Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-11-30 | log a warnin when root child is not explicitly public/protected | Roald de Vries | |
2016-11-30 | remove PublicRootResource and use a flag on RootResource instead | Roald de Vries | |
2016-11-30 | redirect to login from root url when not logged in | Roald de Vries | |
2016-11-29 | make login resource part of the public root resource | Roald de Vries | |
2016-11-29 | add inbox resource | Roald de Vries | |
2016-11-29 | Merge branch 'master' into signup | Roald de Vries | |
2016-11-29 | root resource inherits from public root | Roald de Vries | |
2016-11-29 | move adding csrf to base resource | Roald de Vries | |
2016-11-29 | return resource instead of username/avatarId as avatar | Roald de Vries | |
2016-11-28 | split inbox resource out of root resource | Roald de Vries | |
2016-11-25 | make credentialsFactories parameter to auth session wrapper optional | Roald de Vries | |
2016-11-24 | add login resource as child of public root resource | Roald de Vries | |
2016-11-24 | add public root resource to serve static files | Roald de Vries | |
2016-11-23 | Adds traceback to logs. | Denis Costa | |
2016-11-18 | serve signup page through twisted | Roald de Vries | |
2016-11-02 | Fix logger variable name | Tulio Casagrande | |
2016-10-28 | changed import, for snap-CI pep8 | NavaL | |
2016-10-28 | removing obsolete Leap_password_checker #795 | NavaL | |
2016-10-28 | authentication now returns Authentication | NavaL | |
leap session creation is only done post-interstitial and that logic is also extracted into its own class #795 | |||
2016-10-19 | Adapted login to ignore anything after @ char | Bruno Wagner | |
2016-10-19 | Adapted logging in the UA to use twisted.logger | Bruno Wagner | |
2016-10-11 | [#792] Move leap.bonafide to leap.bitmask.bonafide | Tulio Casagrande | |
2016-10-05 | remove `set_portal`, it's not needed | Roald de Vries | |
2016-10-05 | remove pixelated realm's init parameters | Roald de Vries | |
They weren't used. Currently, the PixelatedAuthSessionWrapper determines the resource to use for a user. It would be more idiomatic to have the realm determine that. Actually, it should return the avatar as an IResource. See http://twistedmatrix.com/documents/current/web/howto/web-in-60/http-auth.html | |||
2016-10-05 | Revert "remove pixelated realm's init parameters" | Roald de Vries | |
This reverts commit 8fa81ff3b2cf0422098395ec9918d5b547fbbca5. | |||
2016-10-05 | remove pixelated realm's init parameters | Roald de Vries | |
They weren't used. Currently, the PixelatedAuthSessionWrapper determines the resource to use for a user. It would be more idiomatic to have the realm determine that. Actually, it should return the avatar as an IResource. See http://twistedmatrix.com/documents/current/web/howto/web-in-60/http-auth.html | |||
2016-09-28 | actually 404-ing valid requests but non-existing resource | NavaL | |
Issue #684 | |||
2016-09-26 | Ensuring 503 is thrown whenever the root_resource is not yet initialized, ↵ | NavaL | |
for all cases, not just when it is csrf valid. Issue #684 | |||
2016-09-23 | Replace SRPSession usages with bonafide | Tulio Casagrande | |
In order to replace leap_auth with bonafide, we created a class to hold the user credentials | |||
2016-09-23 | Fixes typo. | Denis Costa | |
2016-09-23 | Adds translation to welcome mail. | Denis Costa | |
2016-09-13 | [#778] Renaming get_key to be consistent with keymanager | Tulio Casagrande | |
2016-08-31 | Reading interstitial on class init | Bruno Wagner | |
The interstitial was being read at every login request, that was a blocking read on the main loop for every user. That file was also being opened and not closed at every request, that would aggravate the 'too many open files' problem | |||
2016-08-19 | Normalizing single and multi user bootstrap #759 | Bruno Wagner | |
Consolidated authentication to always be done is a defer to thread and changed the authenticate_user method name to conform with what it actually does | |||
2016-07-04 | Issue #738: Bypass cookie validation for sandbox | Felix Hammerl | |
2016-06-28 | Normalize i18n keys | Tulio Casagrande | |
2016-06-27 | Csrf not being enforced on GET | Caio Carrara | |
2016-06-27 | Fix xsrf-token verification in async calls | Caio Carrara | |
The previous behaviour only checked xsrf-token in headers, but it can be informed in a token as well. | |||
2016-06-24 | Issue #694 add an admin restricted resource for user stats | NavaL | |
2016-06-23 | refactoring: renaming services factory methods to relate them to user ↵ | NavaL | |
services sessions | |||
2016-06-14 | Empty FEEDBACK_URL env variable should also disable feedback | NavaL | |
This is needed as we need to provide empty FEEDBACK_URL, just to remind that it can be set if desired Issue #710 | |||
2016-06-02 | RootResource should return 503 during startup (#699) | Blake Williams | |
Return 503 code while RootResource is in MODE_STARTUP | |||
2016-05-26 | Updated calls to addRawHeader to use setRawHeaders | shabbyrobe | |
2016-05-22 | accomodates the case where the email address is the data sent with the event | NavaL | |
- now username and user_id are mapped when the user logs in - Issue #686 | |||
2016-05-18 | Issue #692 re-added logout back in the feature toggle | NavaL | |
2016-05-13 | Issue #691: Refactor to Twisted 16.1.1 | Felix Hammerl | |
2016-05-11 | Remove dispatcher references from service | Caio Carrara | |
Since we're not using dispatcher anymore, it doesn't make sense to keep dispatcher references and program flows that depend on it. For example, it doesn't make sense keep the flag --organization-mode, so it was removed as well. | |||
2016-04-13 | Issue #431: Review | Felix Hammerl | |
* Remove GenericDeferredErrorHandler class * Convert static method generic_error_handling to function instead | |||
2016-04-12 | Removed time logging from mails_resource | Bruno Wagner | |
Removed the time logging, it can be put adhoc when we want to test a specific case | |||
2016-04-11 | Removed general timings from methods | Bruno Wagner | |
I kept the logging functions so we can log times for tests and to investigate issues, but I removed all usages of them until someone needs them |