Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-02-09 | [#922] Rename backup account flow | Tayane Fernandes | |
To differentiate between the account recovery flow and the set backup email flow, we renamed all resources and url to reflect this. with @anikarni | |||
2017-02-01 | [#922] Create route for account recovery | Anike Arni | |
with @tayanefernandes | |||
2017-01-25 | Extract duplicated methods to a common parent | Tulio Casagrande | |
2017-01-03 | Simplifies the get_static_folder on RootResource | Bruno Wagner | |
There are only two possibilities currently: - The static files are at web-ui/dist - The static files are installed by the debian package at /usr/share/pixelated-user-agent This change removed the third non-existent possibility that was causing errors sometimes in a new environment (service/web-ui/dist) | |||
2016-12-29 | Use only dist folder for serving application | Anike Arni | |
2016-12-08 | Revert "[#801] Merge branch 'signup'" | Roald de Vries | |
This reverts commit d10f607a4d40587510b0dc31b31fe4750bf4a3a3, reversing changes made to c28abba2f5b1186c671ebef508d40ffaae6d5bc5. | |||
2016-12-08 | Revert "[#801] add signup resource + tests" | Roald de Vries | |
This reverts commit db1cf22ca3a86027828aba30417e79363a380350. | |||
2016-12-07 | [#801] add signup resource + tests | Zara Gebru | |
2016-12-05 | remove templates folder from root resource parameters | Roald de Vries | |
2016-12-05 | use static instead of {startup,public}-assets | Roald de Vries | |
2016-12-05 | get templates from pkg_resources | Roald de Vries | |
2016-12-02 | [refactor] move app dir into public dir | Zara Gebru | |
2016-12-01 | WIP: add csrf token to every request | Roald de Vries | |
2016-11-30 | log a warnin when root child is not explicitly public/protected | Roald de Vries | |
2016-11-30 | remove PublicRootResource and use a flag on RootResource instead | Roald de Vries | |
2016-11-30 | redirect to login from root url when not logged in | Roald de Vries | |
2016-11-29 | make login resource part of the public root resource | Roald de Vries | |
2016-11-29 | root resource inherits from public root | Roald de Vries | |
2016-11-29 | move adding csrf to base resource | Roald de Vries | |
2016-11-28 | split inbox resource out of root resource | Roald de Vries | |
2016-11-24 | add login resource as child of public root resource | Roald de Vries | |
2016-11-24 | add public root resource to serve static files | Roald de Vries | |
2016-11-18 | serve signup page through twisted | Roald de Vries | |
2016-10-28 | changed import, for snap-CI pep8 | NavaL | |
2016-10-28 | authentication now returns Authentication | NavaL | |
leap session creation is only done post-interstitial and that logic is also extracted into its own class #795 | |||
2016-09-28 | actually 404-ing valid requests but non-existing resource | NavaL | |
Issue #684 | |||
2016-09-26 | Ensuring 503 is thrown whenever the root_resource is not yet initialized, ↵ | NavaL | |
for all cases, not just when it is csrf valid. Issue #684 | |||
2016-08-31 | Reading interstitial on class init | Bruno Wagner | |
The interstitial was being read at every login request, that was a blocking read on the main loop for every user. That file was also being opened and not closed at every request, that would aggravate the 'too many open files' problem | |||
2016-06-27 | Csrf not being enforced on GET | Caio Carrara | |
2016-06-27 | Fix xsrf-token verification in async calls | Caio Carrara | |
The previous behaviour only checked xsrf-token in headers, but it can be informed in a token as well. | |||
2016-06-24 | Issue #694 add an admin restricted resource for user stats | NavaL | |
2016-06-02 | RootResource should return 503 during startup (#699) | Blake Williams | |
Return 503 code while RootResource is in MODE_STARTUP | |||
2016-03-09 | Issue #617: Serve content from Sandbox resource | Felix Hammerl | |
2016-02-25 | only adding feature resource in root_resource test -- fixing build | NavaL | |
Issue #612 | |||
2016-02-25 | Backend and frontend protection against csrf attacks: | NavaL | |
- root resources changes the csrf token cookie everytime it is loaded, in particular during the intestitial load during login - it will also add that cookie on single user mode - initialize will still load all resources - but they you cant access them if the csrf token do not match - all ajax calls needs to add the token to the header - non ajax get requests do not need xsrf token validation - non ajax post will have to send the token in as a form input or in the content Issue #612 | |||
2016-02-11 | adds argument to supply custom disclaimer/banner on login screen | NavaL | |
Issue #598 | |||
2016-02-03 | reverting unnecessary steps to not re-load leap-sessions on re-login, as ↵ | NavaL | |
they are already cached from leap side - fixing build Issue #590 | |||
2016-02-03 | move leap session creation to be done after interstitial is loaded | NavaL | |
Issue #590 | |||
2016-01-22 | re-introduced logout functionality for multi-user | NavaL | |
Issue #576 | |||
2016-01-22 | Add mutli-user mode to user-agent | Folker Bernitt | |
- Issue #576 - To start in multi user, run with --multi-user --provider provider-name.tld | |||
2016-01-19 | Make RootResource read account email from mail service | Folker Bernitt | |
- Issue #576 | |||
2016-01-18 | root resource now depends on the services factory -- and mail service, for ↵ | NavaL | |
now -- Issue #576 | |||
2016-01-18 | migrating account settings resource to use services factory | NavaL | |
Issue #576 | |||
2016-01-18 | migrating feedback resources to use services factory | NavaL | |
Issue #576 | |||
2016-01-18 | migrating mail resources to use services factory | NavaL | |
Issue #576 | |||
2016-01-18 | migrating mails resources to use services factory | NavaL | |
Issue #576 | |||
2016-01-18 | migrating tag resources to use services factory | NavaL | |
Issue #576 | |||
2016-01-18 | migrating contact resources to use the services factory | NavaL | |
Issue #576 | |||
2016-01-18 | migrating AttachmentsResources to use the service factory | NavaL | |
Issue #576 | |||
2016-01-18 | Refactory KeyResource to get services from session | Folker Bernitt | |
- Issue #576 - Only first step (other services not changed yet) - Faked session access for now |