Drew DeVault
49d8a14e7d
Update README.md
2020-10-06 14:25:40 -04:00
Drew DeVault
6a1a8f1031
Streamline database support code
2020-09-24 14:42:15 -04:00
Drew DeVault
646e9d90c4
Add OAuth client internal auth mechanism
2020-09-22 12:50:39 -04:00
Drew DeVault
5206db0eff
Return temporary auth errors as such
2020-09-18 11:17:25 -04:00
Drew DeVault
6cb1a95c98
Add SQL connection pooling and tx support code
2020-09-18 10:10:45 -04:00
Drew DeVault
6a6472db13
s/auth.User/auth.AuthContext/g
2020-09-17 11:34:06 -04:00
Drew DeVault
1fed0ae18c
gofmt
2020-09-17 11:20:02 -04:00
Drew DeVault
cda96010d2
Refactor GraphQL client into separate module
2020-09-17 11:16:03 -04:00
Drew DeVault
b82c241a1e
Implement fetching user profiles from meta.sr.ht
2020-09-17 10:53:33 -04:00
Drew DeVault
00f357ac6a
auth/middleware: split OAuth 2.0 into many funcs
2020-09-17 10:25:08 -04:00
Drew DeVault
1fd9e35217
s/Scopes/Grants/g
2020-09-14 14:51:56 -04:00
Drew DeVault
8eb53f35aa
Implement OAuth 2.0 bearer token w/scopes
2020-09-14 14:50:52 -04:00
Drew DeVault
0395c9720d
OAuth 2.0 Bearer: check revocation status
2020-09-14 11:19:05 -04:00
Drew DeVault
9c4efafa16
Add Redis middleware
2020-09-14 11:18:54 -04:00
Drew DeVault
dcb2343d6f
auth: implement OAuth 2.0 bearer tokens
2020-09-14 08:53:18 -04:00
Drew DeVault
6d5b4f7606
Add auth/token.go & support code in crypto.go
2020-09-12 14:36:55 -04:00
Drew DeVault
f5f498ec5a
Import directives from meta.sr.ht writable-api
2020-09-10 11:58:57 -04:00
Drew DeVault
e357c3b281
Be tolerant of hosts without port in RemoteAddr
2020-07-13 13:37:36 -04:00
Drew DeVault
d0f525347d
Improve error message for internal auth
2020-07-13 13:21:26 -04:00
Drew DeVault
a069568d21
Update InternalAuth structure
...
This allows us to include information about the client and node which is
making internal requests.
2020-06-12 12:53:41 -04:00
Drew DeVault
89fd12a5ab
Bump default maximum complexity
...
Otherwise we are not able to query the full schema for some APIs
2020-06-12 09:53:29 -04:00
Drew DeVault
9ecf6d2cf9
database: roll back panic on unknown field
...
This fucks with synthetic fields, e.g. artifact.url or
user.canonicalName
2020-06-08 13:29:45 -04:00
Drew DeVault
2338fac7f2
config: new middleware
2020-06-08 13:26:57 -04:00
Drew DeVault
8bc022f066
auth: add conservative default internal IP subnet
2020-06-02 14:16:31 -06:00
Drew DeVault
cee01f9504
auth: limit source IPs for internal authentication
2020-06-02 14:03:01 -06:00
Drew DeVault
5ed6470c90
auth: add internal authentication
...
This works similarly to cookie authentication, but with a 30-second
expiration on the encrypted payload. A sr.ht service wishing to make API
calls on behalf of a user, or to access restricted paths, can encrypt a
payload including the username they're working on behalf of, and if the
signature is valid and the token was created recently enough, the
request is accepted and granted these additional permissions.
2020-06-02 13:20:02 -06:00
Drew DeVault
00705e9ab5
database: panic on unknown fields
...
This is a programmer error and should be caught and more easily
diagnosed.
2020-06-02 11:39:19 -06:00
Drew DeVault
1287179283
auth: add field to indicate authentication method
2020-06-02 11:39:06 -06:00
Drew DeVault
f95a9bea7e
EmailRecover: print error string to stderr
2020-05-25 12:13:08 -04:00
Drew DeVault
a42c4594e0
Introduce Cursor and Filter types
2020-05-22 14:52:19 -04:00
Drew DeVault
58de263ab3
EmailRecover: fix indentation
2020-05-22 12:54:42 -04:00
Drew DeVault
5aead85ba9
chi: Add RealIP middleware
2020-05-20 20:41:41 -04:00
Drew DeVault
221cb5d1e0
email: do not export generateMessageID
2020-05-19 12:20:29 -04:00
Drew DeVault
5492494cce
NewRouter: accept list of addl. middlewares
2020-05-19 11:57:52 -04:00
Drew DeVault
9929f08a73
Add middleware for database context
2020-05-19 11:32:50 -04:00
Drew DeVault
d8356c5795
Initial commit
2020-05-19 10:16:54 -04:00