Raymond Feng
533daf4040
Remove oauth2 models as they will be packaged in a separate module
2014-03-11 22:37:54 -07:00
Raymond Feng
89aa3595f5
Set the correct status code for User.login
...
See https://github.com/strongloop/loopback/issues/118
2014-02-28 13:19:52 -08:00
Doug Toppin
42c9777de3
using base64 caused an occasional token string to contain '+' which resulted in a space being embedded in the token. 'hex' should always produce a url safe string for the token.
2014-02-25 22:14:32 -05:00
Doug Toppin
2f301e315a
Sending email was missing the from field
2014-02-23 21:08:13 -05:00
Raymond Feng
46b579dc4a
Make sure User/AccessToken relations are set up by default
...
User.login assumes the relation User.accessTokens exists
2014-02-14 10:31:30 -08:00
Raymond Feng
618b563c6e
Use hex encoding for application ids/keys
...
base64 encoded ids/keys are not friendly for urls
2014-02-07 11:14:01 -08:00
Raymond Feng
592f3f9278
Make sure the configured ACL submodel is used
2014-02-03 16:00:01 -08:00
Miroslav Bajtoš
c36e20587e
Merge pull request #163 from strongloop/feature/include-user-in-login-result
...
Include user in login result
2014-01-30 10:24:14 -08:00
Raymond Feng
c711b99b8a
Merge pull request #154 from strongloop/feature/debug-login-error
...
Add debug information for user.login
2014-01-30 10:13:26 -08:00
Miroslav Bajtoš
d6f0b5f5a6
Add `include=user` param to `User.login`
...
Allow LB clients to get details of the currently logged-in user
as part of the login response.
Improve method's `description` to mention this new option.
2014-01-30 18:09:54 +01:00
Miroslav Bajtoš
03cb2f0556
Describe `access_token` param of `User.logout`
...
Add an explicit note that clients are not supposed to send the
`access_token` parameter, since it is extracted from request
headers.
2014-01-30 18:09:54 +01:00
Raymond Feng
57796a41cd
Remove the generated flag for access token id
...
The generated flag is used to indicate if the id is automatically generated
by the backend store. If it's set, the data type will be updated when the
model is attached to a datasource.
The AccessToken model defines a string id, which is set in the beforeCreate
hook. So it's client provided id.
2014-01-30 09:02:12 -08:00
Raymond Feng
938cafeb77
Remove message prefix as debug will print it
2014-01-27 14:47:48 -08:00
Raymond Feng
c35f762d4e
Add debug information for user.login
2014-01-27 14:31:38 -08:00
Miroslav Bajtoš
20766e251a
Add loopback.compat to simplify upgrade to 1.6
...
Add a compatibility layer that allows applications based on LB pre-v1.6
to work with 1.6 versions with a minimum amount of changes required.
New flag(s):
compat.usePluralNamesForRemoting
2014-01-27 10:29:57 +01:00
Miroslav Bajtoš
8bb8861ba1
Register exported models using singular names
...
Remove the inconsistency between model names used by LoopBack app and
datasource-juggler (modelName, e.g. User) and the name used by
strong-remoting (pluralModelName, e.g. Users).
This way the class name in the strong-remoting metadata can be used
by client-code generators. Before this change, the generators would
produce method names like `Users.login`.
2014-01-27 10:29:57 +01:00
Miroslav Bajtoš
54bff35fef
User: use User.http.path
...
Use the new property introduced by a recent change in
loopback-datasource-juggler instead of building the URL
manually from pluralModelName.
2014-01-27 10:29:57 +01:00
Raymond Feng
5586c54c49
Fix the Role ref to RoleMapping
2014-01-23 15:04:48 -08:00
Raymond Feng
224b500c3a
Fix the Scope reference to models
2014-01-23 14:46:02 -08:00
Raymond Feng
bb389ce209
Lookup the email model
2014-01-23 14:40:27 -08:00
Raymond Feng
bcc7e68e0e
Add lookback.getModelByType() and use it resolve model deps
2014-01-23 14:39:27 -08:00
Raymond Feng
a6ff22c9c1
Make sure defaultPermission is checked
2014-01-16 15:05:10 -08:00
Raymond Feng
7212ebe805
Remove the dangling require
2014-01-16 09:12:52 -08:00
Raymond Feng
d8647bb3c1
Make ACL model subclassing friendly
2014-01-16 08:50:50 -08:00
Raymond Feng
c8eb5d9170
Make sure methods are called in the context of the calling class
2014-01-14 15:34:44 -08:00
Ritchie Martori
9fc8e197ee
Start to move md to jsdoc
2014-01-14 10:03:47 -08:00
Ritchie Martori
6bb0ba2d95
Add missing assert in user model
2014-01-10 10:07:39 -08:00
Ritchie
fcc4bba82d
Add reference documentation using sdocs
2013-12-19 17:49:47 -08:00
Raymond Feng
a47317de0d
Update README for application model
2013-12-19 13:42:12 -08:00
Ritchie Martori
16b790a93a
Merge pull request #102 from strongloop/fix/user
...
Various Fixes and Behavioral Changes to the User Model
2013-12-18 21:34:30 -08:00
Raymond Feng
ac2f4de9d3
Remove the default values for gateway/port
2013-12-18 12:28:48 -08:00
Raymond Feng
598b1e6b61
Reformat the code using 2 space identation
2013-12-18 11:49:09 -08:00
Raymond Feng
95ad3e8c04
Allow cert/key data to be shared by push/feedback
2013-12-18 10:58:34 -08:00
Ritchie Martori
98ed38302a
Logout now automatically pulls the accessToken from the request
2013-12-17 21:22:05 -08:00
Ritchie Martori
939df463fe
Fix tests depending on old behavior of default User ACLs
2013-12-17 21:10:05 -08:00
Ritchie Martori
3152960336
Add default user ACLs
2013-12-17 20:42:28 -08:00
Miroslav Bajtoš
d09e3225cd
Define schema for GCM push-notification settings
...
Remove unused property PushNotificationSettingSchema.platform.
Flatten GCM settings schema. There is no need to distinquish between
pushOptions and feedback, as there is only single HTTP channel shared
by both.
2013-12-17 18:44:13 +01:00
Ritchie Martori
0794f141c1
Improve debug statements for access control
2013-12-16 18:12:13 -08:00
Ritchie Martori
b62b8fa47d
Fix user not allowed to delete itself if user
...
**Note: the only code required for the fix is in role.js:203**. The
other changes are to help organize debug output.
2013-12-11 19:15:19 -08:00
Ritchie Martori
ad58a8ec13
Only look at cookies if they are available
2013-12-11 16:43:23 -08:00
Raymond Feng
0f86f69880
Remove the empty comment and set default token
2013-12-11 16:21:37 -08:00
Raymond Feng
97dc0aa441
Refactor to the code use wrapper classes
...
Add AccessContext, Principal, and AccessRequest
Add debug information
2013-12-11 16:03:48 -08:00
Raymond Feng
178674ec9a
Enhance getRoles() to support smart roles
2013-12-11 09:06:21 -08:00
Raymond Feng
82eeaeee6b
Fix the algorithm for Role.isInRole and ACL.checkAccess
2013-12-10 23:33:57 -08:00
Ritchie Martori
4560ec0964
Various ACL fixes
2013-12-10 21:49:18 -08:00
Ritchie Martori
b0f51e20f7
Add user default ACLs
2013-12-10 19:43:59 -08:00
Ritchie Martori
dfcb43e613
Allow requests without auth tokens
2013-12-10 15:57:55 -08:00
Raymond Feng
7f51c28539
Fix the ACL resolution against rules by matching score
2013-12-09 15:26:53 -08:00
Ritchie Martori
af2b8dd4ff
Merge feature/password-reset
2013-12-06 17:35:14 -08:00
Ritchie Martori
216fee3015
Add access type checking
2013-12-06 17:04:47 -08:00
Ritchie Martori
2f9403016c
Initial auth implementation
2013-11-22 12:26:59 -08:00
Ritchie Martori
e92c46a4e4
Add password reset
2013-11-20 14:20:47 -08:00
Raymond Feng
344c74297c
Add unauthenticated role
2013-11-20 13:43:02 -08:00
Raymond Feng
bee8a3b022
Add checkAccess for subject and token
2013-11-20 13:43:01 -08:00
Raymond Feng
2c7c5fc7ec
Start to support smart roles such as owner
2013-11-20 13:43:01 -08:00
Ritchie Martori
da0545bed6
Initial auto wiring for model dataSources
2013-11-18 16:13:40 -08:00
Raymond Feng
44dfe34647
Allow ACLs for methods/relations
2013-11-15 10:08:49 -08:00
Raymond Feng
8381b05da1
Allows LDL level ACLs
2013-11-15 09:41:26 -08:00
Raymond Feng
8e679d0927
Fix the permission resolution
2013-11-14 21:19:57 -08:00
Raymond Feng
cc7560b258
Simplify check permission
2013-11-14 21:19:57 -08:00
Raymond Feng
94f12d0fce
Fix the permission check
2013-11-14 21:19:57 -08:00
Raymond Feng
be3c40c3d3
Add oauth2 related models
2013-11-14 21:19:56 -08:00
Raymond Feng
be32341467
Add a stub to register role resolvers
2013-11-14 21:19:56 -08:00
Raymond Feng
660ef89755
Merge ScopeACL into ACL
2013-11-14 21:19:56 -08:00
Raymond Feng
0430cd2ae3
Add tests for isInRole and getRoles
2013-11-14 21:19:56 -08:00
Raymond Feng
c3a1a85159
Add constants and more tests
2013-11-14 21:19:56 -08:00
Raymond Feng
48a0242711
Define the models/relations for ACL
2013-11-14 21:19:56 -08:00
Raymond Feng
67b934357b
Start to build the ACL models
2013-11-14 21:19:56 -08:00
Raymond Feng
492aca7724
Update acl/role models
2013-11-14 21:19:56 -08:00
Raymond Feng
f9849454e9
Update ACL model
2013-11-14 21:19:09 -08:00
Ritchie Martori
1de2a40e88
Update AccessToken and User relationship
...
- Add created default
- Default TTLs for user login access tokens
- Break out User / AccessToken relationship
2013-11-14 19:41:29 -08:00
Ritchie Martori
efce5039f6
Added AccessToken created property
2013-11-14 16:47:24 -08:00
Ritchie Martori
1bb95607b9
Update session / token documentation
2013-11-14 15:42:37 -08:00
Ritchie Martori
64d8ff986b
Add loopback.token() middleware
2013-11-14 13:01:47 -08:00
Ritchie
77a137eca6
Rename Session => AccessToken
2013-11-14 10:05:13 -08:00
Ritchie Martori
77e842d2a3
Fix bundle model name casing
2013-11-11 13:35:54 -08:00
Raymond Feng
a00645dd83
Merge pull request #53 from strongloop/apns
...
Update Application model for the push notification
2013-11-06 11:50:56 -08:00
Raymond Feng
e5a28b96ac
Clean up the model
2013-10-23 13:25:50 -07:00
Ritchie Martori
a3f1d8d944
Refactor email model into mail connector
2013-10-14 10:54:55 -07:00
Raymond Feng
bfffd839a7
Update Application model for the push notification
2013-10-11 13:56:26 -07:00
Ritchie Martori
137f12977f
Fix missing assert module
2013-10-11 13:49:04 -07:00
Raymond Feng
858ec8714d
Fix the id and property access
2013-10-04 15:53:02 -07:00
Ritchie
159eb0076c
Use a pure JS bcrypt
2013-09-12 12:09:43 -07:00
Raymond Feng
8784eb52cb
Update the internal prefix
2013-08-30 16:52:27 -07:00
Raymond Feng
534cc4af2f
Use findById to look up the instance by id
2013-08-16 22:11:58 -07:00
Raymond Feng
e8ac3a960f
Update the list of shared methods
2013-08-16 16:39:13 -07:00
Raymond Feng
d94bca9134
Make sure User.setup calls Model.setup to support shared ctor
2013-08-15 16:59:16 -07:00
Raymond Feng
0d405d4292
Rename 'loopback-data' to 'loopback-datasource-juggler'
2013-07-30 14:26:49 -07:00
Ritchie Martori
423b4f2157
Fix login query
2013-07-28 14:33:13 -07:00
Ritchie Martori
7f1e88e816
Implement required and update invlaid id schemas
2013-07-28 13:20:55 -07:00
Ritchie Martori
89f65d792f
Clean up log out methods
2013-07-28 10:08:06 -07:00
Ritchie
755b54f697
Fix hasMany / relational methods. Update docs.
2013-07-25 15:27:18 -07:00
Ritchie
8a7086be5c
Add root true to remote methods
2013-07-24 17:21:15 -07:00
Raymond Feng
da1cd6739b
Add more docs and apis to application model
2013-07-22 11:15:02 -07:00
Raymond Feng
836df227c6
Add more functions and tests for Application model
2013-07-18 11:44:25 -07:00
Ritchie
a2308cbc1c
Merge 0.9 into master
2013-07-17 14:08:14 -07:00
Ritchie Martori
d128ed4386
Remove remote option object
2013-07-16 12:51:59 -07:00
Raymond Feng
1970f12988
Rename jugglingdb to loopback-data
2013-07-16 12:03:41 -07:00
Raymond Feng
1cf4338298
Rename jugglingdb to loopback-data
2013-07-16 11:52:21 -07:00
Raymond Feng
2f773115fe
rename asteroid to loopback
2013-07-16 11:02:06 -07:00