sourcehut
/
gql.sr.ht
mirror of https://git.sr.ht/~sircmpwn/gql.sr.ht
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
36 Commits 1 Branch 0 Tags 82 KiB
Commit Graph

36 Commits

Author SHA1 Message Date
Drew DeVault 49d8a14e7d Update README.md 2020-10-06 14:25:40 -04:00
Drew DeVault 6a1a8f1031 Streamline database support code 2020-09-24 14:42:15 -04:00
Drew DeVault 646e9d90c4 Add OAuth client internal auth mechanism 2020-09-22 12:50:39 -04:00
Drew DeVault 5206db0eff Return temporary auth errors as such 2020-09-18 11:17:25 -04:00
Drew DeVault 6cb1a95c98 Add SQL connection pooling and tx support code 2020-09-18 10:10:45 -04:00
Drew DeVault 6a6472db13 s/auth.User/auth.AuthContext/g 2020-09-17 11:34:06 -04:00
Drew DeVault 1fed0ae18c gofmt 2020-09-17 11:20:02 -04:00
Drew DeVault cda96010d2 Refactor GraphQL client into separate module 2020-09-17 11:16:03 -04:00
Drew DeVault b82c241a1e Implement fetching user profiles from meta.sr.ht 2020-09-17 10:53:33 -04:00
Drew DeVault 00f357ac6a auth/middleware: split OAuth 2.0 into many funcs 2020-09-17 10:25:08 -04:00
Drew DeVault 1fd9e35217 s/Scopes/Grants/g 2020-09-14 14:51:56 -04:00
Drew DeVault 8eb53f35aa Implement OAuth 2.0 bearer token w/scopes 2020-09-14 14:50:52 -04:00
Drew DeVault 0395c9720d OAuth 2.0 Bearer: check revocation status 2020-09-14 11:19:05 -04:00
Drew DeVault 9c4efafa16 Add Redis middleware 2020-09-14 11:18:54 -04:00
Drew DeVault dcb2343d6f auth: implement OAuth 2.0 bearer tokens 2020-09-14 08:53:18 -04:00
Drew DeVault 6d5b4f7606 Add auth/token.go & support code in crypto.go 2020-09-12 14:36:55 -04:00
Drew DeVault f5f498ec5a Import directives from meta.sr.ht writable-api 2020-09-10 11:58:57 -04:00
Drew DeVault e357c3b281 Be tolerant of hosts without port in RemoteAddr 2020-07-13 13:37:36 -04:00
Drew DeVault d0f525347d Improve error message for internal auth 2020-07-13 13:21:26 -04:00
Drew DeVault a069568d21 Update InternalAuth structure 
This allows us to include information about the client and node which is
making internal requests.
 2020-06-12 12:53:41 -04:00
Drew DeVault 89fd12a5ab Bump default maximum complexity 
Otherwise we are not able to query the full schema for some APIs
 2020-06-12 09:53:29 -04:00
Drew DeVault 9ecf6d2cf9 database: roll back panic on unknown field 
This fucks with synthetic fields, e.g. artifact.url or
user.canonicalName
 2020-06-08 13:29:45 -04:00
Drew DeVault 2338fac7f2 config: new middleware 2020-06-08 13:26:57 -04:00
Drew DeVault 8bc022f066 auth: add conservative default internal IP subnet 2020-06-02 14:16:31 -06:00
Drew DeVault cee01f9504 auth: limit source IPs for internal authentication 2020-06-02 14:03:01 -06:00
Drew DeVault 5ed6470c90 auth: add internal authentication 
This works similarly to cookie authentication, but with a 30-second
expiration on the encrypted payload. A sr.ht service wishing to make API
calls on behalf of a user, or to access restricted paths, can encrypt a
payload including the username they're working on behalf of, and if the
signature is valid and the token was created recently enough, the
request is accepted and granted these additional permissions.
 2020-06-02 13:20:02 -06:00
Drew DeVault 00705e9ab5 database: panic on unknown fields 
This is a programmer error and should be caught and more easily
diagnosed.
 2020-06-02 11:39:19 -06:00
Drew DeVault 1287179283 auth: add field to indicate authentication method 2020-06-02 11:39:06 -06:00
Drew DeVault f95a9bea7e EmailRecover: print error string to stderr 2020-05-25 12:13:08 -04:00
Drew DeVault a42c4594e0 Introduce Cursor and Filter types 2020-05-22 14:52:19 -04:00
Drew DeVault 58de263ab3 EmailRecover: fix indentation 2020-05-22 12:54:42 -04:00
Drew DeVault 5aead85ba9 chi: Add RealIP middleware 2020-05-20 20:41:41 -04:00
Drew DeVault 221cb5d1e0 email: do not export generateMessageID 2020-05-19 12:20:29 -04:00
Drew DeVault 5492494cce NewRouter: accept list of addl. middlewares 2020-05-19 11:57:52 -04:00
Drew DeVault 9929f08a73 Add middleware for database context 2020-05-19 11:32:50 -04:00
Drew DeVault d8356c5795 Initial commit 2020-05-19 10:16:54 -04:00