Joe Bowers
fbbb3cc2df
server: all authorizations fail for disabled users
2015-09-25 17:29:59 -07:00
Joe Bowers
ffabe03bc0
server: don't allow disabled users to access the api
2015-09-25 15:47:42 -07:00
Joe Bowers
60a36e2c2e
server,db: flag for disabling user login
2015-09-25 14:25:06 -07:00
Giulio Iotti
472e4a02a4
*: Remove unnecessary else statements
...
Whenever it makes the code easier to follow, use early return to
avoid else statements.
2015-09-04 22:45:32 +03:00
bobbyrullo
0ec24a17bd
Merge pull request #104 from bobbyrullo/flags_are_good
...
cmd,server,static/html: Configurable name, logo
2015-09-02 18:00:58 -07:00
Bobby Rullo
f1820cda14
cmd,server,static/html: Configurable name, logo
...
fixes #47
2015-09-02 18:00:28 -07:00
Yifan Gu
44c6cb44f5
refresh: bcrypt raw bytes rather than base64 encoded string.
...
This enables us to control the length of the bytes that will be bcrypted,
by default it's 64.
Also changed the token's stored form from string('text') to []byte('bytea')
and added some test cases for different types of invalid tokens.
2015-09-02 14:23:20 -07:00
Yifan Gu
93a0830ae0
server: check scope in requests.
...
Require 'openid' in scope for all requests.
Require 'offline_access' for returning refresh token.
2015-08-31 13:51:59 -07:00
Yifan Gu
066fd859ec
session: add 'scope' field in session.
2015-08-31 13:51:59 -07:00
Bobby Rullo
d0c199b62c
cmd, server: base64 encode multiple secrets
...
Two things here:
* key secrets are now base64 encoded strings, so we get the full key
space
* we can pass >1 of them in so we can rotate them
2015-08-26 10:43:24 -07:00
Bobby Rullo
66fe201c24
*: move original project to dex
2015-08-18 11:26:57 -07:00