Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-11-18 | Need to cleanup some, but start to show public key for /key/username | jessib | |
2013-11-06 | use the account lifecycle from UsersController#destroy | Azul | |
2013-10-30 | notify user their account was successfully deleted (refs #4216) | Azul | |
Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well. | |||
2013-09-24 | use token auth when accessing the api from webapp | Azul | |
One failing integration test still needs to be fixed | |||
2013-09-18 | user.account shortcut to Account.new(user) | Azul | |
2013-09-03 | Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly | jessib | |
Bugfix/3623 teardown test data properly | |||
2013-09-03 | Merge pull request #75 from azul/feature/token-expiry | jessib | |
Token expiry | |||
2013-09-03 | clearify usage of V1::UsersController#index for autocomplete | Azul | |
[skip ci] | |||
2013-09-03 | remove email aliases controller - we don't use it anymore | Azul | |
2013-09-03 | Cleanup sessions controller - webapp logs in through the api. | Azul | |
So the #create and #update actions were not needed anymore. Also removed the tests | |||
2013-09-03 | Account: Composition to handle User and its identities | Azul | |
We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests). | |||
2013-09-03 | use Token#authenticate for authentication | Azul | |
This will return the user. But we can add timestamp validations and updates here. | |||
2013-09-02 | Remove references to email_settings controller, which has been removed. An ↵ | jessib | |
identities controller will replace it. | |||
2013-08-30 | there's no need for User#find_by_param. clean it up | Azul | |
2013-08-27 | Merge branch 'master' into billing_with_tests | jessib | |
2013-08-27 | token.user will get you the right user | Azul | |
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. | |||
2013-08-27 | do not redirect if no token present | Azul | |
So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error. | |||
2013-08-27 | clear token on logout with test | Azul | |
2013-08-27 | basic testing for token based auth in tests | Azul | |
2013-08-27 | first steps towards enabling token based auth | Azul | |
2013-08-27 | sort authentication controller extension | Azul | |
2013-08-21 | return 204 NO CONTENT on API logout | Azul | |
That's the only meaningful response. | |||
2013-07-24 | separate signup and settings service objects for user | Azul | |
2013-07-24 | removed email settings controller and views | Azul | |
PGP setting has been moved into account settings. It's using the API now issueing an Ajax request without any visual feedback. This obviously is not what we want but it hopefully suffices for uploading gpg keys for testing purposes before the Identity UI is in place. | |||
2013-07-17 | fix account flow integration test | Azul | |
not really sure what to do if the second step of srp auth is repeated. | |||
2013-07-11 | Slight tweak in case we get back the default response to warden's fail!, ↵ | jessib | |
which is not an enumerable. | |||
2013-07-11 | Merge branch 'master' into feature/authentication_generic_error | jessib | |
2013-07-09 | Merge branch 'master' into feature/authentication_generic_error | jessib | |
Conflicts: app/views/layouts/_messages.html.haml app/views/layouts/application.html.haml users/app/assets/javascripts/users.js.coffee | |||
2013-07-08 | Merge branch 'master' into feature/disable_account | jessib | |
Conflicts: users/app/controllers/users_controller.rb users/app/helpers/users_helper.rb users/app/views/users/edit.html.haml users/app/views/users/show.html.haml users/config/locales/en.yml | |||
2013-07-04 | redirect to root after user destroy | elijah | |
2013-07-04 | user tests -- user update has been moved entirely to api controller, so fix ↵ | elijah | |
tests to reflect this. | |||
2013-07-04 | allow forms with blank email forward. | elijah | |
2013-07-04 | users - make a nice overview page (well, nice enough) and better users ↵ | elijah | |
index/search. | |||
2013-07-04 | fix user typeahead | elijah | |
2013-07-04 | users engine changes - rewrite of the views, separate email settings to a ↵ | elijah | |
separate controller, make users_controller html only and v1/users_controller json only. | |||
2013-07-04 | add js to report all errors to the user, not just ones related to field ↵ | elijah | |
validation. | |||
2013-07-04 | add commented out code of how redirect should work with Warden, although I ↵ | elijah | |
can't get it working. | |||
2013-07-04 | new ui - initial user changes | elijah | |
2013-07-03 | Accounts can be enabled or not. Admins can edit this property. | jessib | |
2013-06-27 | Want to tweak some, but start to displaying base generic message via javascript. | jessib | |
2013-06-20 | For removing account, redirect to root path, and ask confirmation message: | jessib | |
https://leap.se/code/issues/2923 | |||
2013-04-09 | return token on successful login via api | Azul | |
2013-04-02 | send more meaningful error message on completely failed login attempt | Azul | |
2013-04-02 | send salt on Session#create without srp ephemeral A | Azul | |
2013-03-01 | Merge pull request #32 from azul/feature/api-version-1-fixes | azul | |
Feature: API version 1 fixes | |||
2013-02-26 | api for sessions fixed | Azul | |
* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller | |||
2013-02-25 | Admins cannot update a user. Eventually we will want to allow admins to ↵ | jessib | |
update some user fields. | |||
2013-02-19 | Only check if last email alias is valid if the user has a last email alias. | jessib | |
2013-01-31 | Remove public key if the key is passed as nil, but not otherwise. | jessib | |
There was a weird case with reloading the user in the test if the public key had been unset. | |||
2013-01-29 | A user's public_key is the only attribute they should be able to update via API. | jessib | |