darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity
644 Commits 51 Branches 59 Tags
5637e624937ebbb20c191651d37f3576a0427a5e
Commit Graph

43 Commits

Author SHA1 Message Date
Chris Hill-Scott
5637e62493 Remove hint from choose service page 
We might want this one day, but for now nothing is better than non-real-looking
text.
 2016-01-26 17:12:28 +00:00
Adam Shimali
b394a18b4e Incrementing of failed logins happens on api side 2016-01-26 12:36:05 +00:00
Adam Shimali
3d14296ae0 Re introduced some tests. Moved update email from db to api. 2016-01-24 15:00:50 +00:00
Rebecca Law
6ef9becf8f Able to get services by user id 2016-01-22 16:46:59 +00:00
Nicholas Staples
bb853ee95a Added fixes, displaying templates still needs to be fixed. 2016-01-22 11:14:56 +00:00
Adam Shimali
167c7b0f13 Fixed some tests. Some broken mocked tests commented out until later 2016-01-21 12:31:09 +00:00
Adam Shimali
856b6adb56 First slice full sign in flow 2016-01-21 11:33:53 +00:00
Adam Shimali
ca3d3240a6 Verify activate and login user with sms and email code 2016-01-20 15:34:42 +00:00
Adam Shimali
b5cdf86b40 User registration now creates user via api. 
Verification flow is still to be completed.

Foreign key constraint on verify codes to user table removed.
 2016-01-19 22:49:46 +00:00
Nicholas Staples
cfb3f96b01 Mapped template actions to the api and mocked tests. 2016-01-19 15:54:12 +00:00
Nicholas Staples
609f5f0a8d Working service integration. 2016-01-18 17:35:28 +00:00
Nicholas Staples
6e19dd7c9c Added choose_service using services_dao. 2016-01-18 16:01:04 +00:00
Nicholas Staples
a09ac6cbf5 Added choose_service using services_dao. 2016-01-18 11:15:14 +00:00
Nicholas Staples
3b1d521c10 Tests added for dao. 2016-01-15 15:15:35 +00:00
Rebecca Law
bb1db0c345 When the user request a reset password link, the user.state is set to request_password_reset. 
Which means the user will only be able to reset their password, and not sign-in.
Once the user resets the password the user state is set to active once more.
If the link is used a second time they will be redirected to the index page with a message
that the link in the email is not longer valid.
 2016-01-11 12:23:08 +00:00
Rebecca Law
c858869a52 Removed exceptions, found a better way to handle them. 
Refactored the forms so that fields like email_address can be used in multiple forms.
Refactored form validation so that a query function is passed into the form to be run, this
way the form is not exposed to the dao layer and the query is more efficient.

This PR still requires some frontend attention. Will work with Chris to update the templates.
 2016-01-11 12:23:08 +00:00
Rebecca Law
35619553c8 Added NoDataFoundException 2016-01-11 12:23:07 +00:00
Rebecca Law
a860f713d2 Implementation of the new_password endpoint. 
Found a way to create the token that does not need to persist it to the database.
This requires proper error messages, written by people who speak menglis good.
 2016-01-11 12:23:07 +00:00
Rebecca Law
b5901a1ac7 New-password endpoints are implemented. 
There should be a better way to validate the token.
 2016-01-11 12:23:07 +00:00
Rebecca Law
39970144b6 fix code style 2016-01-11 12:23:07 +00:00
Rebecca Law
2cb896fa81 Completion of forgot-password endpoints. 
Start implementation for new-password endpoints.
Created PasswordResetToken model
ToDo: create and save token, send valid url to user,
check validity of token, update user's password, redirect to /two-factor.
 2016-01-11 12:23:07 +00:00
Rebecca Law
6696426dbc Add endpoints for forgot-password. 2016-01-11 12:22:39 +00:00
Nicholas Staples
7001d8261d Fix for security hole with setting session['user_id'] before second factor of authentication has been authorised. 2016-01-07 12:43:10 +00:00
Nicholas Staples
7693ba8a18 Update register view form and template. 2016-01-05 12:41:20 +00:00
Rebecca Law
ac05f6931e Refactor add-service form such that the dao is not exposed in the forms. 2016-01-04 15:31:50 +00:00
Rebecca Law
010be66d31 109898688: Complete the implementation of the did not receive code. 2015-12-17 14:33:20 +00:00
Rebecca Law
64812c1614 109898688: All codes are valid until one code is used, then they are all marked used. 
Fixed the is_active() method on the Users model, if the user was pending they would come back as active, allowing a user to sign in before being active.
There is still a problem with the validate_sms_code and validate_email_code method.
 2015-12-17 14:33:20 +00:00
Rebecca Law
bd8bb3c926 109898688: Implementation of text-not-received and email-not-received 2015-12-17 14:33:20 +00:00
Rebecca Law
23b5cffbe8 110067722: Update template with the form. 2015-12-15 10:32:26 +00:00
Rebecca Law
43f2605ac4 110067722: Post add-service endpoint saves the service and maps it to the user. 2015-12-15 10:32:26 +00:00
Rebecca Law
350ccda208 110067722: Added endpoints for add-service 
Post is not complete as of yet.
 2015-12-15 10:32:25 +00:00
Rebecca Law
4b01335703 110067722: Create the model and dao for services. 
This commit creates the data model for services and user_to_service.
The dao is also created to insert, get, activate, and unrestrict the service.
 2015-12-15 10:31:27 +00:00
Rebecca Law
bbecc03531 109526036: Fix bug. 
If one of the codes was invalid and one was valid on the verify page the valid code would be marked as used.
 2015-12-10 16:34:29 +00:00
Rebecca Law
2b4097dd2d 109526036: Updates as per comments made on pull request. 2015-12-10 15:21:06 +00:00
Rebecca Law
588730d594 109526036: Persist the verify code to the db. 
The codes are hashed and saved to the db.
The code is marked as used once a valid code is submitted.
The code is valid for 1 hour.
The codes are no longer saved to the session.
 2015-12-10 14:48:01 +00:00
Rebecca Law
16618e80f9 109526520: Implement verify flow 
When a person registers with a valid mobile number and email address,
a code will be sent to each. That person can enter the verify codes and continue to the add-service page.
 2015-12-09 10:12:21 +00:00
Rebecca Law
3b27db98ff 108536490: Implement locked out function. 
User is locked if they fail to login 10 times or more.
 2015-12-01 10:00:07 +00:00
Rebecca Law
ff9e98907e 108536490: Update encryption for password 2015-12-01 10:00:07 +00:00
Rebecca Law
3f017b30f2 108536490: add the proxy_fix 2015-12-01 10:00:07 +00:00
Rebecca Law
6f61906fd4 108536490: Implement LoginManager for the admin app. 
Also added csrf error handler, will make the session unauthorized if the csrf token is invalid.
 2015-12-01 10:00:06 +00:00
Rebecca Law
7f96ef5a25 108536490: Initial effort to implement log in 
Add endpoint for post to /sign-in
Initialise role data
 2015-12-01 10:00:06 +00:00
Rebecca Law
af9e2cf0fa 108536234: Added a dao method to get all users. 2015-11-26 09:59:23 +00:00
Rebecca Law
abe1d8ae17 108536234: created users and roles data and domain model. 
You will need to run the /scripts/bootstrap.sh to create the database for test and the app.
 2015-11-25 15:29:12 +00:00