannot update a user. Eventually we will want to allow admins to ↵jessib
update some user fields.
2013-02-25Slight refactoring of partialsjessib
2013-02-25Add hint that password change is optionaljessib
2013-02-25tests refactored with with_config helperAzul
also added test for getting paid certs if free certs are disabled
2013-02-25added configuration setting for disabling free certsAzul
2013-02-25enable free certs with a common name postfixAzul
2013-02-25enable free certs in the controllerAzul
2013-02-19Needs some cleanup, but this has one form where user can change username and ↵jessib
password (they can leave either the same if they just want to change one, but we should make this clearer.)
2013-02-19Only check if last email alias is valid if the user has a last email alias.jessib
2013-02-09configure couchrest session store in initializerAzul
2013-02-09prerelease version of couchrest_session_storeAzul
2013-02-09fall back to {} if config file is empty for environmentAzul
2013-02-09use at least couchrest_session_store 0.0.8Azul
2013-02-09use couchrest_session_store 0.0.7Azul
2013-02-08make sure we use at least rails 3.2.11Azul
2013-02-08bumped version to 0.1.20.1.2Azul
2013-02-08Merge pull request #26 from leapcode/feature/use-couchrest-session-storeazul
Actually use couchrest session store
2013-02-08working around bundler not finding the pushed gemAzul
2013-02-08Merge remote-tracking branch 'origin/master' into ↵Azul
feature/use-couchrest-session-store
2013-02-07use latest couchrest session store - this one actually worksAzul
2013-02-07Merge branch 'master' into feature/use-couchrest-session-storeAzul
2013-02-07Use more recent version of bootstrap-editable-rails, and a change to have ↵jessib
the editing be inline rather than popup.
2013-02-06Merge pull request #25 from leapcode/feature/keep-session-smallazul
Ensure user data does not clutter session[:handshake]
2013-02-06we don't add srp stuff to user class anymoreAzul
warden srp strategy in lib has it all.
2013-02-06using ruby-srp 0.1.5 SRP::Client to wrap user in sessionAzul
2013-02-06Merge pull request #24 from leapcode/feature/fix-certsazul
make sure we use certificate_authority version 0.2.0
2013-02-06make sure we use certificate_authority version 0.2.0Azul
2013-02-06Merge remote-tracking branch 'leap/master'Azul
2013-02-05certs -- added failing test that detects problem with certificate generation ↵elijah
and out of order issuer field.
2013-02-05certs -- fix bug with date calculation of 'yesterday'elijah
2013-02-05added note about running tests to READMEelijah
2013-02-05Tweaks because user attribute is now email_address, not emailjessib
2013-02-05use the latest couch rest session storeAzul
and actually use it - initializer was broken before
2013-02-05minor: we don't use cap anymore but puppet - documentation now reflects thatAzul
2013-02-04removing bootstrap-editable-inline as that does not exist anymoreAzul
2013-01-31Merge pull request #23 from leapcode/feature/rest_apijessib
Allow PUT API to update user.
2013-01-31Remove public key if the key is passed as nil, but not otherwise.jessib
There was a weird case with reloading the user in the test if the public key had been unset.
2013-01-31config key is not ca_cert_path anymore - client_ca_certAzul
2013-01-31Merge pull request #22 from leapcode/feature/merge_leap_caazul
merge leap ca
2013-01-29A user's public_key is the only attribute they should be able to update via API.jessib
2013-01-29Allow PUT API to update user.jessib
2013-01-26no need to store the cert anymore - just new initialize and send itAzul
2013-01-26adopting tests to the way certs work now. should pass.Azul
* We now generate cert and key on validate. * we don't expect the controller to pick from the pool anymore - just create instead
2013-01-26we're not using a cert pool anymore - remove anything relatedAzul