Matt Wright
34b3bf9e80
Fix CSRF functionality for LoginForm
...
The login form was not respecting csrf validation. I've adjusted the tests as well to always send a CSRF token along. This now requires all requests to pass a csrf token. If performing plain AJAX requests the token will have to be extracted from the form in some way. Fixes #86
2013-02-01 17:23:18 -05:00
Matt Wright
84759b5dbd
Merge pull request #73 from apahomov/multiple-auth-mechanisms
...
Multiple auth mechanisms
2013-01-16 19:37:55 -08:00
apahomov
39f62374aa
Added tests
2013-01-15 10:30:48 +04:00
Eskil Heyn Olsen
3081d76787
Fix passing category to login required message
2013-01-13 23:25:16 -08:00
Eskil Heyn Olsen
6202abb75c
remove import that was left by accident
2013-01-08 18:41:16 -08:00
Matt Wright
f566f41fb3
Merge pull request #58 from eskil/registerform
...
Configurable forms
2013-01-08 07:10:14 -08:00
Eskil Heyn Olsen
ca0d1d0b50
All unit-tests for configurable forms
2013-01-07 21:43:27 -08:00
Eskil Heyn Olsen
81040a57a6
Views get forms from _security
2013-01-06 20:20:06 -08:00
Eskil Heyn Olsen
09fe5a2cb7
Make test_app take kwargs
2013-01-06 20:00:13 -08:00
Eskil Heyn Olsen
675b29b4fe
Minor style fixes
2013-01-06 14:40:09 -08:00
Eskil Heyn Olsen
075ccf6a82
Add some more tests of signals
2013-01-06 14:33:15 -08:00
Eskil Heyn Olsen
ae6f3b6753
Document and unit-test the signals.
...
Adds description of signals to docmentation. Adds unit-tests of
signal behaviour and tests parameters.
2013-01-06 14:12:18 -08:00
Matt Wright
874c758340
Add a test to test email subject configuration
2012-11-26 14:58:39 -05:00
Matt Wright
0154cce46c
Only give out auth token on the login endpoint
2012-10-11 16:58:53 -04:00
Matt Wright
a269930ec3
Update docs and tests
2012-10-10 13:36:59 -04:00
Matt Wright
e1dbed816c
Simplify login form a bit
2012-09-19 01:22:09 -04:00
Matt Wright
90b4c58457
Fix build, hopefully
2012-09-16 22:23:04 -04:00
Matt Wright
a0ed846a59
Remove print statement
2012-09-16 22:11:49 -04:00
Matt Wright
6c189f331f
Allow users to be registered with JSON/ajax calls
2012-09-16 22:01:40 -04:00
Matt Wright
1f8fb48727
a bit of code polish and an attempt to speed up the tests
2012-09-16 16:43:28 -04:00
Matt Wright
c1141b57fa
Add ability to not register blueprint on app. Useful if combining apps such as an API layer and a frontend where the API is not concerned with rendering templates or handling traditional auth
2012-09-11 17:51:20 -04:00
Matt Wright
2042b8aa4c
Fixes #34
2012-08-28 16:25:20 -04:00
Matt Wright
f928db298d
Refactor datastore implementation
2012-08-24 11:38:25 -04:00
Matt Wright
4e41f4ec5e
Polish up tests
2012-08-24 00:47:41 -04:00
Matt Wright
23cc774f96
Add error for bad configuration
2012-08-24 00:27:22 -04:00
Matt Wright
bac04a0f3c
remove more unnecessary code
2012-08-23 23:48:55 -04:00
Matt Wright
6e754ed356
Major refactoring. Got rid of exceptions/errors in favor of using simple return values. Update tests to ensure full coverage according to nose coverage plugin
2012-08-23 17:58:33 -04:00
Matt Wright
5a4fb94be3
Make confirm endpoint anonymous only and get rid of invalid test
2012-08-23 15:03:13 -04:00
Matt Wright
57595bbab4
Refactor forms and views a bit. Add more validation to forms
2012-08-23 14:56:35 -04:00
Matt Wright
b0b09aea49
Add ability to define a send_mail_task which could be used to send mails instead of the default flask-mail plugin. Could also be used to send mail asynchronously. Make flask-mail required as well.
2012-08-23 13:01:11 -04:00
Matt Wright
b65b717fbc
Polish
2012-08-22 18:01:31 -04:00
Matt Wright
dc39eb58c7
Fix test
2012-08-22 16:37:17 -04:00
Matt Wright
53257c17a9
Update send_mail api and add welcome email for user registration. Also add security state to template context for emails for more complex template rendering.
2012-08-22 15:15:39 -04:00
Matt Wright
86adcf0653
Fix build
2012-08-22 12:06:21 -04:00
Matt Wright
2471ba0db8
Move example app, which was a bad example, to the tests namespace. Its what it was used for anyway. A better example will be provided later
2012-08-22 12:00:46 -04:00
Matt Wright
eec0e23620
Remove old test
2012-08-21 17:35:19 -04:00
Matt Wright
d3c23c1994
Polish
2012-08-21 17:34:38 -04:00
Matt Wright
66c565a72f
Register mail as extension, for now
2012-08-21 11:38:24 -04:00
Matt Wright
828a973339
Add already confirmed scenario. Let datastore work without a request context
2012-08-21 01:50:40 -04:00
Matt Wright
bebaac49e3
Forgo redirecting authentication endpoint so that login form errors can be displayed
2012-08-20 23:35:17 -04:00
Matt Wright
101fa42e55
Only use password salt if using hmac
2012-08-20 18:17:29 -04:00
Matt Wright
a39f46854e
Significant design change: commit data after some requests to avoid multiple database hits when using SQLALchemy
2012-08-17 13:19:40 -04:00
Matt Wright
adb550a9f2
Improve RegisterUserForm
2012-08-16 19:05:42 -04:00
Matt Wright
d87676027e
Fix some redirect rules
2012-08-16 18:42:37 -04:00
Matt Wright
8b139890b4
Add useful decorator for ensuring anonymous users on particular endpoints
2012-08-16 17:53:41 -04:00
Matt Wright
1d8b2f8342
Change urls/views to be (subjectively) simpler
2012-08-16 17:25:24 -04:00
Matt Wright
1d378a6827
Add login to security blueprint
2012-08-16 15:18:49 -04:00
Matt Wright
80144c85a1
Fix bug with an invalid remember_token cookie value
2012-08-15 17:06:07 -04:00
Matt Wright
7554a52732
Cleanup and some more messaging additions
2012-08-15 11:56:26 -04:00
Matt Wright
022836c43c
fix tests, hopefully
2012-08-15 10:25:07 -04:00