Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-07-04 | allow forms with blank email forward. | elijah | |
2013-07-04 | test - we allow updating of username via api now | elijah | |
2013-07-04 | users - make a nice overview page (well, nice enough) and better users ↵ | elijah | |
index/search. | |||
2013-07-04 | fix user typeahead | elijah | |
2013-07-04 | users engine changes - rewrite of the views, separate email settings to a ↵ | elijah | |
separate controller, make users_controller html only and v1/users_controller json only. | |||
2013-07-04 | add js to report all errors to the user, not just ones related to field ↵ | elijah | |
validation. | |||
2013-07-04 | add commented out code of how redirect should work with Warden, although I ↵ | elijah | |
can't get it working. | |||
2013-07-04 | new ui - initial user changes | elijah | |
2013-07-01 | redirect to root_path after canceling account | Azul | |
login makes little sense. This change was applied already... just updated the test | |||
2013-06-25 | Merge pull request #48 from leapcode/feature/remove-account | azul | |
For removing account, redirect to root path, and ask confirmation messag... | |||
2013-06-24 | Update srp_js submodule. | jessib | |
2013-06-20 | For removing account, redirect to root path, and ask confirmation message: | jessib | |
https://leap.se/code/issues/2923 | |||
2013-06-17 | Tweaks to display javascript and cookies warning: | jessib | |
* will only display cookies warning if javascript is enabled. * remove redundant code * tweak noscript html to display better div | |||
2013-06-13 | Quick way to give warnings if javascript and/or cookies are not enabled. ↵ | jessib | |
Will want to tweak so the code isn't redundant, and ideally so check for cookies doesn't rely on javascript. And we'll want to expand the texts. | |||
2013-04-25 | Merge pull request #40 from azul/feature/token-auth | jessib | |
Token auth with a database of it's own | |||
2013-04-24 | added test for pgp key view | Azul | |
2013-04-24 | renamed and fixed pgp_key view | Azul | |
2013-04-18 | remove 'api' subdomain restriction | elijah | |
2013-04-09 | adopting tests to new behavior | Azul | |
2013-04-09 | adding initial view | Azul | |
2013-04-09 | return token on successful login via api | Azul | |
2013-04-09 | let's use safe ids instead of the default couch ones | Azul | |
Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe. | |||
2013-04-09 | initial token model and unit test | Azul | |
2013-04-03 | make sure user tests also run when run from users subdir | Azul | |
* The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root. | |||
2013-04-03 | fixed tests to use setup and teardown blocks | Azul | |
2013-04-02 | send more meaningful error message on completely failed login attempt | Azul | |
2013-04-02 | send salt on Session#create without srp ephemeral A | Azul | |
2013-03-05 | Merge branch 'master' into feature/limit_user_leak | Azul | |
Conflicts: users/lib/warden/strategies/secure_remote_password.rb | |||
2013-03-05 | minor: fixed logout link | Azul | |
2013-03-04 | Update tests and documentation to reflect changed error messages with ↵ | jessib | |
incorrect username or password on login attempt. | |||
2013-03-04 | make api test script work with bitmask and print log | Azul | |
2013-03-01 | Merge pull request #32 from azul/feature/api-version-1-fixes | azul | |
Feature: API version 1 fixes | |||
2013-02-28 | When attempting to login, the error messages should not leak information ↵ | jessib | |
about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password. | |||
2013-02-28 | Have specific error messages for usernames with incorrect formats. | jessib | |
Signed-off-by: jessib <jessib@leap.se> | |||
2013-02-26 | Merge branch 'master' into feature/limit_usernames | jessib | |
2013-02-26 | Change to language for when updating username/password. | jessib | |
2013-02-26 | Changes to valid format for usernames. | jessib | |
2013-02-26 | api for sessions fixed | Azul | |
* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller | |||
2013-02-25 | Admins cannot update a user. Eventually we will want to allow admins to ↵ | jessib | |
update some user fields. | |||
2013-02-25 | Slight refactoring of partials | jessib | |
2013-02-25 | Add hint that password change is optional | jessib | |
2013-02-19 | Needs some cleanup, but this has one form where user can change username and ↵ | jessib | |
password (they can leave either the same if they just want to change one, but we should make this clearer.) | |||
2013-02-19 | Only check if last email alias is valid if the user has a last email alias. | jessib | |
2013-02-06 | we don't add srp stuff to user class anymore | Azul | |
warden srp strategy in lib has it all. | |||
2013-02-06 | using ruby-srp 0.1.5 SRP::Client to wrap user in session | Azul | |
2013-01-31 | Remove public key if the key is passed as nil, but not otherwise. | jessib | |
There was a weird case with reloading the user in the test if the public key had been unset. | |||
2013-01-29 | A user's public_key is the only attribute they should be able to update via API. | jessib | |
2013-01-29 | Allow PUT API to update user. | jessib | |
2013-01-25 | Merge branch 'feature/webfinger' of https://github.com/leapcode/leap_web | Azul | |
Conflicts: users/app/views/users/edit.html.haml | |||
2013-01-24 | Removing aliases from webfinger as the link wouldn't work anyway, and don't ↵ | jessib | |
want to leak ID information. |