leap_web.git - [leap

Age	Commit message (Collapse)	Author
2013-09-02	Remove references to email_settings controller, which has been removed. An ↵	jessib
	identities controller will replace it.
2013-08-27	first steps towards enabling token based auth	Azul

2013-08-19	Change JS warning message per https://leap.se/code/issues/3492	jessib
	Key must end in _html so the html doesn't get escaped.
2013-08-08	close srp vulnerability and report error in webapp	Azul

2013-07-09	Cleanup to show enable/deactivate account functionality in new UI.	jessib

2013-07-08	Merge branch 'master' into feature/disable_account	jessib
	Conflicts: users/app/controllers/users_controller.rb users/app/helpers/users_helper.rb users/app/views/users/edit.html.haml users/app/views/users/show.html.haml users/config/locales/en.yml
2013-07-04	user tests -- user update has been moved entirely to api controller, so fix ↵	elijah
	tests to reflect this.
2013-07-04	users - make a nice overview page (well, nice enough) and better users ↵	elijah
	index/search.
2013-07-04	fix user typeahead	elijah

2013-07-04	users engine changes - rewrite of the views, separate email settings to a ↵	elijah
	separate controller, make users_controller html only and v1/users_controller json only.
2013-07-04	new ui - initial user changes	elijah

2013-07-03	Accounts can be enabled or not. Admins can edit this property.	jessib

2013-06-20	For removing account, redirect to root path, and ask confirmation message:	jessib
	https://leap.se/code/issues/2923
2013-06-13	Quick way to give warnings if javascript and/or cookies are not enabled. ↵	jessib
	Will want to tweak so the code isn't redundant, and ideally so check for cookies doesn't rely on javascript. And we'll want to expand the texts.
2013-04-18	remove 'api' subdomain restriction	elijah

2013-04-02	send more meaningful error message on completely failed login attempt	Azul

2013-03-05	Merge branch 'master' into feature/limit_user_leak	Azul
	Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-04	Update tests and documentation to reflect changed error messages with ↵	jessib
	incorrect username or password on login attempt.
2013-03-01	Merge pull request #32 from azul/feature/api-version-1-fixes	azul
	Feature: API version 1 fixes
2013-02-28	When attempting to login, the error messages should not leak information ↵	jessib
	about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-26	Change to language for when updating username/password.	jessib

2013-02-26	api for sessions fixed	Azul
	* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
2013-02-25	Admins cannot update a user. Eventually we will want to allow admins to ↵	jessib
	update some user fields.
2013-02-25	Add hint that password change is optional	jessib

2013-02-19	Needs some cleanup, but this has one form where user can change username and ↵	jessib
	password (they can leave either the same if they just want to change one, but we should make this clearer.)
2013-01-29	Allow PUT API to update user.	jessib

2013-01-22	Rough way to allow user to paste in their key, but certainly we will want ↵	jessib
	different display.
2013-01-22	some basic webfinger routes, controller, presenters, views	Azul

2013-01-17	Merge pull request #16 from leapcode/feature/fixing-routes-with-api	azul
	Fixing routes with api
2013-01-16	using subdomain for api requests properly	Azul

2013-01-15	Show different ticket characteristics when viewing the users versus when ↵	jessib
	listing the tickets. Give a message if a user has no tickets.
2013-01-15	minor: put emails in unstyled ul and simplify	Azul
	Just found out that render(@collection) returns nil for emtpy collections. So that is usefull for putting messages about the emtpy collection in an or clause.
2013-01-10	moved api routes into their own namespace	Azul
	In case we need them at some point - now it's new_api_user_path instead of new_user_path for example. This way they should not conflict with the normal route generation
2012-12-17	enabled destroying email aliases - no ajax yet.	Azul

2012-12-10	actually allow adding email aliases	Azul

2012-12-09	basic form added to user settings, simple model created	Azul

2012-12-08	serve api version 1 in /1/	Azul
	Just a very simple start for now. Do we want to use the api for the secure remote password auth from js?
2012-12-07	adding a bunch of translation	Azul

2012-11-26	added admin menu and user index action	Azul

2012-11-22	basic user edit form and actions	Azul

2012-11-22	beautify login workflow	Azul
	* translating error messages * not caching login and password in js anymore * catching non responses
2012-11-09	seperated the warden classes from the initializer	Azul
	also commented the sessions controller test a bit and fixed it
2012-11-09	got integration test and login flow to work	Azul

2012-11-04	Merge branch 'develop' into feature-warden-srp	Azul
	Conflicts: Gemfile.lock users/app/controllers/application_controller.rb users/leap_web_users.gemspec
2012-10-31	using controller extensions for application controller by hand	Azul

2012-10-30	sending proper error messages from warden.	Azul
	still need to translate these
2012-10-30	using rails_warden bit of refactoring	Azul
	without rails_warden the failure app action was not getting set properly.
2012-10-30	adding in warden with a basic strategy	Azul
	currently failing because we are not setting the content-type header.
2012-10-17	UI tweaks including newer version of bootstrap	Azul

2012-10-11	current_user and authenticate methods	Azul