aboutsummaryrefslogtreecommitdiffstats
path: root/rust/src/auth.rs
Commit message (Collapse)AuthorAgeFilesLines
* rust: fix macaroon expiry checkBryan Newbold2019-04-091-10/+19
| | | | | | | | | | | | | There were two bugs with this code: the expiry timestamps were getting enclosed in double-quotes (which caused parse bugs), and the actual caveat check itself was backwards (expires < now instead of expires > now). An underlying issue was that these caveats weren't actually getting checked in the tests. Should fix a bug where users don't get auth'd correctly when logging in via mechanisms other than tokens.
* auth editor not-found is a 403 auth responseBryan Newbold2019-01-291-1/+13
|
* yet more edit lifecycle progressBryan Newbold2019-01-111-4/+4
|
* code docs/comments and rustfmtBryan Newbold2019-01-101-0/+4
|
* HUGE refactor of error types (to use failure)Bryan Newbold2019-01-091-20/+21
|
* refactor: FatCatId -> FatcatIdBryan Newbold2019-01-091-8/+8
|
* some clippy nitsBryan Newbold2019-01-091-23/+20
|
* huge refactor of rust modules/filesBryan Newbold2019-01-081-3/+28
| | | | | | Taking advantage of new Rust 2018 crate/module path changes, and re-organizing things. Somewhat optimistic this could help with partial rebuild speed also.
* rust 2018 edition!Bryan Newbold2019-01-081-4/+4
| | | | Only the basics to get things to compile/test again in this commit.
* rust fmtBryan Newbold2019-01-081-21/+25
|
* better rust auth error handling/responsesBryan Newbold2019-01-081-8/+22
|
* iterate on macaroon time caveat namesBryan Newbold2019-01-081-20/+19
|
* add auth/check endpointBryan Newbold2019-01-071-5/+16
|
* only superusers get auto-magic-privsBryan Newbold2019-01-071-1/+1
|
* add superuser role/flagBryan Newbold2019-01-041-11/+21
|
* allow multiple 'alt' keys to be specified in envBryan Newbold2018-12-311-0/+6
|
* add auth middleware back inBryan Newbold2018-12-311-3/+94
| | | | | | | | | I was hoping I didn't need this middleware, but I actually do, or the swagger generated code returns unauthenticated. The middleware doesn't actually do much validation, just extracts the (string) token and does nothing with it. Acutal verification happens in user code using AuthData struct.
* rustfmt; implement role-based auth checksBryan Newbold2018-12-311-41/+151
|
* wire-up auth config via ENVBryan Newbold2018-12-311-5/+15
|
* basic auth unittestsBryan Newbold2018-12-281-4/+1
|
* more auth refactoringBryan Newbold2018-12-281-54/+59
|
* start refactor of auth codeBryan Newbold2018-12-281-183/+110
| | | | | | | Pulls auth code (which requires the persistent state of a signing keyring) into a struct. Doesn't try verify macaroon in middleware, do it in individual wrappers.
* more basic work on authBryan Newbold2018-12-271-19/+178
|
* sql codegen and WIP on auth commandBryan Newbold2018-12-271-14/+35
|
* start skeleton of auth internal bitsBryan Newbold2018-12-261-0/+106