Commit graph

71 commits

Author SHA1 Message Date
James Allen
b556d57f40 Remove missed console.log debugging lines in AuthenticationController.coffee 2016-03-14 17:11:23 +00:00
James Allen
71ef045728 Implement authorization guards in Authorization{Manager,Controller} 2016-03-14 17:06:57 +00:00
James Allen
3e03164ed4 Remove dead auth_token code 2016-03-10 17:15:14 +00:00
Henry Oswald
c8084406d3 user notifications auto created on login for joinging groups 2016-02-17 16:24:09 +00:00
Henry Oswald
690b195f1a move login success to .json as it sends json over 2016-01-25 17:35:57 +00:00
James Allen
1e8ab5357b Improve pre-registered account activation process 2015-12-11 11:30:06 +00:00
Henry Oswald
7fd29b18a8 destroy users session before creating a new one for them after login
session changed to prevent against fixation attacks
2015-07-01 15:29:02 +01:00
Henry Oswald
665bdcf538 v1 of express4 conversion 2015-07-01 15:17:43 +01:00
Henry Oswald
a7640b5bbd changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist 2015-04-30 11:57:40 +01:00
James Allen
5c30a7de67 Add in option for global login requirement (defaults to on) 2015-04-15 11:14:53 +01:00
James Allen
000f01fbeb Remove unneeded uid module 2015-02-17 11:21:50 +00:00
James Allen
8e13ded360 Regenerate the session id after logging in or registering 2015-02-13 11:18:17 +00:00
Henry Oswald
804bc16bc8 redirect users to /register when coming from templates or share url
redirect to /login when going anywhere else (/project /project/1234)
2014-11-13 17:12:39 +00:00
James Allen
dbd85a05f1 Send user features and features switches to views where needed 2014-10-07 13:31:13 +01:00
Henry Oswald
66ba6e612d Revert "send 401 when login fails"
This reverts commit fb901c6365d37654ba9058f57a71a4e60366688e.
2014-08-08 10:21:17 +01:00
Henry Oswald
7976f2f0fe send 401 when login fails 2014-08-07 16:28:00 +01:00
Henry Oswald
d047d44079 Changed the error messages which are sent down to the client to be translated first
fixed up tests from titles we check when rendering, deleted them as they never
catch anything important, more hastle than they are worth imo.
2014-08-01 14:03:38 +01:00
James Allen
e4d9d03f55 Improve feedback on login/register forms 2014-07-11 17:08:19 +01:00
James Allen
c1afbc66d9 Don't error if user is not logged in when compiling 2014-05-27 12:33:56 +01:00
Henry Oswald
479b37a48c null check user when getting user id from session 2014-04-02 15:56:54 +01:00
James Allen
8715690ce9 Intial open source comment 2014-02-12 10:23:40 +00:00