summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-03-15fetch secret token for signing cookies from configAzul
2013-03-14Merge pull request #37 from azul/feature/migration-flowazul
Migration flow for couch db
2013-03-06updated deploy documentationAzul
INSTALL is mostly for development and we do not include couch security advices in there
2013-03-06simulate couch migration workflow on travisAzul
* first setup couch similar to what we'll have on the platform * then run migrations as admin * then drop admin privileges * then proceed with the normal test script
2013-03-06setup user and restrict db accessAzul
2013-03-06create sessions db - it's not a CouchRest Model db.Azul
2013-03-06make sure couchrest actually finds our models in the enginesAzul
2013-03-06restrict couch access to adminAzul
2013-03-06no auto update - migrate the couch beforeAzul
2013-03-06certs - changed the logic of free/paid certs to be limited/unlimited.elijah
2013-03-05Merge pull request #36 from leapcode/feature/limit_user_leakjessib
When attempting to login, the error messages should not leak information...
2013-03-05Merge branch 'master' into feature/limit_user_leakAzul
Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-05minor: fixed logout linkAzul
2013-03-04Update tests and documentation to reflect changed error messages with ↵jessib
incorrect username or password on login attempt.
2013-03-04make api test script work with bitmask and print logAzul
2013-03-01Merge pull request #32 from azul/feature/api-version-1-fixesazul
Feature: API version 1 fixes
2013-03-01Merge pull request #35 from azul/feature/update-install-instructionsazul
use binstubs to make sure we use the right rails version
2013-02-28When attempting to login, the error messages should not leak information ↵jessib
about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-28Merge pull request #34 from leapcode/feature/limit_usernamesjessib
Feature/limit usernames to specific formats, and give specific error messages
2013-02-28Have specific error messages for usernames with incorrect formats.jessib
Signed-off-by: jessib <jessib@leap.se>
2013-02-28use binstubs to make sure we use the right rails versionAzul
2013-02-27change free cert postfix to be a prefix (this is required for how openvpn ↵elijah
does common name matching)
2013-02-27seperated troubleshoot from installAzul
2013-02-27use debugger for ruby 1.9 - not supporting 1.8.7 anymoreAzul
ruby-debug breaks with 1.9 debugger breaks with 1.8.7
2013-02-27added TL;DR - fixed some issues with documentationAzul
* using ruby 1.9.3 now * not using leap_ca anymore
2013-02-26Merge branch 'master' into feature/limit_usernamesjessib
2013-02-26Change to language for when updating username/password.jessib
2013-02-26Changes to valid format for usernames.jessib
2013-02-26Not using secure random, at least now, as using the couchrest ID as the code ↵jessib
for unauthenticated ticket access.
2013-02-26Merge pull request #28 from leapcode/feature/change_loginjessib
Feature/change login
2013-02-26Merge pull request #27 from leapcode/feature/free-certsazul
Enable free certs
2013-02-26minor: using ?: operator for cert postfixAzul
2013-02-26api for sessions fixedAzul
* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
2013-02-26git ignore binstubsAzul
2013-02-25Admins cannot update a user. Eventually we will want to allow admins to ↵jessib
update some user fields.
2013-02-25Slight refactoring of partialsjessib
2013-02-25Add hint that password change is optionaljessib
2013-02-25tests refactored with with_config helperAzul
also added test for getting paid certs if free certs are disabled
2013-02-25added configuration setting for disabling free certsAzul
2013-02-25enable free certs with a common name postfixAzul
2013-02-25enable free certs in the controllerAzul
2013-02-19Needs some cleanup, but this has one form where user can change username and ↵jessib
password (they can leave either the same if they just want to change one, but we should make this clearer.)
2013-02-19Only check if last email alias is valid if the user has a last email alias.jessib
2013-02-09configure couchrest session store in initializerAzul
2013-02-09prerelease version of couchrest_session_storeAzul
2013-02-09fall back to {} if config file is empty for environmentAzul
2013-02-09use at least couchrest_session_store 0.0.8Azul
2013-02-09use couchrest_session_store 0.0.7Azul
2013-02-08make sure we use at least rails 3.2.11Azul
2013-02-08bumped version to 0.1.20.1.2Azul