|
2e7d12b3e6
|
Run Black over the whole codebase
|
2023-08-10 16:52:37 +10:00 |
|
|
d68dda85ad
|
Refactor the Micropub error responses into a non-view module, have them produce an immediately raise-able exception
|
2018-07-03 10:03:35 +10:00 |
|
|
065619772e
|
Use ResponseException for various places rather than needing to check the return value for responseness
|
2018-07-03 09:51:51 +10:00 |
|
|
741c2eb234
|
Switch from stateless JOSE tokens to stateful tokens in the DB, since they can then be much smaller and we're using a DB anyway
|
2018-06-12 14:57:53 +10:00 |
|
|
9f733125a7
|
Refactor micropub, add basic support for querying - source works great, the other two not so much
|
2018-01-29 10:28:46 +11:00 |
|
|
b89405ed88
|
Dramatically improved processing of Micropub tokens which supports both the Authorization header and the access_token field approaches
|
2017-12-18 09:51:06 +11:00 |
|
|
cfe0f47d0f
|
Switch from PyJWT to python-jose, since it supports more features and has more documentation
|
2017-11-03 17:42:57 +11:00 |
|
|
179f5753ed
|
Implement a token endpoint - currently all tokens last forever and can't be revoked, but I can add revocation later without too much trouble
|
2017-11-03 17:18:00 +11:00 |
|
|
9add6be8e4
|
Remove the pointless verify_auth_code wrapper - it's easier to do the verification work in the view anyway
|
2017-11-03 16:40:09 +11:00 |
|
|
ab810a8f94
|
Simplify the auth code format a little: the 'me' value can be computed from the user ID and so is redundant
|
2017-11-03 16:14:30 +11:00 |
|
|
43a56e865e
|
Add the current user's ID to the auth code, will be handy when making a token since we need to know who the token's for
|
2017-11-03 15:51:27 +11:00 |
|
|
40810d6310
|
Refactor the actual JWT calls into separate functions since I'll be needing them for tokens as well as auth codes
|
2017-11-03 14:37:39 +11:00 |
|
|
6f6bb4e534
|
Improve JWT security by specifying the algorithm used, and also use shorter key names to make the code a little shorter
|
2017-11-03 14:33:27 +11:00 |
|
|
1c09be1b1c
|
Switch from database-persisted auth codes to stateless JSON Web Tokens :)
|
2017-11-02 16:36:16 +11:00 |
|