summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-06-13Quick way to give warnings if javascript and/or cookies are not enabled. ↵jessib
Will want to tweak so the code isn't redundant, and ideally so check for cookies doesn't rely on javascript. And we'll want to expand the texts.
2013-04-25Merge pull request #40 from azul/feature/token-authjessib
Token auth with a database of it's own
2013-04-25Merge pull request #44 from azul/bugfix/2298-fix-couchdb-viewjessib
Bugfix/2298 fix couchdb view
2013-04-24added test for pgp key viewAzul
2013-04-24renamed and fixed pgp_key viewAzul
2013-04-22added "known problems" to the READMEelijah
2013-04-18remove 'api' subdomain restrictionelijah
2013-04-09adopting tests to new behaviorAzul
2013-04-09Merge pull request #43 from azul/feature/pgp_key_by_email_viewjessib
adding view of pgp key by login or email aliases
2013-04-09adding initial viewAzul
2013-04-09return token on successful login via apiAzul
2013-04-09let's use safe ids instead of the default couch onesAzul
Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe.
2013-04-09initial token model and unit testAzul
2013-04-09added vim tempfiles to gitignoreAzul
2013-04-08Merge pull request #39 from azul/feature/keep-session-secretjessib
fetch secret token for signing cookies from config
2013-04-08Merge pull request #38 from azul/feature/meainingful_couch_errorjessib
catch Errno's and RestClient errors and throw a more meaningful error
2013-04-08Merge pull request #41 from azul/feature/allow-getting-saltjessib
Allow getting salt and proper error messages for invalid login attempts
2013-04-05Merge pull request #42 from azul/bugfix/fix-migration-requiring-active-recordazul
make sure only our own models are loaded
2013-04-05make sure only our own models are loadedAzul
This is just a quick hack. we should move all engines to a dir of their own.
2013-04-03make sure user tests also run when run from users subdirAzul
* The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root.
2013-04-03fixed tests to use setup and teardown blocksAzul
2013-04-02send more meaningful error message on completely failed login attemptAzul
2013-04-02send salt on Session#create without srp ephemeral AAzul
2013-03-15fetch secret token for signing cookies from configAzul
2013-03-14catch Errno's and RestClient errors and throw a more meaningful couchrest errorAzul
2013-03-14Merge pull request #37 from azul/feature/migration-flowazul
Migration flow for couch db
2013-03-06updated deploy documentationAzul
INSTALL is mostly for development and we do not include couch security advices in there
2013-03-06simulate couch migration workflow on travisAzul
* first setup couch similar to what we'll have on the platform * then run migrations as admin * then drop admin privileges * then proceed with the normal test script
2013-03-06setup user and restrict db accessAzul
2013-03-06create sessions db - it's not a CouchRest Model db.Azul
2013-03-06make sure couchrest actually finds our models in the enginesAzul
2013-03-06restrict couch access to adminAzul
2013-03-06no auto update - migrate the couch beforeAzul
2013-03-06certs - changed the logic of free/paid certs to be limited/unlimited.elijah
2013-03-05Merge pull request #36 from leapcode/feature/limit_user_leakjessib
When attempting to login, the error messages should not leak information...
2013-03-05Merge branch 'master' into feature/limit_user_leakAzul
Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-05minor: fixed logout linkAzul
2013-03-04Update tests and documentation to reflect changed error messages with ↵jessib
incorrect username or password on login attempt.
2013-03-04make api test script work with bitmask and print logAzul
2013-03-01Merge pull request #32 from azul/feature/api-version-1-fixesazul
Feature: API version 1 fixes
2013-03-01Merge pull request #35 from azul/feature/update-install-instructionsazul
use binstubs to make sure we use the right rails version
2013-02-28When attempting to login, the error messages should not leak information ↵jessib
about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-28Merge pull request #34 from leapcode/feature/limit_usernamesjessib
Feature/limit usernames to specific formats, and give specific error messages
2013-02-28Have specific error messages for usernames with incorrect formats.jessib
Signed-off-by: jessib <jessib@leap.se>
2013-02-28use binstubs to make sure we use the right rails versionAzul
2013-02-27change free cert postfix to be a prefix (this is required for how openvpn ↵elijah
does common name matching)
2013-02-27seperated troubleshoot from installAzul
2013-02-27use debugger for ruby 1.9 - not supporting 1.8.7 anymoreAzul
ruby-debug breaks with 1.9 debugger breaks with 1.8.7
2013-02-27added TL;DR - fixed some issues with documentationAzul
* using ruby 1.9.3 now * not using leap_ca anymore
2013-02-26Merge branch 'master' into feature/limit_usernamesjessib