00dani
/
lemoncurry
1
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity
492 Commits 1 Branch 55 Tags 4 MiB
Commit Graph

13 Commits

Author SHA1 Message Date
Danielle McLean d68dda85ad
Refactor the Micropub error responses into a non-view module, have them produce an immediately raise-able exception 2018-07-03 10:03:35 +10:00
Danielle McLean 065619772e
Use ResponseException for various places rather than needing to check the return value for responseness 2018-07-03 09:51:51 +10:00
Danielle McLean 741c2eb234
Switch from stateless JOSE tokens to stateful tokens in the DB, since they can then be much smaller and we're using a DB anyway 2018-06-12 14:57:53 +10:00
Danielle McLean 9f733125a7
Refactor micropub, add basic support for querying - source works great, the other two not so much 2018-01-29 10:28:46 +11:00
Danielle McLean b89405ed88
Dramatically improved processing of Micropub tokens which supports both the Authorization header and the access_token field approaches 2017-12-18 09:51:06 +11:00
Danielle McLean cfe0f47d0f
Switch from PyJWT to python-jose, since it supports more features and has more documentation 2017-11-03 17:42:57 +11:00
Danielle McLean 179f5753ed
Implement a token endpoint - currently all tokens last forever and can't be revoked, but I can add revocation later without too much trouble 2017-11-03 17:18:00 +11:00
Danielle McLean 9add6be8e4
Remove the pointless verify_auth_code wrapper - it's easier to do the verification work in the view anyway 2017-11-03 16:40:09 +11:00
Danielle McLean ab810a8f94
Simplify the auth code format a little: the 'me' value can be computed from the user ID and so is redundant 2017-11-03 16:14:30 +11:00
Danielle McLean 43a56e865e
Add the current user's ID to the auth code, will be handy when making a token since we need to know who the token's for 2017-11-03 15:51:27 +11:00
Danielle McLean 40810d6310
Refactor the actual JWT calls into separate functions since I'll be needing them for tokens as well as auth codes 2017-11-03 14:37:39 +11:00
Danielle McLean 6f6bb4e534
Improve JWT security by specifying the algorithm used, and also use shorter key names to make the code a little shorter 2017-11-03 14:33:27 +11:00
Danielle McLean 1c09be1b1c
Switch from database-persisted auth codes to stateless JSON Web Tokens :) 2017-11-02 16:36:16 +11:00