Allow convenient URLs for curl and browsers such as:
- http://some-long-token@localhost:3000/
- http://token:some-long-token@localhost:3000/
Basic Auth specifies a 'Basic' scheme for the Authorization header
similar to how OAuth specifies 'Bearer' as an auth scheme.
Following a similar convention, extract the access token from the
Authorization header when it specifies the 'Basic' scheme, assuming
it is the larger of the <user>:<pass> segments.
2.10.1
* Optimize the creation of handlers for rest (Raymond Feng)
* Add a link to gitter chat (Raymond Feng)
* Added context middleware (Rand McKinney)
* Use User.remoteMethod instead of loopbacks method This is needed for loopback-connector-remote authorization. Addresses https://github.com/strongloop/loopback/issues/622. (Berkeley Martinez)
2.10.0
* Revert the peer dep change to avoid npm complaints (Raymond Feng)
* Update strong-remoting dep (Raymond Feng)
* Allow accessType per remote method (Raymond Feng)
* API and REST tests added to ensure complete and valid credentials are supplied for verified error message to be returned - tests added as suggested and fail under previous version of User model - strongloop/loopback#931 (Ron Edgecomb)
* Require valid login credentials before verified email check. - strongloop/loopback#931. (Ron Edgecomb)
2.8.8
* Fix context middleware to preserve domains (Pham Anh Tuan)
* Additional password reset unit tests for API and REST - strongloop/loopback#944 (Ron Edgecomb)
* Small formatting update to have consistency with identical logic in other areas. - strongloop/loopback#944 (Ron Edgecomb)
* Simplify the API test for invalidCredentials (removed create), move above REST calls for better grouping of tests - strongloop/loopback#944 (Ron Edgecomb)
* Force request to send body as string, this ensures headers aren't automatically set to application/json - strongloop/loopback#944 (Ron Edgecomb)
* Ensure error checking logic is in place for all REST calls, expand formatting for consistency with existing instances. - strongloop/loopback#944 (Ron Edgecomb)
* Correct invalidCredentials so that it differs from validCredentialsEmailVerified, unit test now passes as desired. - strongloop/loopback#944 (Ron Edgecomb)
* Update to demonstrate unit test is actually failing due to incorrect values of invalidCredentials - strongloop/loopback#944 (Ron Edgecomb)
* fix jscs warning (Clark Wang)
* fix nestRemoting is nesting hooks from other relations (Clark Wang)
When executing a request using a pooled connection, connectors
like MongoDB and/or MySQL rebind callbacks to the domain which
issued the request, as opposed to the domain which opened the pooled
connection.
This commit fixes the context middleware to play nicely with that
mechanism and preserve domain rebinds.
Ritchie Martori
Ryan Graham
Raymond Feng
Raymond Feng
Ryan Graham
bitmage
Rand McKinney
Miroslav Bajtoš
Pham Anh Tuan
Berkeley Martinez
Ron Edgecomb