Age | Commit message (Collapse) | Author |
|
catch Errno's and RestClient errors and throw a more meaningful error
|
|
Allow getting salt and proper error messages for invalid login attempts
|
|
make sure only our own models are loaded
|
|
This is just a quick hack. we should move all engines to a dir of their own.
|
|
* The APP_CONFIG needs to be initialized in core so that is required from other engines
* paths for load_views need to be relative to the model - not to rails root.
|
|
|
|
|
|
|
|
|
|
Migration flow for couch db
|
|
INSTALL is mostly for development and we do not include couch security advices in there
|
|
* first setup couch similar to what we'll have on the platform
* then run migrations as admin
* then drop admin privileges
* then proceed with the normal test script
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When attempting to login, the error messages should not leak information...
|
|
Conflicts:
users/lib/warden/strategies/secure_remote_password.rb
|
|
|
|
incorrect username or password on login attempt.
|
|
|
|
Feature: API version 1 fixes
|
|
use binstubs to make sure we use the right rails version
|
|
about whether a username is valid.
This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
|
|
Feature/limit usernames to specific formats, and give specific error messages
|
|
Signed-off-by: jessib <jessib@leap.se>
|
|
|
|
does common name matching)
|
|
|
|
ruby-debug breaks with 1.9
debugger breaks with 1.8.7
|
|
* using ruby 1.9.3 now
* not using leap_ca anymore
|
|
|
|
|
|
|
|
for unauthenticated ticket access.
|
|
Feature/change login
|
|
Enable free certs
|
|
|
|
* now we return the user id on login
* allow a destroy request for logging out
* added test for api sessions controller
|
|
|
|
update some user fields.
|
|
|
|
|
|
also added test for getting paid certs if free certs are disabled
|
|
|
|
|
|
|
|
password (they can leave either the same if they just want to change one, but we should make this clearer.)
|