13 Commits (v1.10.3)

Author SHA1 Message Date
Danielle McLean d68dda85ad
Refactor the Micropub error responses into a non-view module, have them produce an immediately raise-able exception 3 years ago
Danielle McLean 065619772e
Use ResponseException for various places rather than needing to check the return value for responseness 3 years ago
Danielle McLean 741c2eb234
Switch from stateless JOSE tokens to stateful tokens in the DB, since they can then be much smaller and we're using a DB anyway 4 years ago
Danielle McLean 9f733125a7
Refactor micropub, add basic support for querying - source works great, the other two not so much 4 years ago
Danielle McLean b89405ed88
Dramatically improved processing of Micropub tokens which supports both the Authorization header and the access_token field approaches 4 years ago
Danielle McLean cfe0f47d0f
Switch from PyJWT to python-jose, since it supports more features and has more documentation 4 years ago
Danielle McLean 179f5753ed
Implement a token endpoint - currently all tokens last forever and can't be revoked, but I can add revocation later without too much trouble 4 years ago
Danielle McLean 9add6be8e4
Remove the pointless verify_auth_code wrapper - it's easier to do the verification work in the view anyway 4 years ago
Danielle McLean ab810a8f94
Simplify the auth code format a little: the 'me' value can be computed from the user ID and so is redundant 4 years ago
Danielle McLean 43a56e865e
Add the current user's ID to the auth code, will be handy when making a token since we need to know who the token's for 4 years ago
Danielle McLean 40810d6310
Refactor the actual JWT calls into separate functions since I'll be needing them for tokens as well as auth codes 4 years ago
Danielle McLean 6f6bb4e534
Improve JWT security by specifying the algorithm used, and also use shorter key names to make the code a little shorter 4 years ago
Danielle McLean 1c09be1b1c
Switch from database-persisted auth codes to stateless JSON Web Tokens :) 4 years ago