summaryrefslogtreecommitdiff
path: root/users
AgeCommit message (Collapse)Author
2013-04-02send more meaningful error message on completely failed login attemptAzul
2013-04-02send salt on Session#create without srp ephemeral AAzul
2013-03-05Merge branch 'master' into feature/limit_user_leakAzul
Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-05minor: fixed logout linkAzul
2013-03-04Update tests and documentation to reflect changed error messages with ↵jessib
incorrect username or password on login attempt.
2013-03-04make api test script work with bitmask and print logAzul
2013-03-01Merge pull request #32 from azul/feature/api-version-1-fixesazul
Feature: API version 1 fixes
2013-02-28When attempting to login, the error messages should not leak information ↵jessib
about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-28Have specific error messages for usernames with incorrect formats.jessib
Signed-off-by: jessib <jessib@leap.se>
2013-02-26Merge branch 'master' into feature/limit_usernamesjessib
2013-02-26Change to language for when updating username/password.jessib
2013-02-26Changes to valid format for usernames.jessib
2013-02-26api for sessions fixedAzul
* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
2013-02-25Admins cannot update a user. Eventually we will want to allow admins to ↵jessib
update some user fields.
2013-02-25Slight refactoring of partialsjessib
2013-02-25Add hint that password change is optionaljessib
2013-02-19Needs some cleanup, but this has one form where user can change username and ↵jessib
password (they can leave either the same if they just want to change one, but we should make this clearer.)
2013-02-19Only check if last email alias is valid if the user has a last email alias.jessib
2013-02-06we don't add srp stuff to user class anymoreAzul
warden srp strategy in lib has it all.
2013-02-06using ruby-srp 0.1.5 SRP::Client to wrap user in sessionAzul
2013-01-31Remove public key if the key is passed as nil, but not otherwise.jessib
There was a weird case with reloading the user in the test if the public key had been unset.
2013-01-29A user's public_key is the only attribute they should be able to update via API.jessib
2013-01-29Allow PUT API to update user.jessib
2013-01-25Merge branch 'feature/webfinger' of https://github.com/leapcode/leap_webAzul
Conflicts: users/app/views/users/edit.html.haml
2013-01-24Removing aliases from webfinger as the link wouldn't work anyway, and don't ↵jessib
want to leak ID information.
2013-01-23functional test for webfingerAzul
2013-01-23added a small test for HostMetaPresenter and using links hash in xml viewAzul
2013-01-23added unit tests for user presenterAzul
changed the way the presenter works. Will need functional testing
2013-01-23not inluding link to key if there is noneAzul
2013-01-23make raising not found error less confusingAzul
2013-01-22Rough way to allow user to paste in their key, but certainly we will want ↵jessib
different display.
2013-01-22Edit form should show email address for the currently displayed user.jessib
2013-01-22Users now have an email_address, not an email.jessib
2013-01-22fixing xml and adding json representation for host_metaAzul
2013-01-22removed accidentaily commited filesAzul
2013-01-22adding json jrd responses to webfingerAzul
2013-01-22render 404 if neededAzul
2013-01-22some basic webfinger routes, controller, presenters, viewsAzul
2013-01-18more flexible email partialAzul
2013-01-18Merge remote-tracking branch 'origin/master' into feature/fixed-email-addressAzul
Conflicts: users/app/views/emails/_email.html.haml
2013-01-17Merge pull request #17 from leapcode/feature/tickets_controllers_simplificationazul
Refactoring of tickets controller to fetch the ticket in a before filter...
2013-01-17Merge pull request #16 from leapcode/feature/fixing-routes-with-apiazul
Fixing routes with api
2013-01-18minor: smalles fix ever - is_admin? has a questionmarkAzul
2013-01-17Should be able to create a user when not logged in.jessib
This isn't ready to merge, as there is an issue with logging in as an admin in the test.
2013-01-17Merge branch 'master' into feature/tickets_controllers_simplificationjessib
Conflicts: users/app/controllers/users_controller.rb
2013-01-17Deal with corner case where we don't have authenticated user. Will write a ↵jessib
test after merging in show view for users.
2013-01-17minor fixes to validation workflowAzul
2013-01-17unit tests passingAzul
2013-01-16incomplete initial changes to make email address just login@domain.tldAzul
This involves a number of other changes like making sure the comparison between aliases and emails still works. Will do that by removing the @domain.tld from aliases as well.
2013-01-16using subdomain for api requests properlyAzul