authserver.git
8 years agoadd some links back to the top page so we don't get stuck on subpages
Robert Kaiser [Mon, 14 Nov 2016 21:01:44 +0000 (22:01 +0100)]
add some links back to the top page so we don't get stuck on subpages

8 years agoadd a comment for debugging - we may want to add an insecure local domain name for...
Robert Kaiser [Mon, 14 Nov 2016 21:00:57 +0000 (22:00 +0100)]
add a comment for debugging - we may want to add an insecure local domain name for testing temporarily

8 years agomake the JS compatible with older IE versions, though this is a hack that hardcodes...
Robert Kaiser [Mon, 14 Nov 2016 20:59:56 +0000 (21:59 +0100)]
make the JS compatible with older IE versions, though this is a hack that hardcodes unrelated class names

8 years agoset some security flags recommended by the Mozilla Observatory
Robert Kaiser [Wed, 2 Nov 2016 21:15:06 +0000 (22:15 +0100)]
set some security flags recommended by the Mozilla Observatory

8 years agomake rewrites actually work correctly so that even for JSON we do not have to supple...
Robert Kaiser [Sat, 29 Oct 2016 18:04:19 +0000 (20:04 +0200)]
make rewrites actually work correctly so that even for JSON we do not have to supple the .php ending

8 years agosuppress error as result will be fine
Robert Kaiser [Sat, 29 Oct 2016 17:18:31 +0000 (19:18 +0200)]
suppress error as result will be fine

8 years agocreate an API to retrieve emails and set new clients, add very rudimentary client...
Robert Kaiser [Sat, 29 Oct 2016 16:29:39 +0000 (18:29 +0200)]
create an API to retrieve emails and set new clients, add very rudimentary client management so master clients for the systems can be set, auto-authorize email scope, allow refresh tokens, give them 90 days validity

8 years agoremove the saved redirect when it's being used, always accept email scope
Robert Kaiser [Fri, 28 Oct 2016 18:56:13 +0000 (20:56 +0200)]
remove the saved redirect when it's being used, always accept email scope

8 years agosecure token requests
Robert Kaiser [Fri, 28 Oct 2016 17:12:54 +0000 (19:12 +0200)]
secure token requests

8 years agomake login on authorize actually work and redirect back to the authorize form after...
Robert Kaiser [Fri, 28 Oct 2016 17:08:02 +0000 (19:08 +0200)]
make login on authorize actually work and redirect back to the authorize form after login

8 years agocheck session and login in authorize request
Robert Kaiser [Fri, 28 Oct 2016 15:44:49 +0000 (17:44 +0200)]
check session and login in authorize request

8 years agomove session init into utils, re-fetch session after login
Robert Kaiser [Fri, 28 Oct 2016 15:42:57 +0000 (17:42 +0200)]
move session init into utils, re-fetch session after login

8 years agofirst step in making the authorize target work correctly, move check for secure conne...
Robert Kaiser [Fri, 28 Oct 2016 01:18:07 +0000 (03:18 +0200)]
first step in making the authorize target work correctly, move check for secure connection into utils

8 years agolog failures and some other actions
Robert Kaiser [Thu, 27 Oct 2016 00:54:33 +0000 (02:54 +0200)]
log failures and some other actions

8 years agoactually use the on-disk site-specific nonce to 'pepper' passwords before hashing...
Robert Kaiser [Wed, 26 Oct 2016 23:49:06 +0000 (01:49 +0200)]
actually use the on-disk site-specific nonce to 'pepper' passwords before hashing so that stealing the database won't even reveal weak passwords

8 years agoconvert AuthUtils to a non-static class and instantiate it as an object, support...
Robert Kaiser [Wed, 26 Oct 2016 23:18:24 +0000 (01:18 +0200)]
convert AuthUtils to a non-static class and instantiate it as an object, support site-wide nonces in settings

8 years agomove password functions into utils class
Robert Kaiser [Wed, 26 Oct 2016 22:32:28 +0000 (00:32 +0200)]
move password functions into utils class

8 years agomove helper functions to an abstract class
Robert Kaiser [Wed, 26 Oct 2016 21:28:16 +0000 (23:28 +0200)]
move helper functions to an abstract class

8 years agomake password reset work and verify timecodes
Robert Kaiser [Wed, 26 Oct 2016 20:17:37 +0000 (22:17 +0200)]
make password reset work and verify timecodes

8 years agomake password change work and add a time-based code to our forms (still needs to...
Robert Kaiser [Mon, 24 Oct 2016 20:58:24 +0000 (22:58 +0200)]
make password change work and add a time-based code to our forms (still needs to be verified)

8 years agomake creating users and verifying emails actually work
Robert Kaiser [Mon, 24 Oct 2016 16:29:31 +0000 (18:29 +0200)]
make creating users and verifying emails actually work

8 years agorequire JS, set cookies, make parts of login flow work
Robert Kaiser [Mon, 24 Oct 2016 01:58:00 +0000 (03:58 +0200)]
require JS, set cookies, make parts of login flow work

8 years agosome steps to get an actual authentication going, consolidate includes, put DB config...
Robert Kaiser [Sun, 23 Oct 2016 19:04:55 +0000 (21:04 +0200)]
some steps to get an actual authentication going, consolidate includes, put DB configuration into /etc to not expose password

8 years agoadd example files to auth server
Robert Kaiser [Fri, 30 Sep 2016 14:46:09 +0000 (16:46 +0200)]
add example files to auth server