| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-03-19 | Handle conflict on token cleanup - fixes #7670 | Azul | |
| the only race condition I can think of here is this... somebody tries to authenticate with a token that is almost expired. auth checks and notices it is not expired yet so starts to prolonge it. Before the polonged token is written to the db the cleanup script discovers that it has just expired. prolonged token is written to the db cleanup script fails to delete it from the db as it has been updated. So what we want in this case is to keep the token alive as it was renewed in the last minute. | |||
| 2015-03-17 | add support for rotating tokens and sessions databases, and for a special ↵ | elijah | |
| tmp db for test users. | |||
| 2014-05-26 | hash token with sha512 against timing attacs #3398 | Azul | |
| 2014-05-13 | allow for usernames with dots | Azul | |
| preparing for #5664 with some test improvements i ran into this issue This commit includes a fix and the test improvements. In particular it adds BrowserIntegrationTest#login - so there is no need to go through the signup procedure everytime you want a user to be logged in. | |||
| 2014-04-08 | moving users: app and test files | Azul | |
 |
index : leap_web.git | |
| [leap_web] | git repository hosting |
| summaryrefslogtreecommitdiff |