aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * allow passing prefered_username in oidc signup/loginBryan Newbold2019-01-036-5/+45
| |
| * account page and renamingBryan Newbold2019-01-037-22/+85
| |
| * several auth improvementsBryan Newbold2019-01-038-24/+170
| |
| * require pymacaroonsBryan Newbold2019-01-032-33/+66
| |
| * python codegenBryan Newbold2019-01-033-0/+112
| |
| * editor updateBryan Newbold2019-01-032-4/+127
| |
| * rust codegenBryan Newbold2019-01-039-5/+433
| |
| * better username constraints in SQLBryan Newbold2019-01-031-1/+3
| |
| * schema for username updatesBryan Newbold2019-01-031-0/+28
| |
| * python codegenBryan Newbold2019-01-0310-3/+580
| |
| * start to impl oidc authBryan Newbold2019-01-034-8/+146
| |
| * OIDC auth table, and is_active editor flagBryan Newbold2019-01-032-0/+13
| |
| * crude /auth/oidc endpoint (and codegen)Bryan Newbold2019-01-0311-39/+670
| |
| * start on webface oauth2/oidc web authBryan Newbold2019-01-026-61/+222
| |
| * don't need to supply editor_id nowBryan Newbold2018-12-312-8/+4
| |
| * add crude/manual auth token to python tests (fixing them)Bryan Newbold2018-12-312-3/+14
| |
| * rust fmtBryan Newbold2018-12-313-11/+4
| |
| * add missing security/auth declarationsBryan Newbold2018-12-319-42/+258
| |
| * make editor_id optional when createding editgroupBryan Newbold2018-12-3112-19/+67
| | | | | | | | The editor_id can be infered from auth metadata.
| * make admin auth_epoch old so test tokens don't expireBryan Newbold2018-12-311-4/+4
| |
| * allow multiple 'alt' keys to be specified in envBryan Newbold2018-12-313-1/+32
| |
| * add dummy key to gitlab CI envBryan Newbold2018-12-311-0/+3
| |
| * bit of auth docsBryan Newbold2018-12-313-0/+7
| |
| * crude admin auth in testsBryan Newbold2018-12-314-21/+69
| |
| * add auth middleware back inBryan Newbold2018-12-312-3/+95
| | | | | | | | | | | | | | | | | | I was hoping I didn't need this middleware, but I actually do, or the swagger generated code returns unauthenticated. The middleware doesn't actually do much validation, just extracts the (string) token and does nothing with it. Acutal verification happens in user code using AuthData struct.
| * tests: disable client testsBryan Newbold2018-12-312-23/+25
| | | | | | | | | | | | | | | | | | | | | | | | But un-comments a bunch of code (and fixes type bugs with that). Something about calling iron::http() has broken, such that the call blocks. I thought it might be a port thing, but doesn't seem like it. Presumably this is what was causing problems with the "old_python_tests" second test previously. For now, just disabling; these integration-level tests best done from python anyways.
| * rustfmt; implement role-based auth checksBryan Newbold2018-12-318-107/+304
| |
| * codegenBryan Newbold2018-12-317-2035/+1380
| |
| * api spec: more auth responsesBryan Newbold2018-12-311-5/+47
| |
| * wire-up auth config via ENVBryan Newbold2018-12-316-49/+56
| |
| * notes and TODO (WIP)Bryan Newbold2018-12-292-2/+49
| |
| * include unwrap() in testsBryan Newbold2018-12-291-1/+1
| |
| * basic auth unittestsBryan Newbold2018-12-284-6/+55
| |
| * more auth refactoringBryan Newbold2018-12-284-59/+76
| |
| * start refactor of auth codeBryan Newbold2018-12-287-188/+121
| | | | | | | | | | | | | | Pulls auth code (which requires the persistent state of a signing keyring) into a struct. Doesn't try verify macaroon in middleware, do it in individual wrappers.
| * more basic work on authBryan Newbold2018-12-274-47/+200
| |
| * bump busted libmacaroons-rs dependencyBryan Newbold2018-12-272-4/+4
| |
| * sql codegen and WIP on auth commandBryan Newbold2018-12-274-25/+70
| |
| * sql: add index on editor usernameBryan Newbold2018-12-271-0/+1
| |
| * add libsodium-dev as a depBryan Newbold2018-12-262-1/+2
| |
| * start skeleton of auth internal bitsBryan Newbold2018-12-264-9/+222
| |
| * add macaroon depBryan Newbold2018-12-262-0/+96
| | | | | | | | Unfortunately, a patched copy for now. :(
| * first attempt at auth in DB schemaBryan Newbold2018-12-261-1/+4
| |
| * first attempt at auth in API specBryan Newbold2018-12-268-1/+3819
| |
* | fixes from ident schema refactorBryan Newbold2018-12-291-2/+2
| |
* | check request status codes idiomaticallyBryan Newbold2018-12-295-41/+44
|/
* impl edit_id changeBryan Newbold2018-12-264-15/+17
|
* codegenBryan Newbold2018-12-2616-458/+913
|
* api schema: more types/regex on parametersBryan Newbold2018-12-261-67/+49
|
* schemas: editor_id as UUID (not int)Bryan Newbold2018-12-262-38/+22
|