| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-09-03 | cleanup records after running user integration tests | Azul | |
| 2013-08-27 | refactor: Changing the py test to use less globals and session only locally. | Azul | |
| 2013-08-27 | use token to update user password | Azul | |
| 2013-08-27 | minor: remove puts line | Azul | |
| 2013-08-22 | Merge pull request #69 from azul/bugfix/update_user_password_through_api | jessib | |
| Test updating user password through api | |||
| 2013-08-21 | use the same login validations on sessions and users | Azul | |
| The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency. | |||
| 2013-08-21 | also test updating the user password in python against dev.bm | Azul | |
| 2013-08-21 | integration test updating users password | Azul | |
| 2013-08-08 | Merge pull request #64 from azul/feature/identity-rewrite | jessib | |
| Feature/identity rewrite | |||
| 2013-08-08 | close srp vulnerability and report error in webapp | Azul | |
| 2013-08-07 | integration test exploiting srp vulnerability | Azul | |
| 2013-07-24 | also destroy the identity for a test user during teardown | Azul | |
| 2013-07-24 | separate signup and settings service objects for user | Azul | |
| 2013-07-24 | setter for keys for dirty tracking, more robust tests | Azul | |
| Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys. | |||
| 2013-07-16 | adapt srp account_flow test for the api to new ruby_srp API | Azul | |
| 2013-07-16 | ensure the page has been reloaded before testing current_path | Azul | |
| This test would fail sometimes on assert_equal '/', current_path I believe it was a timing issue. page.has_content? will wait for the content to show up. So afterwards the current_path should always be correct. | |||
| 2013-07-15 | require test_helper from account test so it can be run in isolation | Azul | |
| 2013-07-14 | make sure capybara runs the whole rack app | Azul | |
| We use port 3003 for the integration test server. This test takes a few seconds (~8) now. Most of this is startup time of the server. A second run still takes 2 seconds like before. | |||
| 2013-07-14 | we do not expose M2 in srp.js anymore. | Azul | |
| So there is no way to print it. This message used to be correct but there are also other things that can cause this to fail now. So let's just remove it. | |||
| 2013-07-14 | js integration test for signup, login, logout | Azul | |
| 2013-07-12 | remove test for duplicate login - we'll prevent that on the client side | Azul | |
| SRP happens in two steps: * handshake * validation During the validation we delete the handshake data from the session. So a second validation does not really work. It could build upon the first one but it would not be able to send M2 to the client. So instead of trying to do sth. usefull when two validation requests are send we require the client to only send one. | |||
| 2013-07-11 | fix failing tests | elijah | |
| 2013-07-04 | test - we allow updating of username via api now | elijah | |
| 2013-04-03 | make sure user tests also run when run from users subdir | Azul | |
| * The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root. | |||
| 2013-04-03 | fixed tests to use setup and teardown blocks | Azul | |
| 2013-04-02 | send more meaningful error message on completely failed login attempt | Azul | |
| 2013-03-05 | Merge branch 'master' into feature/limit_user_leak | Azul | |
| Conflicts: users/lib/warden/strategies/secure_remote_password.rb | |||
| 2013-03-04 | Update tests and documentation to reflect changed error messages with ↵ | jessib | |
| incorrect username or password on login attempt. | |||
| 2013-03-04 | make api test script work with bitmask and print log | Azul | |
| 2013-02-06 | using ruby-srp 0.1.5 SRP::Client to wrap user in session | Azul | |
| 2013-01-31 | Remove public key if the key is passed as nil, but not otherwise. | jessib | |
| There was a weird case with reloading the user in the test if the public key had been unset. | |||
| 2013-01-29 | A user's public_key is the only attribute they should be able to update via API. | jessib | |
| 2013-01-29 | Allow PUT API to update user. | jessib | |
| 2013-01-16 | using subdomain for api requests properly | Azul | |
| 2013-01-14 | minor: further cleanup - try to leave no record behind | Azul | |
| 2012-12-11 | make sure can login twice | Azul | |
| 2012-12-08 | serve api version 1 in /1/ | Azul | |
| Just a very simple start for now. Do we want to use the api for the secure remote password auth from js? | |||
| 2012-11-26 | fixed login error message on wrong username | Azul | |
| 2012-11-22 | fixed tests | Azul | |
| 2012-11-13 | testing against current staging server | Azul | |
| 2012-11-09 | got integration test and login flow to work | Azul | |
| 2012-11-06 | first steps towards warden srp testing | Azul | |
| 2012-11-04 | fixed functional tests | Azul | |
| 2012-11-04 | stubbing current_user the warden way | Azul | |
| 2012-11-04 | fixing tests, including support files from all engines | Azul | |
| 2012-10-11 | fixed account_flow_test - srp.authenticate now takes a single arg | Azul | |
| 2012-10-06 | comment out debugging lines | Azul | |
| 2012-10-05 | using safe_unhexlify to workaround 0 padding | Azul | |
| also changed the debug output so it helps creating tests for ruby-srp | |||
| 2012-10-05 | moving to ruby_srp 0.1.0, works with python srp | Azul | |
| 2012-10-02 | trying to use the same Hash Alg and Prime as webapp - still failing | Azul | |
 |
index : leap_web.git | |
| [leap_web] | git repository hosting |
| summaryrefslogtreecommitdiff |