| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | index.go, ws.go: Fix race condition surrounding courses | Runxi Yu | 5 days | 1 | -12/+16 |
| | | | | | | | handleIndex and handleConn used to access the courses map without RLock'ing coursesLock, which may cause issues if courses is being written to, by a function such as setupCourses. | ||||
| * | {config,index}.go, cca.scfg.example, style.css, *.html: Link to source | Runxi Yu | 6 days | 1 | -0/+3 |
| | | |||||
| * | *: Change license to AGPL-3.0-or-later | Runxi Yu | 6 days | 1 | -21/+11 |
| | | |||||
| * | index.go: Correct typo | Runxi Yu | 6 days | 1 | -1/+1 |
| | | |||||
| * | {auth,index,ws}.go, schema.sql: Move session cookie into the user table | Runxi Yu | 6 days | 1 | -21/+6 |
| | | | | | | | | One user shall only have one session at a time. This reduces the possibility of strange race conditions and simplifies the code a lot. References: https://todo.sr.ht/~runxiyu/cca/4 | ||||
| * | {auth,index,ws}.go: Add contexts for database calls | Runxi Yu | 10 days | 1 | -3/+2 |
| | | |||||
| * | *.go: Linting | Runxi Yu | 12 days | 1 | -16/+14 |
| | | |||||
| * | {index,utils,ws}.go: Handle write errors | Runxi Yu | 12 days | 1 | -30/+6 |
| | | |||||
| * | {utils,auth,index,ws}.go: Handle errors in random number generation | Runxi Yu | 12 days | 1 | -2/+12 |
| | | |||||
| * | *.go: Add more licenses | Runxi Yu | 2024-09-09 | 1 | -0/+30 |
| | | |||||
| * | *.go: Shorter line lengths | Runxi Yu | 2024-09-09 | 1 | -2/+10 |
| | | |||||
| * | *.go: Add comments | Runxi Yu | 2024-09-09 | 1 | -2/+12 |
| | | |||||
| * | *: Display courses | Runxi Yu | 2024-09-08 | 1 | -0/+1 |
| | | |||||
| * | *.go: Simplify error messages and reformat | Runxi Yu | 2024-09-08 | 1 | -1/+1 |
| | | |||||
| * | *: Basic WebSocket connection may be established now | Runxi Yu | 2024-09-08 | 1 | -0/+1 |
| | | |||||
| * | *: Call Graph API for department information | Runxi Yu | 2024-09-07 | 1 | -1/+3 |
| | | | | | | | | | | | | | I am using a hybrid flow with "id_token" for OpenID Connect and "code" for an Authorization Code. I would use "token" too but that doesn't seem to be supported for standard web-apps and could result in strange session-hijacking issues. We still need PKCE sometime in the future; however it's not a priority: the worst attack someone could pull off is to use a different user's Authorization Code and steal a Department, which probably isn't too big of a deal as the Authorization Code should be secret anyways. | ||||
| * | *: Basic authentication and templates | Runxi Yu | 2024-09-07 | 1 | -0/+103 |
| These are imported from FBFP and slightly modified to be specific to YKPS (while not being hard to port to other environments that use APIs that use OAUTH 2.0). Some code is also simplified. Database code still needs an audit, and things are not tested yet. | |||||
 |
index : test.git | |
| Random test repo | Runxi Yu |
| summaryrefslogtreecommitdiff |