Girish Ramakrishnan
|
38977858aa
|
When issuing token intersect with the existing user roles
Also:
* Move token validation to accesscontrol.js
* Use clients.addTokenByUserId everywhere
|
2018-06-28 00:07:43 -07:00 |
|
Girish Ramakrishnan
|
6cd0601629
|
Map group roles to scopes
|
2018-06-18 14:52:39 -07:00 |
|
Girish Ramakrishnan
|
6a2dacb08a
|
Make intersectScopes take an array
|
2018-06-17 22:39:33 -07:00 |
|
Girish Ramakrishnan
|
ad6bc191f9
|
Make hasScopes take an array
|
2018-06-17 21:06:17 -07:00 |
|
Girish Ramakrishnan
|
f24a099e79
|
Remove user.admin property
The UI will now base itself entirely off the scopes of the token
|
2018-06-17 16:49:56 -07:00 |
|
Girish Ramakrishnan
|
156ffb40c9
|
Remove scope from users.get
|
2018-06-17 16:07:20 -07:00 |
|
Girish Ramakrishnan
|
db8b6838bb
|
Move skip password verification logic to accesscontrol.js
|
2018-06-17 15:20:27 -07:00 |
|
Girish Ramakrishnan
|
e8d9597345
|
Fix various error codes
401 - bad password/wrong password
403 - authenticated but not authorized
409 - conflict
|
2018-06-15 23:15:30 -07:00 |
|
Girish Ramakrishnan
|
24b0a96f07
|
Move passport logic to routes
|
2018-06-15 17:32:40 -07:00 |
|
Girish Ramakrishnan
|
dc86b0f319
|
validateRequestedScopes -> hasScopes
|
2018-06-14 20:31:48 -07:00 |
|
Girish Ramakrishnan
|
e5c43e9acd
|
Remove debug
|
2018-05-02 12:41:22 -07:00 |
|
Girish Ramakrishnan
|
8c4015851a
|
merge auth.js into accesscontrol.js
|
2018-05-01 14:03:10 -07:00 |
|
Girish Ramakrishnan
|
bc4f9cf596
|
Remove redundant requireAdmin
We already hand out scopes based on the user's access control
|
2018-04-30 21:38:48 -07:00 |
|
Girish Ramakrishnan
|
3b7bcc1f61
|
refactor scopes into accesscontrol.js
this will be our authorization layer for oauth and non-oauth tokens.
|
2018-04-29 17:50:07 -07:00 |
|