Commit graph

23 commits

Author SHA1 Message Date
Eric Chiang
0ada4c8010 *: move user API auth to middleware and fix return status
Move client authentication into its own middleware and provide
differentiation between HTTP requests that do not provide
credentials (401) and requests that authenticate as a non-admin
user (403).

Closes #152
2016-01-19 13:49:01 -08:00
Eric Chiang
1829209243 Godeps,user: update uuid package reference
The package code.google.com/p/go-uuid/uuid has been moved to
github.com/pborman/uuid. Update the reference.

Closes #224
2015-12-30 08:54:31 -08:00
Eric Chiang
f43655a8c3 user/manager: connector must exists when creating remote identity
Add ConnectorConfigRepo to UserManager. When trying to create a
RemoteIdentity, validate that the connector ID exists.

Fixes #198
2015-12-07 17:34:08 -08:00
Eric Chiang
d518447282 user: move user manager to it's own package
This commit moves the user.Manage to its own package (user/manager)
so it can import the connector package in a later commit.

For clarity, it renames "Manager" to "UserManager" using gorname.

This commit has no functional changes.
2015-12-07 15:34:14 -08:00
Eric Chiang
137330b202 user: fix bug in ValidEmail helper
mail.ParseAddress will stop parsing a string once it finds a valid
email address. This means you could give ValidUser an email
address followed by junk and it would mark it valid.

This commit fixes this behavior and adds some more test cases.

Fixes #189
2015-12-01 09:06:30 -08:00
Joe Bowers
0c854a21d6 server: endpoint and system for sending invitations to dex
An invitation allows users to both verify their email address and set
a new password.
2015-11-18 14:24:19 -08:00
Joe Bowers
2cdb6c0adb user: more convenient way to read claims that have already been validated 2015-11-11 10:04:54 -08:00
Joe Bowers
468c1b8b5e user: claims and parsing for invitations 2015-11-11 10:04:54 -08:00
Joe Bowers
ca9227fc19 various: spelling, logging, and commentary cleanup 2015-11-11 10:04:54 -08:00
Bobby Rullo
2ef1b4beff user: introduce "invite" emails
Invite emails are essentially just reset password emails with a
different template (though this can and probably will change (slightly)
in the near future)
2015-10-30 14:41:00 -07:00
Joe Bowers
b1e4369811 fixup: remove debug logging from test 2015-10-16 17:14:51 -07:00
Joe Bowers
12342149d3 fixup: document parseAndVerifyTokenClaims behavior 2015-10-16 16:54:22 -07:00
Joe Bowers
ce8b0a4c9e tests: fix user tests with for new behavior 2015-10-16 16:43:52 -07:00
Joe Bowers
85113748a8 server: unify password reset and email verification code and behavior
This patch proposes behavioral changes. In particular, referring
systems will need to provide client ids under all circumstances.
2015-10-16 14:47:58 -07:00
Joe Bowers
2ed2859896 repo: functional repo tests
includes changes to ensure uniform errors for DB and in-memory repos
2015-09-29 16:46:48 -07:00
Joe Bowers
e5db302312 server: expose user disable API endpoint 2015-09-29 16:46:30 -07:00
Joe Bowers
b19adefde5 Merge pull request #138 from joeatwork/disable-users
server: disable users
2015-09-28 12:36:09 -07:00
Joe Bowers
fbbb3cc2df server: all authorizations fail for disabled users 2015-09-25 17:29:59 -07:00
Joe Bowers
ffabe03bc0 server: don't allow disabled users to access the api 2015-09-25 15:47:42 -07:00
Joe Bowers
f115015a3f api: don't create a user if you can't send them an email 2015-09-25 15:11:27 -07:00
Joe Bowers
60a36e2c2e server,db: flag for disabling user login 2015-09-25 14:25:06 -07:00
Giulio Iotti
472e4a02a4 *: Remove unnecessary else statements
Whenever it makes the code easier to follow, use early return to
avoid else statements.
2015-09-04 22:45:32 +03:00
Bobby Rullo
66fe201c24 *: move original project to dex 2015-08-18 11:26:57 -07:00