| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | {auth,ws}.go: Remove unnecessary TODOs | Runxi Yu | 4 days | 1 | -5/+0 |
| | | |||||
| * | auth.go: Add TODO about INSERT | Runxi Yu | 4 days | 1 | -0/+7 |
| | | |||||
| * | utils.go, auth.go: Rename random to randomBytes | Runxi Yu | 5 days | 1 | -2/+2 |
| | | |||||
| * | *: Change license to AGPL-3.0-or-later | Runxi Yu | 5 days | 1 | -21/+11 |
| | | |||||
| * | auth.go, config.go, cca.scfg.example: Issue expiring cookies | Runxi Yu | 5 days | 1 | -2/+7 |
| | | |||||
| * | {auth,index,ws}.go, schema.sql: Move session cookie into the user table | Runxi Yu | 5 days | 1 | -19/+6 |
| | | | | | | | | One user shall only have one session at a time. This reduces the possibility of strange race conditions and simplifies the code a lot. References: https://todo.sr.ht/~runxiyu/cca/4 | ||||
| * | auth.go: Document why we use a hybrid auth flow | Runxi Yu | 6 days | 1 | -1/+12 |
| | | |||||
| * | *.go: Wrap errors | Runxi Yu | 10 days | 1 | -9/+9 |
| | | |||||
| * | auth.go: Use contexts in getAccessToken | Runxi Yu | 10 days | 1 | -3/+8 |
| | | |||||
| * | {auth,index,ws}.go: Add contexts for database calls | Runxi Yu | 10 days | 1 | -6/+7 |
| | | |||||
| * | auth.go: Close PostForm response body | Runxi Yu | 11 days | 1 | -0/+1 |
| | | |||||
| * | auth.go: Fix json tag, should be access_token not accessToken | Runxi Yu | 11 days | 1 | -1/+1 |
| | | |||||
| * | auth.go: Fix grant_type=authorization_code | Runxi Yu | 11 days | 1 | -1/+1 |
| | | | | | I accidentally changed it to authorizationCode during linting | ||||
| * | *.go: Linting | Runxi Yu | 11 days | 1 | -80/+80 |
| | | |||||
| * | {utils,auth,index,ws}.go: Handle errors in random number generation | Runxi Yu | 11 days | 1 | -4/+11 |
| | | |||||
| * | auth.go: Remove unnecessary fmt.Sprintf | Runxi Yu | 12 days | 1 | -1/+1 |
| | | |||||
| * | auth.go, ws.go: Update comments | Runxi Yu | 12 days | 1 | -2/+5 |
| | | |||||
| * | auth.go: Use && instead of nested if statement | Runxi Yu | 2024-09-11 | 1 | -14/+12 |
| | | |||||
| * | *.go: Shorter line lengths | Runxi Yu | 2024-09-09 | 1 | -3/+9 |
| | | |||||
| * | *.go: Add comments | Runxi Yu | 2024-09-09 | 1 | -2/+40 |
| | | |||||
| * | *.go: Simplify error messages and reformat | Runxi Yu | 2024-09-08 | 1 | -30/+29 |
| | | |||||
| * | auth.go: Expand staff departments | Runxi Yu | 2024-09-07 | 1 | -2/+2 |
| | | |||||
| * | *: Call Graph API for department information | Runxi Yu | 2024-09-07 | 1 | -9/+102 |
| | | | | | | | | | | | | | I am using a hybrid flow with "id_token" for OpenID Connect and "code" for an Authorization Code. I would use "token" too but that doesn't seem to be supported for standard web-apps and could result in strange session-hijacking issues. We still need PKCE sometime in the future; however it's not a priority: the worst attack someone could pull off is to use a different user's Authorization Code and steal a Department, which probably isn't too big of a deal as the Authorization Code should be secret anyways. | ||||
| * | *: Basic authentication and templates | Runxi Yu | 2024-09-07 | 1 | -0/+215 |
| These are imported from FBFP and slightly modified to be specific to YKPS (while not being hard to port to other environments that use APIs that use OAUTH 2.0). Some code is also simplified. Database code still needs an audit, and things are not tested yet. | |||||
 |
index : test.git | |
| Random test repo | Runxi Yu |
| aboutsummaryrefslogtreecommitdiff |