Commit Graph

29 Commits

Author SHA1 Message Date
Evan Prodromou
6c9031cc7b don't allow new users if the site is closed or invite only in OpenID
darcs-hash:20081203185022-5ed1f-a618527f069301c34b3fd6a75ae5676f45e64d39.gz
2008-12-03 13:50:22 -05:00
Evan Prodromou
3909544f9e slightly better rememberme logic in finishopenidlogin
darcs-hash:20081209180330-84dde-ba48eed8a9a557bac90d3869d60b24a4b9683e61.gz
2008-12-09 13:03:30 -05:00
Evan Prodromou
67340ce11c ♫ Don't you forget about me ♫
darcs-hash:20081118024947-84dde-46f68dff10cd2b5665fbd482f90ac83601df4228.gz
2008-11-17 21:49:47 -05:00
Evan Prodromou
d6dd35a66a add a token for CSRF avoidance
darcs-hash:20080829034854-84dde-a636b446dc254aaa77ac65f63be01e49c192bf32.gz
2008-08-28 23:48:54 -04:00
Evan Prodromou
7554f2561c move user registration to a single static method
darcs-hash:20080814002038-84dde-8505d4e083056b770db128129a95be639d8e7f0a.gz
2008-08-13 20:20:38 -04:00
Mike Cochrane
b104da04fb Colapse a lot of strings to make like easier for translators and more consisitant for users
darcs-hash:20080713053748-533db-1cdb0cf3a9e4102eb139b74a7a9d4f97dadb20b8.gz
2008-07-13 01:37:48 -04:00
Mike Cochrane
834c21b2aa Merge some gettext strings to one line so translation tools are happier
darcs-hash:20080713044608-533db-ee16aecee9b6d82b22ce6a25f6a9573c23eee9f8.gz
2008-07-13 00:46:08 -04:00
Mike Cochrane
0f502b8d86 Remove tralling whitespace on lines and a gettext replacement that I missed.
darcs-hash:20080708095113-533db-ad63bbde67b6275fb7ae944cc9882adf6f3be517.gz
2008-07-08 05:51:13 -04:00
Mike Cochrane
87b494f1eb Convert _t() to _() for gettext.
darcs-hash:20080708094531-533db-83399a46e6ec4c0fcc6249b0235961f969d1ae73.gz
2008-07-08 05:45:31 -04:00
Evan Prodromou
f6bdb42d35 don't auto-pull OpenID parameters
darcs-hash:20080710151842-84dde-ad2159088ed05830e4feba88880863c84c4728c8.gz
2008-07-10 11:18:42 -04:00
Evan Prodromou
721d6f94c7 method
darcs-hash:20080702131507-84dde-507a6380fcab66c1fbcbaad6d1399c8a2f210acf.gz
2008-07-02 09:15:07 -04:00
Evan Prodromou
be3a44651c implement rememberme functionality
Added a checkbox on login or register to remember the current user. If
the login is successful, this sets a cookie with a random code (saved
in the DB). If they come back, and they aren't logged in "normally",
we check to see if they have a rememberme cookie. If so, we log them
in.

However, they can't change settings -- cookie theft is too prevalent.
So we mark a session as having a "real" (password or OpenID) login, or
not. In settings pages, we check to see if the login is "real", and if
not, we redirect to the login page.

darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
Evan Prodromou
1899d09cd1 forgot to return on invalid nickname
darcs-hash:20080622181550-34904-7970919db30ccfc3979fa6c118c29af9eac0c550.gz
2008-06-22 14:15:50 -04:00
Evan Prodromou
d758c11784 disallow nicknames on a blacklist
darcs-hash:20080622180437-34904-4b6313f6fd8845232031663c5c2df00dff725183.gz
2008-06-22 14:04:37 -04:00
Evan Prodromou
15a09c5d69 change from using tag uris to http urls for identifiers
Weirdly, I got in an argument with Tim Berners-Lee in #swig about the
tag URIs I was using in FOAF documents. Eventually, I was convinced
that it's a better thing to use HTTP URLs instead. So, now we have
HTTP URLs.

The tricky thing was for users. Since they can change their names, we
can't use their profile URL, since it includes the name. Instead, I
made up a new action, which simply redirects from a user ID to their
current profile URL. This should be sufficiently long-term.

darcs-hash:20080620071700-84dde-c6145243dc45dd2dff621aff421375d05796057e.gz
2008-06-20 03:17:00 -04:00
Evan Prodromou
aabac60b6e push instructions into head and require license
darcs-hash:20080619173225-84dde-d73961d047f75fa1e3ac4287d35e4c6afb391e84.gz
2008-06-19 13:32:25 -04:00
Evan Prodromou
26c7d5f04e need a profileurl for new users
darcs-hash:20080619151803-5ed1f-53df3a53f1147233658397c3c6d2cd6a2202b199.gz
2008-06-19 11:18:03 -04:00
Evan Prodromou
0ba9948603 move update_user function to openid.php
darcs-hash:20080619135148-84dde-6caaa7f97d2405bc318bfa818c4ac9cbc31cab33.gz
2008-06-19 09:51:48 -04:00
Evan Prodromou
171b4f72ee immediate mode for openid
darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
Evan Prodromou
65816a6e2f fix syntax error in finishopenidlogin
darcs-hash:20080618123941-84dde-ec6e2fdef8c561714e509dc47e14aa47c58a9c44.gz
2008-06-18 08:39:41 -04:00
Evan Prodromou
4a0b1a9ea9 consolidate linking a user to an OpenID
darcs-hash:20080618114310-84dde-15b224bb16d434150af457bc3b08de58e3833abd.gz
2008-06-18 07:43:10 -04:00
Evan Prodromou
f08a99e5f1 fix missing parens
darcs-hash:20080618062059-84dde-f3d27969a876fd89c5f01fb690ca367a51ec1b5e.gz
2008-06-18 02:20:59 -04:00
Evan Prodromou
3bd2513c0b go to profile instead of profile settings
darcs-hash:20080618061833-84dde-e77ea989a6caaf1d6722d6e82c1bcd04da44f486.gz
2008-06-18 02:18:33 -04:00
Evan Prodromou
94c4262dcf set nickname correctly
darcs-hash:20080618061117-84dde-6983ed79c2d0e985fc8b00ac7c270b46d92bc20d.gz
2008-06-18 02:11:17 -04:00
Evan Prodromou
21463458c5 fix get_saved_values() function in finishopenidlogin
darcs-hash:20080618060549-84dde-d32f1f167a69ea4f98f6a4a2f2ac753675e8cafd.gz
2008-06-18 02:05:49 -04:00
Evan Prodromou
66a1a13435 refactoring error
darcs-hash:20080618055836-84dde-7a0c460ec125581b659df39c8a079b9fcdc8dbaa.gz
2008-06-18 01:58:36 -04:00
Evan Prodromou
4000840243 check existence of args not booleanness
darcs-hash:20080618055657-84dde-269a234dd68867ca4f159031fe206e31131ef108.gz
2008-06-18 01:56:57 -04:00
Evan Prodromou
cba4168d62 fix prompt and debug input
darcs-hash:20080618055349-84dde-8ac49632d06a7b271d13912d46d26c7c1f1ec793.gz
2008-06-18 01:53:49 -04:00
Evan Prodromou
252c4098c4 finish openid
Added some code to make finishing the OpenID login work.

Changed the OID storage so that there's a "canonical" URL and a
display URL. This is because of i-names, which is annoying.

If the login succeeds, we try to find a local user associated with the
canonical URL. If they don't exist, we let the user either create a
new account, or login to an existing account and connect to it.

A totally unrelated change is that the DB engine now uses InnoDB.

darcs-hash:20080618052638-84dde-909e51dbd5b9eadadf18cd010868baa18ea2349a.gz
2008-06-18 01:26:38 -04:00