Hideki Nakamura
cb0e631b85
Update the implementation according to the Design notes
2018-09-11 09:44:18 -07:00
Hideki Nakamura
b14a0e0dde
Merge the logic for api access token to tokens.js so as not to change strategies.js
2018-07-10 17:25:01 -07:00
Hideki Nakamura
50e2dcbcd5
Add a processing to check specified API Access Tokens
2018-07-05 18:58:02 -07:00
Nick O'Leary
bca020bc4d
Tidy up default grunt task and fixup test break due to reorder
...
Fixes #1738
2018-05-25 11:36:17 +01:00
Nick O'Leary
e250a91f09
Merge branch '0.18' into projects
2018-01-24 23:06:27 +00:00
Nick O'Leary
3cb5cbd8d5
Allow adminAuth.user to be a Function
...
Fixes #1461
2018-01-23 23:08:11 +00:00
Nick O'Leary
25f4a018d9
Merge branch '0.18' into projects
2018-01-16 11:21:54 +00:00
Rocco Musolino
2c4d5fa38d
add express-session memorystore without leaks ( #1435 )
...
* add express-session memorystore without leaks
* Bump memorystore to v1.6.0
2018-01-11 22:51:05 +00:00
Nick O'Leary
5e128f89f6
Ensure strategy login button uses relative URL
...
Fixes #1481
2017-12-04 21:13:07 +00:00
Henri Bouvier
140ea683a6
[fix] github oauth strategy when Root is not / ( #1430 )
2017-10-10 21:24:44 +01:00
Nick O'Leary
41af5187aa
Reorganise red/api layout to better componentise
2017-08-22 22:26:29 +01:00
Kazuhito Yokoi
d7d13c12fe
Modify messages to refer to language files ( #1361 )
2017-08-07 10:00:28 +01:00
Nick O'Leary
78076122ba
Remove console.log
2017-06-30 10:39:28 +01:00
Nick O'Leary
72da7e6c54
Rename oauth auth scheme to strategy as it works for openid
2017-04-21 21:54:48 +01:00
Nick O'Leary
fb05960d79
Allow oauth schemes provide a custom verify function
2017-04-21 21:17:18 +01:00
Nick O'Leary
5cb37148c6
Add editorTheme.logout.redirect to allow redirect on logout
...
Closes #1213
2017-04-12 21:41:16 +01:00
Nick O'Leary
c54cf26848
Add support for oauth adminAuth configs
2017-04-12 10:09:03 +01:00
Nick O'Leary
0a96259ddf
Update copyright header for JS Foundation
2017-01-11 15:24:33 +00:00
Nick O'Leary
b5d3f505e3
Defer loading of token sessions until they are accessed
...
Fixes #895
2016-05-31 14:39:50 +01:00
Nick O'Leary
44693dd23a
Enable finer grained permissions in adminAuth
2016-04-10 15:30:13 +01:00
Nick O'Leary
f43738446e
WIP: separate runtime and api components
2016-01-06 17:01:11 +00:00
Nick O'Leary
d668d43a0a
Move to express 4.x
2015-10-02 21:27:31 +01:00
Nick O'Leary
9fb81b2814
Permit login with blank scope
...
Required for the editor, which doesn't know the appropriate scope
for the user logging in. The user will adopt their default permission
scope once logged in.
2015-07-15 10:12:45 +01:00
Nick O'Leary
7de0216976
Add audit log entries on API calls
...
Closes #627
2015-05-14 14:22:56 +01:00
Nick O'Leary
6ff540ed08
Customise login image
2015-04-13 10:37:30 +01:00
Nick O'Leary
2a8a885271
Standardise API error response format
2015-03-30 14:16:04 +01:00
Nick O'Leary
7adefd6ee0
Add access_token expiry
2015-03-30 14:14:32 +01:00
Nick O'Leary
f967a5ecdc
Fix auth on comms link and for anon user
...
The move to honour scope level of token broke the comms link
checking as well as the permissions checking for anon users.
2015-03-29 22:27:07 +01:00
Nick O'Leary
c8d6dc2531
Auth permission should honour the token scope
2015-03-29 21:59:48 +01:00
Nick O'Leary
2a57d0b6d0
auth/login should return empty object when insecure
2015-03-25 20:33:29 +00:00
dceejay
a9789697e7
add bcrypt as optional dependency to speed up Pi,
...
but not force compile on Windows.
Fix to close Issue #585
2015-03-19 11:36:48 +00:00
Nick O'Leary
be61cf6a88
Add node.error handling to core nodes
2015-03-16 13:58:01 +00:00
Nick O'Leary
51e891ff88
Move sessionStorageModule into main storageModule
...
Fixes #586
- add get/saveSessions to main storage module
- handle storage modules without those functions
- store .session file in userDir
2015-03-13 23:37:59 +00:00
Nick O'Leary
0f3cc3196c
Log-in window incorrect
...
fixes #583
2015-03-09 20:02:13 +00:00
dceejay
acc0e0875b
few more tests for permissions and strategies
...
reset log flags at end of log test
2015-03-07 13:22:21 +00:00
Nick O'Leary
c31ffb98b0
Tie auth middleware to needsPermission api
2015-02-05 23:43:35 +00:00
Nick O'Leary
26c42e500f
Allow user.default to be an api function
2015-02-05 13:01:00 +00:00
Nick O'Leary
53a515176b
Remove unused token expiry code
2015-02-05 13:01:00 +00:00
Nick O'Leary
fbf7ee50eb
Increase unit test coverage of auth code
2015-02-05 13:00:56 +00:00
Nick O'Leary
b2aae93fa6
Hide user profile menu
2015-02-05 13:00:55 +00:00
Nick O'Leary
a494954275
Add permissions and user menu
2015-02-05 13:00:55 +00:00
Nick O'Leary
f5d7903ecb
Stop lost connection message bouncing when not authed
2015-02-05 13:00:55 +00:00
Nick O'Leary
9bbe0799bd
Allow adminAuth setting to provide functions
2015-02-05 13:00:55 +00:00
Nick O'Leary
f3eb85c449
Move over to settings.adminAuth
2015-02-05 13:00:54 +00:00
Nick O'Leary
982997c3df
Add auth awareness to ui
2015-02-05 13:00:49 +00:00
Nick O'Leary
28823802ea
Prompt login if auth enabled
2015-02-05 13:00:16 +00:00
Nick O'Leary
2128b57ab2
Add oauth grant
2015-02-05 13:00:07 +00:00