Eric Chiang
0ada4c8010
*: move user API auth to middleware and fix return status
...
Move client authentication into its own middleware and provide
differentiation between HTTP requests that do not provide
credentials (401) and requests that authenticate as a non-admin
user (403).
Closes #152
2016-01-19 13:49:01 -08:00
Eric Chiang
1829209243
Godeps,user: update uuid package reference
...
The package code.google.com/p/go-uuid/uuid has been moved to
github.com/pborman/uuid. Update the reference.
Closes #224
2015-12-30 08:54:31 -08:00
Eric Chiang
f43655a8c3
user/manager: connector must exists when creating remote identity
...
Add ConnectorConfigRepo to UserManager. When trying to create a
RemoteIdentity, validate that the connector ID exists.
Fixes #198
2015-12-07 17:34:08 -08:00
Eric Chiang
d518447282
user: move user manager to it's own package
...
This commit moves the user.Manage to its own package (user/manager)
so it can import the connector package in a later commit.
For clarity, it renames "Manager" to "UserManager" using gorname.
This commit has no functional changes.
2015-12-07 15:34:14 -08:00
Eric Chiang
137330b202
user: fix bug in ValidEmail helper
...
mail.ParseAddress will stop parsing a string once it finds a valid
email address. This means you could give ValidUser an email
address followed by junk and it would mark it valid.
This commit fixes this behavior and adds some more test cases.
Fixes #189
2015-12-01 09:06:30 -08:00
Joe Bowers
0c854a21d6
server: endpoint and system for sending invitations to dex
...
An invitation allows users to both verify their email address and set
a new password.
2015-11-18 14:24:19 -08:00
Joe Bowers
2cdb6c0adb
user: more convenient way to read claims that have already been validated
2015-11-11 10:04:54 -08:00
Joe Bowers
468c1b8b5e
user: claims and parsing for invitations
2015-11-11 10:04:54 -08:00
Joe Bowers
ca9227fc19
various: spelling, logging, and commentary cleanup
2015-11-11 10:04:54 -08:00
Bobby Rullo
2ef1b4beff
user: introduce "invite" emails
...
Invite emails are essentially just reset password emails with a
different template (though this can and probably will change (slightly)
in the near future)
2015-10-30 14:41:00 -07:00
Joe Bowers
b1e4369811
fixup: remove debug logging from test
2015-10-16 17:14:51 -07:00
Joe Bowers
12342149d3
fixup: document parseAndVerifyTokenClaims behavior
2015-10-16 16:54:22 -07:00
Joe Bowers
ce8b0a4c9e
tests: fix user tests with for new behavior
2015-10-16 16:43:52 -07:00
Joe Bowers
85113748a8
server: unify password reset and email verification code and behavior
...
This patch proposes behavioral changes. In particular, referring
systems will need to provide client ids under all circumstances.
2015-10-16 14:47:58 -07:00
Joe Bowers
2ed2859896
repo: functional repo tests
...
includes changes to ensure uniform errors for DB and in-memory repos
2015-09-29 16:46:48 -07:00
Joe Bowers
e5db302312
server: expose user disable API endpoint
2015-09-29 16:46:30 -07:00
Joe Bowers
b19adefde5
Merge pull request #138 from joeatwork/disable-users
...
server: disable users
2015-09-28 12:36:09 -07:00
Joe Bowers
fbbb3cc2df
server: all authorizations fail for disabled users
2015-09-25 17:29:59 -07:00
Joe Bowers
ffabe03bc0
server: don't allow disabled users to access the api
2015-09-25 15:47:42 -07:00
Joe Bowers
f115015a3f
api: don't create a user if you can't send them an email
2015-09-25 15:11:27 -07:00
Joe Bowers
60a36e2c2e
server,db: flag for disabling user login
2015-09-25 14:25:06 -07:00
Giulio Iotti
472e4a02a4
*: Remove unnecessary else statements
...
Whenever it makes the code easier to follow, use early return to
avoid else statements.
2015-09-04 22:45:32 +03:00
Bobby Rullo
66fe201c24
*: move original project to dex
2015-08-18 11:26:57 -07:00