Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-04-04 | redirect home when logged in visits /signup (#5446) | Azul | |
2014-02-10 | Merge pull request #139 from azul/refactor/tweaks-to-messages | jessib | |
Refactor/tweaks to messages | |||
2014-02-10 | require_token now checks for token and login | Azul | |
2014-02-10 | require token in messages controller | Azul | |
2014-02-10 | require token when logging out via API | Azul | |
2014-02-10 | require token when updating user via API | Azul | |
2014-02-10 | rename authorize to require_login | Azul | |
authorize_admin -> require_admin also add require_token which will ensure token has been used for auth. | |||
2014-02-10 | minor: refactor token auth a bit | Azul | |
2014-02-10 | minor: move some logic from message controller into model | Azul | |
2014-01-27 | Merge branch 'develop' into feature/messages_api | jessib | |
Conflicts: users/config/locales/en.yml | |||
2014-01-23 | added a customizable 'bye' page for when a user leaves | elijah | |
2014-01-09 | Some more cleanup, but still want to make sure ↵ | jessib | |
by_user_ids_to_show_and_created_at view is right before issuing pull request. | |||
2014-01-07 | Some refactoring, to simplify user model, optimize, and allow messages to be ↵ | jessib | |
sorted by date (although are not now.) Also, rather than use whenever gem, will have cron job created to call task. | |||
2013-12-31 | Add authentication to API, but not sure it is best way. | jessib | |
2013-12-31 | Cleanup of code for messages API and cron job for 1 month payment warning. ↵ | jessib | |
Authentication still remaining piece. | |||
2013-12-30 | Change structure to be more no-sql-y, rather than relational. | jessib | |
2013-12-24 | Catching some corner cases & new tests. | jessib | |
2013-12-24 | Add API tests and some refactoring of messages so we can get a user's ↵ | jessib | |
messages within the webapp. | |||
2013-12-24 | API method to mark a user's message as read (will refactor) | jessib | |
2013-12-24 | Initial start to messages API. | jessib | |
2013-12-22 | locale prefix support: | elijah | |
* set locale based on request header * enforce locale path prefix when current locale is not the default * note: don't use root_path anymore, instead use home_path | |||
2013-12-16 | Fix issue 4756: /login should not crash if one goes there when logged in. | jessib | |
2013-12-13 | refactor: remove Overview controller - we can use Users#show | Azul | |
we were only using Users#show to redirect to the edit action. So I replaced that with the overview and we have no more use for the extra controller. This also simplifies linking to the users in question a lot. | |||
2013-12-09 | Merge pull request #119 from jessib/feature/service_level | azul | |
Feature/service level | |||
2013-12-06 | make sure key responses are plain text | elijah | |
2013-12-02 | Merge branch 'develop' into feature/service_level | jessib | |
2013-11-25 | Give 404 error if one goes to /key/user for non-existing user. | jessib | |
2013-11-21 | Refactoring of code, and tests. | jessib | |
2013-11-18 | Need to cleanup some, but start to show public key for /key/username | jessib | |
2013-11-18 | Start of service level code, which will be tweaked | jessib | |
* stores desired & effective service level * whenever desired level is changed, effective level will be updated * allows user to set their desired service level * allow admin to update desired & effective service level | |||
2013-11-06 | use the account lifecycle from UsersController#destroy | Azul | |
2013-10-30 | notify user their account was successfully deleted (refs #4216) | Azul | |
Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well. | |||
2013-09-24 | use token auth when accessing the api from webapp | Azul | |
One failing integration test still needs to be fixed | |||
2013-09-18 | user.account shortcut to Account.new(user) | Azul | |
2013-09-03 | Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly | jessib | |
Bugfix/3623 teardown test data properly | |||
2013-09-03 | Merge pull request #75 from azul/feature/token-expiry | jessib | |
Token expiry | |||
2013-09-03 | clearify usage of V1::UsersController#index for autocomplete | Azul | |
[skip ci] | |||
2013-09-03 | remove email aliases controller - we don't use it anymore | Azul | |
2013-09-03 | Cleanup sessions controller - webapp logs in through the api. | Azul | |
So the #create and #update actions were not needed anymore. Also removed the tests | |||
2013-09-03 | Account: Composition to handle User and its identities | Azul | |
We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests). | |||
2013-09-03 | use Token#authenticate for authentication | Azul | |
This will return the user. But we can add timestamp validations and updates here. | |||
2013-09-02 | Remove references to email_settings controller, which has been removed. An ↵ | jessib | |
identities controller will replace it. | |||
2013-08-30 | there's no need for User#find_by_param. clean it up | Azul | |
2013-08-27 | Merge branch 'master' into billing_with_tests | jessib | |
2013-08-27 | token.user will get you the right user | Azul | |
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. | |||
2013-08-27 | do not redirect if no token present | Azul | |
So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error. | |||
2013-08-27 | clear token on logout with test | Azul | |
2013-08-27 | basic testing for token based auth in tests | Azul | |
2013-08-27 | first steps towards enabling token based auth | Azul | |
2013-08-27 | sort authentication controller extension | Azul | |