Ryan Graham
fbb091e3b3
Extend AccessToken to parse Basic auth headers
...
Allow convenient URLs for curl and browsers such as:
- http://some-long-token@localhost:3000/
- http://token:some-long-token@localhost:3000/
Basic Auth specifies a 'Basic' scheme for the Authorization header
similar to how OAuth specifies 'Bearer' as an auth scheme.
Following a similar convention, extract the access token from the
Authorization header when it specifies the 'Basic' scheme, assuming
it is the larger of the <user>:<pass> segments.
2015-01-15 22:53:09 -08:00
Ritchie Martori
e0e9d6ecff
Merge pull request #943 from BerkeleyTrue/refactor/user-remote-method
...
Use User.remoteMethod instead of loopbacks method
2015-01-13 10:20:43 -08:00
Raymond Feng
f5eac871fd
Merge branch 'master' of https://github.com/greaterweb/loopback into greaterweb-master
2015-01-07 16:35:00 -08:00
Raymond Feng
90fd62ec0a
Merge pull request #941 from strongloop/feature/workaround-issue-251
...
Allow User.hashPassword/validatePassword to be overridden
2015-01-07 14:01:03 -08:00
Raymond Feng
b7db9808b2
Allow User.hashPassword/validatePassword to be overridden
...
See https://github.com/strongloop/loopback/issues/251
2015-01-06 16:03:30 -08:00
Berkeley Martinez
4fc07fe125
Use User.remoteMethod instead of loopbacks method
...
This is needed for loopback-connector-remote authorization.
Addresses https://github.com/strongloop/loopback/issues/622 .
2015-01-06 08:18:57 -08:00
Ron Edgecomb
dc055e5559
Require valid login credentials before verified email check.
...
- strongloop/loopback#931 .
2015-01-05 18:40:59 -05:00
Ritchie Martori
270dfc2603
Merge pull request #955 from alFReD-NSH/checkpoint-leak
...
Fix Change.getCheckpointModel() giving new models each call
2015-01-05 09:40:29 -08:00
Clark Wang
2f9400fc87
fix User.settings.ttl can't be overridden in sub model
...
Signed-off-by: Clark Wang <clark.wangs@gmail.com>
2014-12-28 16:02:37 +08:00
Farid Neshat
d5d7ecd0bb
Fix Change.getCheckpointModel() giving new models each call
...
This was a huge memory leak in our app...
2014-12-27 23:48:56 +08:00
Raymond Feng
cb2f40bb86
Fix bcrypt issues for browserify
2014-12-08 14:59:21 -08:00
Raymond Feng
1e932e72ed
Allow native bcrypt for performance
...
See https://github.com/strongloop/loopback/issues/892
2014-12-03 09:03:36 -08:00
Miroslav Bajtoš
a603ffa0f5
AccessToken: optional `options` in findForRequest
...
Fix `AccessToken.findForRequest` to correctly handle the case when
the options argument was omitted:
AccessToken.findForRequest(req, cb);
2014-11-14 10:42:21 +01:00
Miroslav Bajtoš
7c96aec9af
Merge pull request #738 from strongloop/feature/style-cleanup-in-common
...
common: coding style cleanup
2014-11-05 20:07:34 +01:00
Miroslav Bajtoš
d9a426c867
Merge pull request #668 from BerkeleyTrue/fix/dublicateId
...
This fixes duplicate key issue #649
2014-11-05 19:22:22 +01:00
Miroslav Bajtoš
dc762d2514
common: coding style cleanup
2014-11-04 13:52:49 +01:00
Raymond Feng
842d9b0bcd
Fix the jsdoc for User.login
2014-11-03 14:07:19 -08:00
Berkeley Martinez
1ee05eb8a7
Deleted instantiation of new Change model.
...
This PR removes the instantiation of a new change model
as models return from Change.find are already
instances of Change. This solves the duplicate Id issue #649
2014-11-03 13:41:43 -08:00
Miroslav Bajtoš
fec8234c4c
Merge pull request #616 from jpizarrom/master
...
added email custom headers in user verify
2014-10-24 19:51:10 +02:00
Juan Pizarro
4098bec2c6
User: custom email headers in verify
2014-10-24 14:42:49 -03:00
Raymond Feng
b98ada282f
Merge pull request #660 from strongloop/feature/add-realm-support
...
Add realm support
2014-10-24 08:27:28 -07:00
Raymond Feng
46d1430023
Add realm support
2014-10-23 11:10:39 -07:00
Raymond Feng
03b3c3cda4
Merge pull request #680 from arlaneenalra/feature/fix-676
...
Force principalId to be a string in Role.getRoles Fix #676
2014-10-23 08:55:17 -07:00
Miroslav Bajtoš
b57cd3e409
User: fix `confirm` permissions
...
Enable authentication for all User unit-tests to check that the ACLs are
correctly configured.
Fix the rule for `confirm` - the correct permission is `ALLOW`, not
`ACL.ALLOW`.
2014-10-23 13:19:43 +02:00
Chris S
f678107859
Adjust id handling to deal with 0 and null
2014-10-22 11:36:54 -05:00
Chris S
cff0e15936
Force principalId to be a string.
...
Added a defensive check for undefined to avoid problems
when converting to a string.
2014-10-22 10:05:29 -05:00
Rand McKinney
2384c9d841
Fix JSdoc for registerResolver
2014-10-20 14:45:40 -07:00
Miroslav Bajtoš
20026a9d04
Fix places using undefined variables
...
Also enable jshint option "undefined" in order to catch these kind
of errors in the future.
2014-10-15 16:44:00 +02:00
crandmck
2f4a54d93c
Clean up jsdoc comments
...
Add class properties, expose some methods that should have
been documented, etc.
2014-10-15 09:42:24 +02:00
Miroslav Bajtoš
0906a6f5b3
models: move Change LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
6cbc231fba
models: move Checkpoint LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
461ae92c1c
models: move Role LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
e9c86163aa
models: move RoleMapping def into its own files
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
7c01d59d80
models: move ACL LDL def into a json file
2014-10-14 09:04:43 +02:00
Miroslav Bajtoš
ef890d5f26
models: move Scope def into its own files
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
5f20652241
models: move AccessToken LDL def into a json file
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
1e6beabbd2
models: move Application LDL def into a json file
...
Move some of the comments describing properties into jsdoc.
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
551d109a20
models: move Email LDL def into `email.json`
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
920d3be6a3
models: move User LDL def into `user.json`
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
df9fe90d35
Auto-load and register built-in `Checkpoint` model
2014-10-14 08:58:16 +02:00
Raymond Feng
242b44ed2b
Skip static ACL entries that don't match the property
2014-10-13 16:45:36 -07:00
Miroslav Bajtoš
1fe0110849
Dismantle `lib/models`.
...
- Move core models `Model` and `PersistedModel` to `lib/`.
- Move `AccessContext` class to `lib/`, since it is not a model.
- Move all other built-in models to `common/models`.
This is a preparation for extracting model definitions to JSON files.
By splitting the change into multiple commits, git is able to keep track
of file moves (renames).
2014-10-13 12:09:27 +02:00