Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | *.go: Wrap errors | Runxi Yu | 2024-09-26 | 1 | -9/+9 |
| | |||||
* | auth.go: Use contexts in getAccessToken | Runxi Yu | 2024-09-26 | 1 | -3/+8 |
| | |||||
* | {auth,index,ws}.go: Add contexts for database calls | Runxi Yu | 2024-09-26 | 1 | -6/+7 |
| | |||||
* | auth.go: Close PostForm response body | Runxi Yu | 2024-09-24 | 1 | -0/+1 |
| | |||||
* | auth.go: Fix json tag, should be access_token not accessToken | Runxi Yu | 2024-09-24 | 1 | -1/+1 |
| | |||||
* | auth.go: Fix grant_type=authorization_code | Runxi Yu | 2024-09-24 | 1 | -1/+1 |
| | | | | I accidentally changed it to authorizationCode during linting | ||||
* | *.go: Linting | Runxi Yu | 2024-09-24 | 1 | -80/+80 |
| | |||||
* | {utils,auth,index,ws}.go: Handle errors in random number generation | Runxi Yu | 2024-09-24 | 1 | -4/+11 |
| | |||||
* | auth.go: Remove unnecessary fmt.Sprintf | Runxi Yu | 2024-09-23 | 1 | -1/+1 |
| | |||||
* | auth.go, ws.go: Update comments | Runxi Yu | 2024-09-23 | 1 | -2/+5 |
| | |||||
* | auth.go: Use && instead of nested if statement | Runxi Yu | 2024-09-11 | 1 | -14/+12 |
| | |||||
* | *.go: Shorter line lengths | Runxi Yu | 2024-09-09 | 1 | -3/+9 |
| | |||||
* | *.go: Add comments | Runxi Yu | 2024-09-09 | 1 | -2/+40 |
| | |||||
* | *.go: Simplify error messages and reformat | Runxi Yu | 2024-09-08 | 1 | -30/+29 |
| | |||||
* | auth.go: Expand staff departments | Runxi Yu | 2024-09-07 | 1 | -2/+2 |
| | |||||
* | *: Call Graph API for department information | Runxi Yu | 2024-09-07 | 1 | -9/+102 |
| | | | | | | | | | | | | I am using a hybrid flow with "id_token" for OpenID Connect and "code" for an Authorization Code. I would use "token" too but that doesn't seem to be supported for standard web-apps and could result in strange session-hijacking issues. We still need PKCE sometime in the future; however it's not a priority: the worst attack someone could pull off is to use a different user's Authorization Code and steal a Department, which probably isn't too big of a deal as the Authorization Code should be secret anyways. | ||||
* | *: Basic authentication and templates | Runxi Yu | 2024-09-07 | 1 | -0/+215 |
These are imported from FBFP and slightly modified to be specific to YKPS (while not being hard to port to other environments that use APIs that use OAUTH 2.0). Some code is also simplified. Database code still needs an audit, and things are not tested yet. |