aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth/authentication/users.py
AgeCommit message (Collapse)Author
2023-06-30List all OAuth2 clients.Frederick Muriuki Muriithi
2023-05-29auth: Enable registration of OAuth2 clientsFrederick Muriuki Muriithi
Add UI and code to enable the administrative user to register new OAuth2 clients that can access the API server.
2023-03-08auth: users: Use the same basic functions for password hashingFrederick Muriuki Muriithi
To avoid repeating the same thing in multiple places, leading to errors and breakages, reuse the same basic functions for password hashing.
2023-03-08Replace Bcrypt with Argon2 for better security.Frederick Muriuki Muriithi
Bcrypt is now somewhat vulnerable to offline cracking, so we move our password hashing over to Argon2.
2023-03-07auth: user_by_id: Return a user or raise an exceptionFrederick Muriuki Muriithi
Fetching the user by id should return the user, or raise an exception. We get rid of the Maybe monad here since it is leading to some weird code flows - probably the wrong monad to use here.
2023-03-06auth: resources: Enable assigning a user roles on resourcesFrederick Muriuki Muriithi
2023-02-08auth: groups: handle join requests.Frederick Muriuki Muriithi
2023-01-28auth: rework dictifyFrederick Muriuki Muriithi
Define a Protocol type to use with the `dictify` function and implement the `dictify` methods for the various classes.
2023-01-11auth: Add missing importFrederick Muriuki Muriithi
2023-01-05auth: Persist the user's registration detailsFrederick Muriuki Muriithi
If the registration details pass the validations steps, then persist the details in the database and respond with details about the newly created user. * gn3/auth/authentication/users.py: new functions * `save_user`: create and persist a new user * `set_user_password`: hash and persist the new password for the given user * gn3/auth/authorisation/views.py: Persist the user details and respond with the newly persisted user details.
2022-12-22auth: implement OAuth2 flow.oauth2_auth_flowFrederick Muriuki Muriithi
Add code to implement the OAuth2 flow. * Add test fixtures for setting up users and OAuth2 clients * Add tests for token generation with the "Password Grant" flow * Fix some issues with test due to changes in the database connection's row_factory
2022-12-21auth: oauth2: users: Add expected propertyFrederick Muriuki Muriithi
* gn3/auth/authentication/users.py: authlib expects the user object to have a `get_user_id` method.
2022-12-21Enable authenticationFrederick Muriuki Muriithi
* gn3/auth/authentication/routes.py: Add `/login` endpoint and a function to validate the login credentials. * gn3/auth/authentication/users.py: add function to fetch user details by email
2022-11-17auth: Define the `User` typeFrederick Muriuki Muriithi
* gn3/auth/authentication.py -> gn3/auth/authentication/__init__.py: Convert module to package * gn3/auth/authentication/users.py: Define the `User` type