summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* fix base64 bogus auth keysBryan Newbold2019-01-041-2/+2
|
* add superuser role/flagBryan Newbold2019-01-046-31/+44
|
* one-month default session; lock down cookiesBryan Newbold2019-01-042-0/+8
|
* clean up notes a tiny bitBryan Newbold2019-01-046-45/+40
|
* gigantic auth docsBryan Newbold2019-01-042-154/+215
|
* update top-level TODOBryan Newbold2019-01-041-11/+7
|
* rust: TODO updatesBryan Newbold2019-01-041-4/+7
|
* remove old single-page site folderBryan Newbold2019-01-041-196/+0
|
* backup auth notesBryan Newbold2019-01-041-0/+85
|
* update main READMEBryan Newbold2019-01-042-32/+39
|
* update rust READMEBryan Newbold2019-01-041-1/+16
|
* document rust fatcatd configBryan Newbold2019-01-043-9/+36
|
* use .env for all config (and document it)Bryan Newbold2019-01-045-1/+15
|
* basic OIDC auth workingBryan Newbold2019-01-034-30/+44
|
* fix rust side of loginBryan Newbold2019-01-032-8/+18
|
* allow passing prefered_username in oidc signup/loginBryan Newbold2019-01-036-5/+45
|
* account page and renamingBryan Newbold2019-01-037-22/+85
|
* several auth improvementsBryan Newbold2019-01-038-24/+170
|
* require pymacaroonsBryan Newbold2019-01-032-33/+66
|
* python codegenBryan Newbold2019-01-033-0/+112
|
* editor updateBryan Newbold2019-01-032-4/+127
|
* rust codegenBryan Newbold2019-01-039-5/+433
|
* better username constraints in SQLBryan Newbold2019-01-031-1/+3
|
* schema for username updatesBryan Newbold2019-01-031-0/+28
|
* python codegenBryan Newbold2019-01-0310-3/+580
|
* start to impl oidc authBryan Newbold2019-01-034-8/+146
|
* OIDC auth table, and is_active editor flagBryan Newbold2019-01-032-0/+13
|
* crude /auth/oidc endpoint (and codegen)Bryan Newbold2019-01-0311-39/+670
|
* start on webface oauth2/oidc web authBryan Newbold2019-01-026-61/+222
|
* don't need to supply editor_id nowBryan Newbold2018-12-312-8/+4
|
* add crude/manual auth token to python tests (fixing them)Bryan Newbold2018-12-312-3/+14
|
* rust fmtBryan Newbold2018-12-313-11/+4
|
* add missing security/auth declarationsBryan Newbold2018-12-319-42/+258
|
* make editor_id optional when createding editgroupBryan Newbold2018-12-3112-19/+67
| | | | The editor_id can be infered from auth metadata.
* make admin auth_epoch old so test tokens don't expireBryan Newbold2018-12-311-4/+4
|
* allow multiple 'alt' keys to be specified in envBryan Newbold2018-12-313-1/+32
|
* add dummy key to gitlab CI envBryan Newbold2018-12-311-0/+3
|
* bit of auth docsBryan Newbold2018-12-313-0/+7
|
* crude admin auth in testsBryan Newbold2018-12-314-21/+69
|
* add auth middleware back inBryan Newbold2018-12-312-3/+95
| | | | | | | | | I was hoping I didn't need this middleware, but I actually do, or the swagger generated code returns unauthenticated. The middleware doesn't actually do much validation, just extracts the (string) token and does nothing with it. Acutal verification happens in user code using AuthData struct.
* tests: disable client testsBryan Newbold2018-12-312-23/+25
| | | | | | | | | | | | But un-comments a bunch of code (and fixes type bugs with that). Something about calling iron::http() has broken, such that the call blocks. I thought it might be a port thing, but doesn't seem like it. Presumably this is what was causing problems with the "old_python_tests" second test previously. For now, just disabling; these integration-level tests best done from python anyways.
* rustfmt; implement role-based auth checksBryan Newbold2018-12-318-107/+304
|
* codegenBryan Newbold2018-12-317-2035/+1380
|
* api spec: more auth responsesBryan Newbold2018-12-311-5/+47
|
* wire-up auth config via ENVBryan Newbold2018-12-316-49/+56
|
* notes and TODO (WIP)Bryan Newbold2018-12-292-2/+49
|
* include unwrap() in testsBryan Newbold2018-12-291-1/+1
|
* basic auth unittestsBryan Newbold2018-12-284-6/+55
|
* more auth refactoringBryan Newbold2018-12-284-59/+76
|
* start refactor of auth codeBryan Newbold2018-12-287-188/+121
| | | | | | | Pulls auth code (which requires the persistent state of a signing keyring) into a struct. Doesn't try verify macaroon in middleware, do it in individual wrappers.