FloatingGhost
b8be8192fb
do not allow non-admins to register tokens with admin scopes
...
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
floatingghost
618cf7ff7f
reuse valid oauth tokens ( #182 )
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/182
2022-08-25 14:37:51 +00:00
FloatingGhost
8d7b63a766
Revert "Fix oauth2 (for real) ( #179 )"
...
This reverts commit aa681d7e15
.
2022-08-21 17:52:02 +01:00
floatingghost
aa681d7e15
Fix oauth2 (for real) ( #179 )
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/179
2022-08-21 16:24:37 +00:00
FloatingGhost
b0130bfa7b
Revert "oauth2 fixes ( #177 )"
...
This reverts commit 429e2ac832
.
2022-08-21 16:22:15 +01:00
floatingghost
429e2ac832
oauth2 fixes ( #177 )
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/177
2022-08-21 14:46:52 +00:00
Alex Gleason
b6a69b5efd
Return token's primary key with POST /oauth/token
2021-03-24 12:50:05 -05:00
Mark Felder
e854c35e65
Convert tests to all use clear_config instead of Pleroma.Config.put
2021-01-26 11:58:43 -06:00
Mark Felder
28581e03ad
Merge branch 'develop' into refactor/deactivated_user_field
2021-01-18 14:58:21 -06:00
Mark Felder
44a86951a3
Merge branch 'develop' into refactor/approval_pending_user_field
2021-01-18 12:05:05 -06:00
Mark Felder
2c0fe2ea9e
Remove toggle_confirmation; require explicit state change
...
Also cosmetic changes to make the code clearer
2021-01-15 13:11:51 -06:00
Mark Felder
d36182c088
Change user.confirmation_pending field to user.is_confirmed
2021-01-15 12:44:41 -06:00
Mark Felder
860b5c7804
Change user.deactivated field to user.is_active
2021-01-15 11:24:46 -06:00
Mark Felder
f7e59c28ed
Change user.approval_pending field to user.is_approved
2021-01-15 10:42:02 -06:00
Lain Soykaf
39f3683a06
Pbkdf2: Use it everywhere.
2021-01-14 15:06:16 +01:00
Lain Soykaf
aff83eb7c1
Linting
2021-01-13 16:00:12 +01:00
lain
9106048c61
Password: Replace Pbkdf2 with Password.
2021-01-13 15:11:11 +01:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
...
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/ >;'
2021-01-13 07:49:50 +01:00
Ivan Tashkinov
7fff9c1bee
Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in).
2020-12-09 21:14:39 +03:00
Ivan Tashkinov
d50a3345ae
[ #3112 ] Allowed revoking same-user token from any apps. Added tests.
2020-11-30 21:55:48 +03:00
Ivan Tashkinov
f1b07a2b2b
OAuth form user remembering feature. Local MastoFE login / logout fixes.
2020-11-28 21:51:06 +03:00
Ivan Tashkinov
62993db499
Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements
2020-11-25 21:48:18 +03:00
Ivan Tashkinov
12a5981cc3
Session token setting on token exchange. Auth-related refactoring.
2020-11-25 21:47:23 +03:00
Mark Felder
3283d0805f
Use Jason instead of Poison in tests
2020-11-23 13:28:55 -06:00
Egor Kislitsyn
3985c1b450
Fix warnings
2020-10-15 16:54:59 +04:00
Alexander Strizhakov
7dffaef479
tests consistency
2020-10-13 16:35:09 +03:00