summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* point loginpass to upstream (patch accepted)Bryan Newbold2019-04-102-4/+4
|
* bump loginpass patch versionBryan Newbold2019-04-101-1/+1
|
* bugfix and special case for orcid loginsBryan Newbold2019-04-101-1/+6
|
* update Pipfile.lock using new pipenv (2018.11.26)Bryan Newbold2019-04-101-18/+6
|
* re-enable ORCiD loginBryan Newbold2019-04-102-11/+7
|
* use patched loginpass (temporarily)Bryan Newbold2019-04-102-47/+7
|
* github login via OAuth, not OIDCBryan Newbold2019-04-101-1/+1
|
* add CHANGELOG entry about api_key issueBryan Newbold2019-04-092-0/+10
|
* rustfmtBryan Newbold2019-04-092-2/+7
|
* don't require auth for editgroup annotationsBryan Newbold2019-04-096-10/+2
| | | | | | | | | | Amazing that this bug found it's way through... because most testing is from Python, and was having serious auth config leakage with python_client. We're still in 0.x, and this is such a small/eggregious bug that i'm not going to tag as a backwards-incompatible schema update (but will note in CHANGELOG).
* IA login button as actual form input/submitBryan Newbold2019-04-091-1/+1
|
* add work-around for weird TypeWithDefault config classBryan Newbold2019-04-092-1/+18
| | | | | Expect this to fix a serious bug with configuration "contamination" between priv_api and regular api. :codinghorror:
* fix google typo (freudian)Bryan Newbold2019-04-091-1/+1
|
* fix typo in gitlab-ci.ymlBryan Newbold2019-04-091-1/+1
|
* fix login display (google logo and disable orcid)Bryan Newbold2019-04-091-5/+8
|
* try to fix tagged release gitlab CI buildsBryan Newbold2019-04-091-0/+3
|
* wikipedia OAUth in changelogv0.2.1Bryan Newbold2019-04-091-0/+1
|
* more MWOAuth hackeryBryan Newbold2019-04-091-7/+9
|
* crude mostly-working wikipedia (mediawiki) loginBryan Newbold2019-04-095-10/+82
|
* flask-mwoauth for Wikipedia OAuth loginsBryan Newbold2019-04-092-29/+72
|
* resyle login viewsBryan Newbold2019-04-096-34/+112
|
* update CHANGELOG and TODO for v0.2.1Bryan Newbold2019-04-092-18/+49
| | | | | Don't intend to increment API version (because it hasn't changed); git revs in workers should be good enough.
* Merge branch 'bnewbold-review-bots'Bryan Newbold2019-04-0912-4/+327
|\
| * diplay extra metadata, disposition in annotationsBryan Newbold2019-04-061-3/+21
| |
| * remove title from metadata macroBryan Newbold2019-04-068-1/+7
| |
| * fix reviewer bugs (thanks pylint)Bryan Newbold2019-04-061-3/+3
| |
| * fix bad review importBryan Newbold2019-04-061-1/+1
| |
| * basic dummy review botBryan Newbold2019-04-063-0/+299
| |
* | tweak schema example wayback URLsBryan Newbold2019-04-091-2/+2
| |
* | have webcapture wayback links go right to capture (not calendar)Bryan Newbold2019-04-095-21/+40
| |
* | squelch authlib.specs deprecation warningBryan Newbold2019-04-091-0/+1
| |
* | temporary hack to remove ext-link XML in refsBryan Newbold2019-04-092-0/+25
| |
* | propagate editgroup_id errors correctlyBryan Newbold2019-04-091-0/+12
| |
* | partial checking of editgroup_id checking when editingBryan Newbold2019-04-092-1/+6
| |
* | rust: fix macaroon expiry checkBryan Newbold2019-04-092-10/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | There were two bugs with this code: the expiry timestamps were getting enclosed in double-quotes (which caused parse bugs), and the actual caveat check itself was backwards (expires < now instead of expires > now). An underlying issue was that these caveats weren't actually getting checked in the tests. Should fix a bug where users don't get auth'd correctly when logging in via mechanisms other than tokens.
* | test for macaroon regressionBryan Newbold2019-04-091-0/+6
| |
* | verify auth on account page (via auth_check())Bryan Newbold2019-04-091-1/+5
|/
* add CI/coverage badges to README.mdBryan Newbold2019-04-051-0/+2
|
* fix container url form widthBryan Newbold2019-04-041-1/+1
|
* work around pylint/responses errorBryan Newbold2019-04-041-0/+3
| | | | | Known problem with reponses and dynamic functions. See also: https://github.com/getsentry/responses/issues/74
* add error displays in release and file list formsBryan Newbold2019-04-042-1/+3
|
* web editing of container urlsBryan Newbold2019-04-043-5/+119
|
* better error responses for username change formBryan Newbold2019-04-041-3/+7
|
* improve test coverageBryan Newbold2019-04-048-11/+128
|
* revert back to earlier stats datetimeBryan Newbold2019-04-041-1/+1
| | | | Caught in testing
* TODO: handle 'already merged' in edit forms betterBryan Newbold2019-04-041-1/+4
|
* test api helpers (found bug)Bryan Newbold2019-04-042-5/+25
| | | | | | It seems that public_api() doesn't get isolated from authenticated_api(), even in different tests. I suspect this is due to using DefaultAPI to create client.
* test already-merged editgroup_id (via web form)Bryan Newbold2019-04-041-2/+14
|
* add basic tests for a bunch of form handling codeBryan Newbold2019-04-041-17/+137
|
* disable CSRF in unit testsBryan Newbold2019-04-041-0/+1
|