Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
Token auth with a database of it's own
|
|
Bugfix/2298 fix couchdb view
|
|
|
|
|
|
|
|
|
|
|
|
adding view of pgp key by login or email aliases
|
|
|
|
|
|
Couch uses partly random partly sequential ids by default. We could
change that in couch config to be all random. But this is probably more
safe.
|
|
|
|
|
|
fetch secret token for signing cookies from config
|
|
catch Errno's and RestClient errors and throw a more meaningful error
|
|
Allow getting salt and proper error messages for invalid login attempts
|
|
make sure only our own models are loaded
|
|
This is just a quick hack. we should move all engines to a dir of their own.
|
|
* The APP_CONFIG needs to be initialized in core so that is required from other engines
* paths for load_views need to be relative to the model - not to rails root.
|
|
|
|
|
|
|
|
|
|
|
|
Migration flow for couch db
|
|
INSTALL is mostly for development and we do not include couch security advices in there
|
|
* first setup couch similar to what we'll have on the platform
* then run migrations as admin
* then drop admin privileges
* then proceed with the normal test script
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When attempting to login, the error messages should not leak information...
|
|
Conflicts:
users/lib/warden/strategies/secure_remote_password.rb
|
|
|
|
incorrect username or password on login attempt.
|
|
|
|
Feature: API version 1 fixes
|
|
use binstubs to make sure we use the right rails version
|
|
about whether a username is valid.
This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
|
|
Feature/limit usernames to specific formats, and give specific error messages
|
|
Signed-off-by: jessib <jessib@leap.se>
|
|
|