| Age | Commit message (Collapse) | Author |
|---|
|
Feature: Token based auth
|
|
|
|
|
|
This way the failed stubbing errors were more telling
|
|
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
|
|
So far we allow two mechanisms of authentication:
* session based
* token based
If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[ci skip]
|
|
Test updating user password through api
|
|
use the same login validations on sessions and users
|
|
|
|
That's the only meaningful response.
|
|
The session ones were outdated so valid usernames could not login if they contained a '.'
Refactored so both models use the same module for this validation to ensure consistency.
|
|
|
|
|
|
|
|
Key must end in _html so the html doesn't get escaped.
|
|
Per ISEC informational issue, manually set the private property only in ...
|
|
an admin.
|
|
cases where it is an admin who set it.
|
|
Feature/identity rewrite
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
PGP setting has been moved into account settings. It's using the API now issueing an Ajax request without any visual feedback.
This obviously is not what we want but it hopefully suffices for uploading gpg keys for testing purposes before the Identity UI is in place.
|
|
Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys.
|
|
|
|
|
|
We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It's always based on a user and most default values are based on user properties.
|
|
|
|
Fix breakage due to empty config file for a given env
|
|
|
|
Bugfix/srp fix for zeroprefixed hashes
|
