| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-02-10 | rename authorize to require_login | Azul | |
| authorize_admin -> require_admin also add require_token which will ensure token has been used for auth. | |||
| 2014-01-07 | Some refactoring, to simplify user model, optimize, and allow messages to be ↵ | jessib | |
| sorted by date (although are not now.) Also, rather than use whenever gem, will have cron job created to call task. | |||
| 2013-12-31 | Add authentication to API, but not sure it is best way. | jessib | |
| 2013-12-31 | Cleanup of code for messages API and cron job for 1 month payment warning. ↵ | jessib | |
| Authentication still remaining piece. | |||
| 2013-12-30 | Change structure to be more no-sql-y, rather than relational. | jessib | |
| 2013-12-24 | Catching some corner cases & new tests. | jessib | |
| 2013-12-24 | Add API tests and some refactoring of messages so we can get a user's ↵ | jessib | |
| messages within the webapp. | |||
| 2013-10-30 | test helper to expect_logout. | Azul | |
| Currently it expects both the session and the token to be cleared. This might change. But we'll always have a definition of what it means to logout we can test this way. | |||
| 2013-09-03 | Account: Composition to handle User and its identities | Azul | |
| We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests). | |||
| 2013-08-27 | clear token on logout with test | Azul | |
| 2013-08-27 | first steps towards enabling token based auth | Azul | |
| 2013-07-24 | separate signup and settings service objects for user | Azul | |
| 2013-07-04 | user tests -- user update has been moved entirely to api controller, so fix ↵ | elijah | |
| tests to reflect this. | |||
| 2013-04-09 | adopting tests to new behavior | Azul | |
| 2013-04-09 | return token on successful login via api | Azul | |
| 2013-04-02 | send more meaningful error message on completely failed login attempt | Azul | |
| 2013-04-02 | send salt on Session#create without srp ephemeral A | Azul | |
| 2013-02-26 | api for sessions fixed | Azul | |
| * now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller | |||
 |
index : leap_web.git | |
| [leap_web] | git repository hosting |
| summaryrefslogtreecommitdiff |