Age | Commit message (Collapse) | Author |
|
|
|
Add UI and code to enable the administrative user to register new OAuth2
clients that can access the API server.
|
|
To avoid repeating the same thing in multiple places, leading to errors and
breakages, reuse the same basic functions for password hashing.
|
|
Bcrypt is now somewhat vulnerable to offline cracking, so we move our password
hashing over to Argon2.
|
|
Fetching the user by id should return the user, or raise an exception. We get
rid of the Maybe monad here since it is leading to some weird code flows -
probably the wrong monad to use here.
|
|
|
|
|
|
Define a Protocol type to use with the `dictify` function and implement the
`dictify` methods for the various classes.
|
|
|
|
If the registration details pass the validations steps, then persist the
details in the database and respond with details about the newly created user.
* gn3/auth/authentication/users.py: new functions
* `save_user`: create and persist a new user
* `set_user_password`: hash and persist the new password for the given user
* gn3/auth/authorisation/views.py: Persist the user details and respond with
the newly persisted user details.
|
|
Add code to implement the OAuth2 flow.
* Add test fixtures for setting up users and OAuth2 clients
* Add tests for token generation with the "Password Grant" flow
* Fix some issues with test due to changes in the database connection's
row_factory
|
|
* gn3/auth/authentication/users.py: authlib expects the user object to have a
`get_user_id` method.
|
|
* gn3/auth/authentication/routes.py: Add `/login` endpoint and a function to
validate the login credentials.
* gn3/auth/authentication/users.py: add function to fetch user details by
email
|
|
* gn3/auth/authentication.py -> gn3/auth/authentication/__init__.py: Convert
module to package
* gn3/auth/authentication/users.py: Define the `User` type
|