Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-12-14 | [#869] Move from stdlib to twisted trial unittest | Denis Costa | |
2016-12-08 | Revert "[#801] Merge branch 'signup'" | Roald de Vries | |
This reverts commit d10f607a4d40587510b0dc31b31fe4750bf4a3a3, reversing changes made to c28abba2f5b1186c671ebef508d40ffaae6d5bc5. | |||
2016-12-06 | remove some TODO's | Roald de Vries | |
2016-12-05 | remove templates folder from root resource parameters | Roald de Vries | |
2016-12-02 | [refactor] use static url instead of assets url | Zara Gebru | |
2016-12-02 | [refactor] move app dir into public dir | Zara Gebru | |
2016-12-01 | fix root resource tests when zmq is not available | Roald de Vries | |
2016-12-01 | WIP: add csrf token to every request | Roald de Vries | |
2016-11-30 | remove PublicRootResource and use a flag on RootResource instead | Roald de Vries | |
2016-11-30 | redirect to login from root url when not logged in | Roald de Vries | |
2016-11-30 | mock out usage of ZMQ in the right place | Roald de Vries | |
2016-11-29 | mock out usage or ZMQ | Roald de Vries | |
2016-11-29 | make login resource part of the public root resource | Roald de Vries | |
2016-11-29 | assert login url is delegated correctly | Roald de Vries | |
2016-11-29 | add inbox resource | Roald de Vries | |
2016-11-28 | split inbox resource out of root resource | Roald de Vries | |
2016-11-24 | add login resource as child of public root resource | Roald de Vries | |
2016-11-24 | add public root resource to serve static files | Roald de Vries | |
2016-11-22 | fix first test for auth session wrapper | Roald de Vries | |
2016-09-28 | actually 404-ing valid requests but non-existing resource | NavaL | |
Issue #684 | |||
2016-06-27 | Explicitly use POST to test csrf | Caio Carrara | |
2016-06-02 | RootResource should return 503 during startup (#699) | Blake Williams | |
Return 503 code while RootResource is in MODE_STARTUP | |||
2016-05-13 | Issue #691: Refactor to Twisted 16.1.1 | Felix Hammerl | |
2016-02-25 | only adding feature resource in root_resource test -- fixing build | NavaL | |
Issue #612 | |||
2016-02-25 | Backend and frontend protection against csrf attacks: | NavaL | |
- root resources changes the csrf token cookie everytime it is loaded, in particular during the intestitial load during login - it will also add that cookie on single user mode - initialize will still load all resources - but they you cant access them if the csrf token do not match - all ajax calls needs to add the token to the header - non ajax get requests do not need xsrf token validation - non ajax post will have to send the token in as a form input or in the content Issue #612 | |||
2016-01-22 | Add mutli-user mode to user-agent | Folker Bernitt | |
- Issue #576 - To start in multi user, run with --multi-user --provider provider-name.tld | |||
2016-01-19 | fixing build | NavaL | |
Issue #576 | |||
2016-01-19 | Make RootResource read account email from mail service | Folker Bernitt | |
- Issue #576 | |||
2015-11-10 | refactor unit test | sw00 | |
don't use initialize method of root_resource in test | |||
2015-11-09 | use mail_service to inject account_email into root_resource | sw00 | |
instead of using leap_session, mail_service can be used to get the account email. | |||
2015-11-09 | template user's email address into title | sw00 | |
this should solve https://github.com/pixelated/pixelated-user-agent/issues/246 needed to inject leap_session into root resource to access user email on request. |