summaryrefslogtreecommitdiff
path: root/users
AgeCommit message (Collapse)Author
2013-07-04fix user typeaheadelijah
2013-07-04users engine changes - rewrite of the views, separate email settings to a ↵elijah
separate controller, make users_controller html only and v1/users_controller json only.
2013-07-04add js to report all errors to the user, not just ones related to field ↵elijah
validation.
2013-07-04add commented out code of how redirect should work with Warden, although I ↵elijah
can't get it working.
2013-07-04new ui - initial user changeselijah
2013-07-03Automatically clear the errors when re-displayed. Not sure if this is ideal ↵jessib
functionality.
2013-07-03Accounts can be enabled or not. Admins can edit this property.jessib
2013-07-01redirect to root_path after canceling accountAzul
login makes little sense. This change was applied already... just updated the test
2013-06-27Want to tweak some, but start to displaying base generic message via javascript.jessib
2013-06-25Merge pull request #48 from leapcode/feature/remove-accountazul
For removing account, redirect to root path, and ask confirmation messag...
2013-06-24Update srp_js submodule.jessib
2013-06-20For removing account, redirect to root path, and ask confirmation message:jessib
https://leap.se/code/issues/2923
2013-06-17Tweaks to display javascript and cookies warning:jessib
* will only display cookies warning if javascript is enabled. * remove redundant code * tweak noscript html to display better div
2013-06-13Quick way to give warnings if javascript and/or cookies are not enabled. ↵jessib
Will want to tweak so the code isn't redundant, and ideally so check for cookies doesn't rely on javascript. And we'll want to expand the texts.
2013-04-25Merge pull request #40 from azul/feature/token-authjessib
Token auth with a database of it's own
2013-04-24added test for pgp key viewAzul
2013-04-24renamed and fixed pgp_key viewAzul
2013-04-18remove 'api' subdomain restrictionelijah
2013-04-09adopting tests to new behaviorAzul
2013-04-09adding initial viewAzul
2013-04-09return token on successful login via apiAzul
2013-04-09let's use safe ids instead of the default couch onesAzul
Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe.
2013-04-09initial token model and unit testAzul
2013-04-03make sure user tests also run when run from users subdirAzul
* The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root.
2013-04-03fixed tests to use setup and teardown blocksAzul
2013-04-02send more meaningful error message on completely failed login attemptAzul
2013-04-02send salt on Session#create without srp ephemeral AAzul
2013-03-05Merge branch 'master' into feature/limit_user_leakAzul
Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-05minor: fixed logout linkAzul
2013-03-04Update tests and documentation to reflect changed error messages with ↵jessib
incorrect username or password on login attempt.
2013-03-04make api test script work with bitmask and print logAzul
2013-03-01Merge pull request #32 from azul/feature/api-version-1-fixesazul
Feature: API version 1 fixes
2013-02-28When attempting to login, the error messages should not leak information ↵jessib
about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-28Have specific error messages for usernames with incorrect formats.jessib
Signed-off-by: jessib <jessib@leap.se>
2013-02-26Merge branch 'master' into feature/limit_usernamesjessib
2013-02-26Change to language for when updating username/password.jessib
2013-02-26Changes to valid format for usernames.jessib
2013-02-26api for sessions fixedAzul
* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
2013-02-25Admins cannot update a user. Eventually we will want to allow admins to ↵jessib
update some user fields.
2013-02-25Slight refactoring of partialsjessib
2013-02-25Add hint that password change is optionaljessib
2013-02-19Needs some cleanup, but this has one form where user can change username and ↵jessib
password (they can leave either the same if they just want to change one, but we should make this clearer.)
2013-02-19Only check if last email alias is valid if the user has a last email alias.jessib
2013-02-06we don't add srp stuff to user class anymoreAzul
warden srp strategy in lib has it all.
2013-02-06using ruby-srp 0.1.5 SRP::Client to wrap user in sessionAzul
2013-01-31Remove public key if the key is passed as nil, but not otherwise.jessib
There was a weird case with reloading the user in the test if the public key had been unset.
2013-01-29A user's public_key is the only attribute they should be able to update via API.jessib
2013-01-29Allow PUT API to update user.jessib
2013-01-25Merge branch 'feature/webfinger' of https://github.com/leapcode/leap_webAzul
Conflicts: users/app/views/users/edit.html.haml
2013-01-24Removing aliases from webfinger as the link wouldn't work anyway, and don't ↵jessib
want to leak ID information.