Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Projects Releases Packages Wiki Activity
174 commits 27 branches 73 tags 23 MiB
Commit graph

9 commits

Author SHA1 Message Date
Bobby Rullo
2ef1b4beff user: introduce "invite" emails 
Invite emails are essentially just reset password emails with a
different template (though this can and probably will change (slightly)
in the near future)
 2015-10-30 14:41:00 -07:00
Bobby Rullo
7d4f41bf04 integration: check when there's no secret provided 2015-10-13 12:34:28 -07:00
Bobby Rullo
55040c55fa server, integration, cmd: Protect Admin API 
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
 2015-10-01 13:15:45 -07:00
Joe Bowers
e5db302312 server: expose user disable API endpoint 2015-09-29 16:46:30 -07:00
Joe Bowers
fbbb3cc2df server: all authorizations fail for disabled users 2015-09-25 17:29:59 -07:00
Joe Bowers
ffabe03bc0 server: don't allow disabled users to access the api 2015-09-25 15:47:42 -07:00
Yifan Gu
93a0830ae0 server: check scope in requests. 
Require 'openid' in scope for all requests.
Require 'offline_access' for returning refresh token.
 2015-08-31 13:51:59 -07:00
Yifan Gu
066fd859ec session: add 'scope' field in session. 2015-08-31 13:51:59 -07:00
Bobby Rullo
66fe201c24 *: move original project to dex 2015-08-18 11:26:57 -07:00