Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/okupy/accounts
Commit message (Collapse)AuthorAgeFilesLines
* move password and email settings to another pagePavlos Ratis2013-09-043-14/+86
|
* add support for user settingsPavlos Ratis2013-09-013-8/+246
| | | | | | | | | | | | | | | | | | | Basic setting pages that allow users to edit easily their LDAP attributes via web forms. Settings: * Profile settings (first name , last name, email , timezone, birthday, * passwords) * Contact settings (website, IM , GPG fingerprint, location, longitude, latitude) * Gentoo settings (mentors, developer bug, join date, retire date, ssh key) Notes: * Currently settings work only with single values and not * listfields. * Timezone needed for OpenID (cc: @mgorny) * Gentoo Account Settings page is available for everyone.(testing purposes)
* Add tests for ldapuser and get_bound_ldapuserTheo Chatzimichos2013-08-281-3/+0
|
* Fix flake8 errorsTheo Chatzimichos2013-08-264-27/+30
|
* switch back to non-relative imports, they proved to be confusingTheo Chatzimichos2013-08-256-24/+25
|
* Move OkupyError to okupy/__init__Theo Chatzimichos2013-08-251-1/+1
|
* Store SSH handler list in settings.Michał Górny2013-08-251-5/+1
|
* Support authentication using SSH.Michał Górny2013-08-252-0/+38
|
* Introduce the concept of auth handlers.Michał Górny2013-08-251-0/+8
| | | | | Somehow similar to views. We pass command and its arguments as username, the thing splits it and looks for handler for the command.
* Switch ciphers to output urlsafe base64.Michał Górny2013-08-211-1/+1
|
* Move crypto-related stuff to okupy.crypto.Michał Górny2013-08-213-4/+4
|
* Move RevokedToken to common and make it more universal.Michał Górny2013-08-211-3/+3
|
* Move session ID encryption, decryption & validation to SessionRefCipher.Michał Górny2013-08-212-29/+8
|
* ssl_auth: check decrypted session ID validity.Michał Górny2013-08-202-10/+12
| | | | | | Before putting encrypted session ID in the form, we place it in session. Therefore, we can easily check if given session ID was valid by confirming that it's in the session, and it is the same.
* SSL auth: decrypt session ID in forms cleanup.Michał Górny2013-08-202-4/+14
| | | | Also, raise ValidationError for broken ciphertext.
* Add @anonymous_required decoratorTheo Chatzimichos2013-08-191-1/+3
|
* Improvements in signup/activate views:Theo Chatzimichos2013-08-191-15/+24
| | | | | | Use .latest() for getting the max uidNumber Add all needed LDAP attributes Other minor improvements
* Remove try/except block, ldap connection check is performed alreadyTheo Chatzimichos2013-08-191-6/+1
|
* check if the passwords match in form.is_valid()Theo Chatzimichos2013-08-192-3/+8
|
* Revoke OTP tokens in views rather than backends.Michał Górny2013-08-191-0/+8
| | | | | | Since we use a single revoked token database, we should also revoke each input once. When revocation was done in models, the second backend would always hit the token already revoked. Instead, revoke them in views.
* login: ask only for password when upgrading auth.Michał Górny2013-08-192-5/+21
|
* login: give a proper info() message when asking for strong auth.Michał Górny2013-08-191-7/+10
|
* Merge pull request #69 from mgorny/otp-ldapTheo Chatzimichos2013-08-191-5/+7
|\ | | | | Proper bind for OTP setup
| * Bind properly for *OTP setup.Michał Górny2013-08-181-5/+7
| |
* | update models with the new attributesPavlos Ratis2013-08-181-5/+8
|/ | | | | | | New attributes: 1) gentooPlanetFeed - Link to developer's rss feed to planet(future use) 2) gentooUniverseFeed - Link to developer's rss feed to universe(future use) 3) website - User's website, weblog, etc.
* rename accounts_lists view to listsPavlos Ratis2013-08-182-4/+4
|
* add url tag to templatesPavlos Ratis2013-08-181-5/+5
| | | | | Using url tag the templates become more portable and respect the DRY principle.
* Merge pull request #66 from mgorny/otp-ldapTheo Chatzimichos2013-08-172-2/+3
|\ | | | | Use LDAP as secret backend for OTP.
| * Use LDAP as secret backend for OTP.Michał Górny2013-08-182-2/+3
| |
* | Merge pull request #63 from dastergon/improve_lists_viewTheo Chatzimichos2013-08-172-16/+14
|\ \ | |/ |/| Improved and added per-view caching on lists
| * add per-view caching on listsPavlos Ratis2013-08-171-0/+2
| | | | | | | | | | Added a per-view caching to lists which reliefs server from HTTP requests and improves performance.
| * improved dev lists viewPavlos Ratis2013-08-172-16/+12
| | | | | | | | | | Improved lists view by replacing class-based view to a more flexible view suggested by tampakrap and mgorny.
* | Add @strong_auth_required decorator.Michał Górny2013-08-171-2/+7
| | | | | | | | And support re-login with @strong_auth_required.
* | Reuse @require_POST decorator from django.Michał Górny2013-08-171-4/+2
| |
* | OpenID: make nonce creation atomic.Michał Górny2013-08-171-6/+8
| | | | | | | | | | get_or_create() is pointless, non-atomic thing. Instead, just try to create the nonce and catch IntegrityError.
* | Fix handling timedeltas in use_nonce().Michał Górny2013-08-171-1/+1
| |
* | Merge pull request #61 from mgorny/openid-auto-logoutTheo Chatzimichos2013-08-172-5/+26
|\ \ | | | | | | OpenID auto logout
| * | OpenID: always enable auto-logout for SSL cert auth.Michał Górny2013-08-141-0/+6
| | |
| * | OpenID: add 'auto logout' option.Michał Górny2013-08-142-5/+20
| |/ | | | | | | | | That is, make it possible to automatically logout after sending OpenID response.
* | Replace get_ldap_connection with LDAPUserTheo Chatzimichos2013-08-171-47/+27
| |
* | Add support for secondary passwordPavlos Ratis2013-08-171-2/+15
|/ | | | | | Using OkupyCipher I generate a new random secondary password and I add it to the session. This feature improves user experience and prevents user from submitting password all time.
* Move SSL verification into a dedicated backend.Michał Górny2013-08-121-28/+7
|
* SSL auth: authenticate directly into session.Michał Górny2013-08-123-40/+66
| | | | | | Do not use dedicated tokens. Instead pass the encrypted session identifier and write the authentication results directly into the current session.
* Merge pull request #47 from dastergon/prof_page_ldapdbTheo Chatzimichos2013-08-121-35/+2
|\ | | | | Use LDAPUser and ldapdb in profile page
| * use LDAPUser and ldapdb in profile pagePavlos Ratis2013-08-081-35/+2
| | | | | | | | | | | | Currently I am using anon LDAP queries to parse data. In the future when we will implement a secondary password I'll add user LDAP queries.
* | Support SOTP recovery keys.Michał Górny2013-08-091-0/+18
| |
* | Support displaying QRCode for TOTP URI.Michał Górny2013-08-092-1/+17
| |
* | Introduce 'otp-setup', to set TOTP up.Michał Górny2013-08-092-0/+44
| |
* | Introduce a dummy token input.Michał Górny2013-08-092-12/+40
| |
* | Introduce initial code for two-phase auth support.Michał Górny2013-08-091-4/+9
| | | | | | | | | | | | | | This commit adds a simple NoOTPDevice model that currently serves the purpose of responding successfully to any request. The login view has been extended with proper OTP device setup and initial verification support.