Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-09-03 | expire token according to config setting auth:token_expires_after | Azul | |
2013-09-03 | use Token#authenticate for authentication | Azul | |
This will return the user. But we can add timestamp validations and updates here. | |||
2013-09-02 | Merge pull request #78 from jessib/finish_removing_email_settings_references | azul | |
Remove references to email_settings controller, which has been removed. ... | |||
2013-09-02 | Remove references to email_settings controller, which has been removed. An ↵ | jessib | |
identities controller will replace it. | |||
2013-09-02 | Merge pull request #77 from azul/feature/3522-configurable-logfile | jessib | |
add config setting for logfile | |||
2013-09-02 | Merge pull request #74 from azul/refactor/finding-users | jessib | |
there's no need for User#find_by_param. clean it up | |||
2013-09-02 | document the logfile option in the defaults.yml | Azul | |
2013-09-02 | add config setting for logfile | Azul | |
This is the most simple thing that could possibly work. If you do not specify a :logfile in your environments config Rails will use the default. | |||
2013-08-30 | also replace find_by_param in billing engine | Azul | |
2013-08-30 | there's no need for User#find_by_param. clean it up | Azul | |
2013-08-27 | Not ideal way to do it, but was proving complicated to have a config file ↵ | jessib | |
specify which gems for which environments. Here, we have the billing gem included for the development and test environments only, hardcoded in the Gemfile. Then we show the links to billing based on a config file setting. The setting itself could be used to specify different types of billing, but isn't yet. | |||
2013-08-27 | Merge branch 'master' into billing_with_tests | jessib | |
2013-08-27 | Merge pull request #72 from azul/feature/token-based-auth | jessib | |
Feature: Token based auth | |||
2013-08-27 | refactor: Changing the py test to use less globals and session only locally. | Azul | |
2013-08-27 | use token to update user password | Azul | |
2013-08-27 | separate different tests for showing non existant user | Azul | |
This way the failed stubbing errors were more telling | |||
2013-08-27 | token.user will get you the right user | Azul | |
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. | |||
2013-08-27 | do not redirect if no token present | Azul | |
So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error. | |||
2013-08-27 | make sure find_record still works with real records | Azul | |
2013-08-27 | clear token on logout with test | Azul | |
2013-08-27 | basic testing for token based auth in tests | Azul | |
2013-08-27 | first steps towards enabling token based auth | Azul | |
2013-08-27 | sort authentication controller extension | Azul | |
2013-08-27 | minor: remove puts line | Azul | |
2013-08-26 | add public/img and config/couchdb.yml.* to gitignore | Azul | |
[ci skip] | |||
2013-08-22 | Disable billing for pull request. | jessib | |
2013-08-22 | Some more billing cleanup. | jessib | |
2013-08-22 | Merge pull request #69 from azul/bugfix/update_user_password_through_api | jessib | |
Test updating user password through api | |||
2013-08-22 | Merge pull request #70 from azul/bugfix/validate_login_like_signup | jessib | |
use the same login validations on sessions and users | |||
2013-08-21 | Merge remote-tracking branch 'jessib/js_warning' | Azul | |
2013-08-21 | return 204 NO CONTENT on API logout | Azul | |
That's the only meaningful response. | |||
2013-08-21 | use the same login validations on sessions and users | Azul | |
The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency. | |||
2013-08-21 | also test updating the user password in python against dev.bm | Azul | |
2013-08-21 | integration test updating users password | Azul | |
2013-08-20 | Tweak to parameters to fix wrong-number-of-arguments error blocking other work. | jessib | |
2013-08-19 | Change JS warning message per https://leap.se/code/issues/3492 | jessib | |
Key must end in _html so the html doesn't get escaped. | |||
2013-08-15 | Some notes on tests that don't work. (Failing tests are skipped though.) | jessib | |
2013-08-15 | Merge pull request #66 from jessib/feature/comment_creation_access | azul | |
Per ISEC informational issue, manually set the private property only in ... | |||
2013-08-13 | Option to disable billing engine and hide billing related links. To actual ↵ | jessib | |
disable, must remove billing engine from Gemfile (and re-bundle) | |||
2013-08-13 | Fix this, so the comment will get set to false in cases where the user isn't ↵ | jessib | |
an admin. | |||
2013-08-12 | Remove broken test. | jessib | |
2013-08-12 | Merge pull request #2 from azul/feature/billing-with-passing-tests | jessib | |
fix billing tests to use user id with customer resources | |||
2013-08-12 | Per ISEC informational issue, manually set the private property only in ↵ | jessib | |
cases where it is an admin who set it. | |||
2013-08-12 | more integration tests for billing | Azul | |
2013-08-09 | fix billing tests to use user id with customer resources | Azul | |
I think this is very confusing and should be changed to: resource :users do |user| user.resource :customer end | |||
2013-08-08 | Merge pull request #1 from azul/braintree_conf_from_file | jessib | |
Read Braintree config from file | |||
2013-08-08 | Merge pull request #64 from azul/feature/identity-rewrite | jessib | |
Feature/identity rewrite | |||
2013-08-08 | Still a bit hacky, but catching some more corner cases as far as setting the ↵ | jessib | |
user variable, due to complication that an admin might be accessing data for another user. | |||
2013-08-08 | read braintree configuration from config/config.yml | Azul | |
This can be set per environment and also is not tracked in git | |||
2013-08-08 | Merge branch 'bugfix/3410-close-srp-vulnerablility' | Azul | |