Commit Graph

94 Commits

Author SHA1 Message Date
Matt Wright 34b3bf9e80 Fix CSRF functionality for LoginForm
The login form was not respecting csrf validation. I've adjusted the tests as well to always send a CSRF token along. This now requires all requests to pass a csrf token. If performing plain AJAX requests the token will have to be extracted from the form in some way. Fixes #86
2013-02-01 17:23:18 -05:00
Matt Wright 84759b5dbd Merge pull request #73 from apahomov/multiple-auth-mechanisms
Multiple auth mechanisms
2013-01-16 19:37:55 -08:00
apahomov 39f62374aa Added tests 2013-01-15 10:30:48 +04:00
Eskil Heyn Olsen 3081d76787 Fix passing category to login required message 2013-01-13 23:25:16 -08:00
Eskil Heyn Olsen 6202abb75c remove import that was left by accident 2013-01-08 18:41:16 -08:00
Matt Wright f566f41fb3 Merge pull request #58 from eskil/registerform
Configurable forms
2013-01-08 07:10:14 -08:00
Eskil Heyn Olsen ca0d1d0b50 All unit-tests for configurable forms 2013-01-07 21:43:27 -08:00
Eskil Heyn Olsen 81040a57a6 Views get forms from _security 2013-01-06 20:20:06 -08:00
Eskil Heyn Olsen 09fe5a2cb7 Make test_app take kwargs 2013-01-06 20:00:13 -08:00
Eskil Heyn Olsen 675b29b4fe Minor style fixes 2013-01-06 14:40:09 -08:00
Eskil Heyn Olsen 075ccf6a82 Add some more tests of signals 2013-01-06 14:33:15 -08:00
Eskil Heyn Olsen ae6f3b6753 Document and unit-test the signals.
Adds description of signals to docmentation. Adds unit-tests of
signal behaviour and tests parameters.
2013-01-06 14:12:18 -08:00
Matt Wright 874c758340 Add a test to test email subject configuration 2012-11-26 14:58:39 -05:00
Matt Wright 0154cce46c Only give out auth token on the login endpoint 2012-10-11 16:58:53 -04:00
Matt Wright a269930ec3 Update docs and tests 2012-10-10 13:36:59 -04:00
Matt Wright e1dbed816c Simplify login form a bit 2012-09-19 01:22:09 -04:00
Matt Wright 90b4c58457 Fix build, hopefully 2012-09-16 22:23:04 -04:00
Matt Wright a0ed846a59 Remove print statement 2012-09-16 22:11:49 -04:00
Matt Wright 6c189f331f Allow users to be registered with JSON/ajax calls 2012-09-16 22:01:40 -04:00
Matt Wright 1f8fb48727 a bit of code polish and an attempt to speed up the tests 2012-09-16 16:43:28 -04:00
Matt Wright c1141b57fa Add ability to not register blueprint on app. Useful if combining apps such as an API layer and a frontend where the API is not concerned with rendering templates or handling traditional auth 2012-09-11 17:51:20 -04:00
Matt Wright 2042b8aa4c Fixes #34 2012-08-28 16:25:20 -04:00
Matt Wright f928db298d Refactor datastore implementation 2012-08-24 11:38:25 -04:00
Matt Wright 4e41f4ec5e Polish up tests 2012-08-24 00:47:41 -04:00
Matt Wright 23cc774f96 Add error for bad configuration 2012-08-24 00:27:22 -04:00
Matt Wright bac04a0f3c remove more unnecessary code 2012-08-23 23:48:55 -04:00
Matt Wright 6e754ed356 Major refactoring. Got rid of exceptions/errors in favor of using simple return values. Update tests to ensure full coverage according to nose coverage plugin 2012-08-23 17:58:33 -04:00
Matt Wright 5a4fb94be3 Make confirm endpoint anonymous only and get rid of invalid test 2012-08-23 15:03:13 -04:00
Matt Wright 57595bbab4 Refactor forms and views a bit. Add more validation to forms 2012-08-23 14:56:35 -04:00
Matt Wright b0b09aea49 Add ability to define a send_mail_task which could be used to send mails instead of the default flask-mail plugin. Could also be used to send mail asynchronously. Make flask-mail required as well. 2012-08-23 13:01:11 -04:00
Matt Wright b65b717fbc Polish 2012-08-22 18:01:31 -04:00
Matt Wright dc39eb58c7 Fix test 2012-08-22 16:37:17 -04:00
Matt Wright 53257c17a9 Update send_mail api and add welcome email for user registration. Also add security state to template context for emails for more complex template rendering. 2012-08-22 15:15:39 -04:00
Matt Wright 86adcf0653 Fix build 2012-08-22 12:06:21 -04:00
Matt Wright 2471ba0db8 Move example app, which was a bad example, to the tests namespace. Its what it was used for anyway. A better example will be provided later 2012-08-22 12:00:46 -04:00
Matt Wright eec0e23620 Remove old test 2012-08-21 17:35:19 -04:00
Matt Wright d3c23c1994 Polish 2012-08-21 17:34:38 -04:00
Matt Wright 66c565a72f Register mail as extension, for now 2012-08-21 11:38:24 -04:00
Matt Wright 828a973339 Add already confirmed scenario. Let datastore work without a request context 2012-08-21 01:50:40 -04:00
Matt Wright bebaac49e3 Forgo redirecting authentication endpoint so that login form errors can be displayed 2012-08-20 23:35:17 -04:00
Matt Wright 101fa42e55 Only use password salt if using hmac 2012-08-20 18:17:29 -04:00
Matt Wright a39f46854e Significant design change: commit data after some requests to avoid multiple database hits when using SQLALchemy 2012-08-17 13:19:40 -04:00
Matt Wright adb550a9f2 Improve RegisterUserForm 2012-08-16 19:05:42 -04:00
Matt Wright d87676027e Fix some redirect rules 2012-08-16 18:42:37 -04:00
Matt Wright 8b139890b4 Add useful decorator for ensuring anonymous users on particular endpoints 2012-08-16 17:53:41 -04:00
Matt Wright 1d8b2f8342 Change urls/views to be (subjectively) simpler 2012-08-16 17:25:24 -04:00
Matt Wright 1d378a6827 Add login to security blueprint 2012-08-16 15:18:49 -04:00
Matt Wright 80144c85a1 Fix bug with an invalid remember_token cookie value 2012-08-15 17:06:07 -04:00
Matt Wright 7554a52732 Cleanup and some more messaging additions 2012-08-15 11:56:26 -04:00
Matt Wright 022836c43c fix tests, hopefully 2012-08-15 10:25:07 -04:00