Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-02-10 | require token when logging out via API | Azul | |
2014-02-10 | require token when updating user via API | Azul | |
2014-02-10 | rename authorize to require_login | Azul | |
authorize_admin -> require_admin also add require_token which will ensure token has been used for auth. | |||
2014-02-10 | minor: refactor token auth a bit | Azul | |
2014-01-27 | Merge branch 'develop' into feature/messages_api | jessib | |
Conflicts: users/config/locales/en.yml | |||
2014-01-23 | added a customizable 'bye' page for when a user leaves | elijah | |
2014-01-09 | Some more cleanup, but still want to make sure ↵ | jessib | |
by_user_ids_to_show_and_created_at view is right before issuing pull request. | |||
2014-01-07 | Some refactoring, to simplify user model, optimize, and allow messages to be ↵ | jessib | |
sorted by date (although are not now.) Also, rather than use whenever gem, will have cron job created to call task. | |||
2013-12-31 | Add authentication to API, but not sure it is best way. | jessib | |
2013-12-31 | Cleanup of code for messages API and cron job for 1 month payment warning. ↵ | jessib | |
Authentication still remaining piece. | |||
2013-12-30 | Change structure to be more no-sql-y, rather than relational. | jessib | |
2013-12-24 | Catching some corner cases & new tests. | jessib | |
2013-12-24 | Add API tests and some refactoring of messages so we can get a user's ↵ | jessib | |
messages within the webapp. | |||
2013-12-24 | API method to mark a user's message as read (will refactor) | jessib | |
2013-12-24 | Initial start to messages API. | jessib | |
2013-12-22 | locale prefix support: | elijah | |
* set locale based on request header * enforce locale path prefix when current locale is not the default * note: don't use root_path anymore, instead use home_path | |||
2013-12-16 | Fix issue 4756: /login should not crash if one goes there when logged in. | jessib | |
2013-12-13 | refactor: remove Overview controller - we can use Users#show | Azul | |
we were only using Users#show to redirect to the edit action. So I replaced that with the overview and we have no more use for the extra controller. This also simplifies linking to the users in question a lot. | |||
2013-12-09 | Merge pull request #119 from jessib/feature/service_level | azul | |
Feature/service level | |||
2013-12-06 | make sure key responses are plain text | elijah | |
2013-12-02 | Merge branch 'develop' into feature/service_level | jessib | |
2013-11-25 | Give 404 error if one goes to /key/user for non-existing user. | jessib | |
2013-11-21 | Refactoring of code, and tests. | jessib | |
2013-11-18 | Need to cleanup some, but start to show public key for /key/username | jessib | |
2013-11-18 | Start of service level code, which will be tweaked | jessib | |
* stores desired & effective service level * whenever desired level is changed, effective level will be updated * allows user to set their desired service level * allow admin to update desired & effective service level | |||
2013-11-06 | use the account lifecycle from UsersController#destroy | Azul | |
2013-10-30 | notify user their account was successfully deleted (refs #4216) | Azul | |
Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well. | |||
2013-09-24 | use token auth when accessing the api from webapp | Azul | |
One failing integration test still needs to be fixed | |||
2013-09-18 | user.account shortcut to Account.new(user) | Azul | |
2013-09-03 | Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly | jessib | |
Bugfix/3623 teardown test data properly | |||
2013-09-03 | Merge pull request #75 from azul/feature/token-expiry | jessib | |
Token expiry | |||
2013-09-03 | clearify usage of V1::UsersController#index for autocomplete | Azul | |
[skip ci] | |||
2013-09-03 | remove email aliases controller - we don't use it anymore | Azul | |
2013-09-03 | Cleanup sessions controller - webapp logs in through the api. | Azul | |
So the #create and #update actions were not needed anymore. Also removed the tests | |||
2013-09-03 | Account: Composition to handle User and its identities | Azul | |
We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests). | |||
2013-09-03 | use Token#authenticate for authentication | Azul | |
This will return the user. But we can add timestamp validations and updates here. | |||
2013-09-02 | Remove references to email_settings controller, which has been removed. An ↵ | jessib | |
identities controller will replace it. | |||
2013-08-30 | there's no need for User#find_by_param. clean it up | Azul | |
2013-08-27 | Merge branch 'master' into billing_with_tests | jessib | |
2013-08-27 | token.user will get you the right user | Azul | |
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. | |||
2013-08-27 | do not redirect if no token present | Azul | |
So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error. | |||
2013-08-27 | clear token on logout with test | Azul | |
2013-08-27 | basic testing for token based auth in tests | Azul | |
2013-08-27 | first steps towards enabling token based auth | Azul | |
2013-08-27 | sort authentication controller extension | Azul | |
2013-08-21 | return 204 NO CONTENT on API logout | Azul | |
That's the only meaningful response. | |||
2013-07-24 | separate signup and settings service objects for user | Azul | |
2013-07-24 | removed email settings controller and views | Azul | |
PGP setting has been moved into account settings. It's using the API now issueing an Ajax request without any visual feedback. This obviously is not what we want but it hopefully suffices for uploading gpg keys for testing purposes before the Identity UI is in place. | |||
2013-07-17 | fix account flow integration test | Azul | |
not really sure what to do if the second step of srp auth is repeated. | |||
2013-07-11 | Slight tweak in case we get back the default response to warden's fail!, ↵ | jessib | |
which is not an enumerable. |