Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,697 Commits 1 Branch 0 Tags
abb33ce56d531e744f9f6de0ad39fe574bfa2c71
Commit Graph

30 Commits

Author SHA1 Message Date
Robert Raposa
53239bdf37 Remove JWT_COOKIES_FLAG. 
The JWT_COOKIES_FLAG was a temporary flag used for rollout of the new
JWT cookies. These are live in Production, so we are removing the flag.

Without this flag, we set JWT cookies during login. However, this
requires an oAuth Client that isn't always available during unit tests.
We introduced a feature flag that is only used for unit tests to
disable setting the JWT cookies. The code explains a bit more why this
solution was selected over adding the oauth client to the database.

ARCH-247
 2018-10-31 10:29:05 -04:00
Douglas Hall
ebede18831 Merge pull request #19183 from edx/douglashall/explicit_jwt_cookie 
Use JWT cookies for authentication when explicitly requested by client.
 2018-10-30 20:04:00 -04:00
Douglas Hall
d8d18829e6 Use JWT cookies for authentication when explicitly requested by client. 2018-10-30 15:56:26 -04:00
Dillon-Dumesnil
1754dc5119 Merge pull request #19105 from edx/ddumesnil/unicode_cleanup 
Cleaning up unicode waffle flag
 2018-10-30 13:20:41 -04:00
Douglas Hall
653d8592b8 Merge pull request #19160 from edx/douglashall/oauth2_logout_redirect 
Enable OAuth2 clients to logout with a redirect back to the client site.
 2018-10-25 15:53:06 -04:00
Douglas Hall
72300c620a Enable OAuth2 clients to logout with a redirect back to the client site. 2018-10-25 14:54:43 -04:00
Alex Dusenbery
c11a2c0a6e EDUCATOR-3471 | Add a grade override bulk update view. 2018-10-25 14:52:12 -04:00
Dillon Dumesnil
0a0df72fc9 Cleaning up unicode waffle flag 2018-10-19 13:25:08 -04:00
Nimisha Asthagiri
45dadca18b Add email and profile scopes in JWT Cookies 2018-10-18 08:11:04 -04:00
Nimisha Asthagiri
7ab5e7be63 Merge pull request #19103 from edx/arch/refactor-oauth-scopes-tests 
Shared mixin for testing OAuth Scopes and various Auth
 2018-10-15 11:32:12 -04:00
Douglas Hall
a824543e23 Merge pull request #19100 from edx/douglashall/login_refresh_csrf_exempt 
Mark the refresh access token view as exempt from CSRF protection.
 2018-10-15 10:25:55 -04:00
Douglas Hall
4817dd3f61 Mark the refresh access token view as exempt from CSRF protection. 2018-10-15 09:44:17 -04:00
Dillon-Dumesnil
4d37779f58 Merge pull request #19051 from edx/cstenson/unicode_normalization 
Add unicode normalization to passwords.
 2018-10-15 09:41:20 -04:00
Nimisha Asthagiri
f844e765fb Create shared test mixin for testing OAuth Scopes and various Auth. 
ARCH-168
 2018-10-13 16:21:01 -04:00
Cali Stenson
9c57cd1770 Add unicode normalization to passwords. 
LEARNER-4283
 2018-10-12 15:47:15 -04:00
Robert Raposa
863f86c411 Move and rename redirect helper. 
- Rename is_safe_redirect to is_safe_login_or_logout_redirect.
- Moved is_safe_login_or_logout_redirect to user_authn.

ARCH-256
 2018-10-12 13:33:09 -04:00
Nimisha Asthagiri
afd0e488ce Merge pull request #19085 from edx/arch/consistent-cookie-expiration 
Consistent expiration for all login-related cookies
 2018-10-11 13:15:57 -04:00
Nimisha Asthagiri
2b8a9d5148 Consistent expiration for all login-related cookies 2018-10-10 22:13:28 -04:00
Dillon Dumesnil
deb758c808 Added in tests for the new password validation. Fixed old tests that 
relied on the old configuration values and old way of validating
passwords. Also improved registration page by always showing error
messages rather than hiding them on leaving the field.
 2018-10-10 11:06:30 -04:00
Diana Huang
02c15bf563 Refactor password reset email and send after failure. 2018-10-04 15:22:24 -04:00
Robert Raposa
eca340d2e1 Merge pull request #18989 from edx/robrap/ARCH-241-logout-redirect 
ARCH-241: Add ability to redirect to subdomain for logout.
 2018-10-03 15:06:11 -04:00
Robert Raposa
027c53e61e Add ability to redirect to subdomain for logout. 
ARCH-241
 2018-10-03 12:13:14 -04:00
Nimisha Asthagiri
2a170549b4 Login service user creation - data migration 2018-10-02 12:26:50 -04:00
Nimisha Asthagiri
31a1ad4a09 Merge pull request #18999 from edx/arch/refactor-jwt-builder 
JWT Cookies
 2018-10-01 13:45:15 -04:00
Nimisha Asthagiri
02ba5fb0e8 Login service support for JWT Cookies 2018-10-01 13:08:40 -04:00
Ahsan Ulhaq
39f48a8c10 Reduce query to user table 
LEARNER-6336
 2018-09-26 17:16:42 +05:00
Nimisha Asthagiri
b7deedfb36 Refactor Login Cookies 2018-09-25 09:12:08 -04:00
Robert Raposa
b4a2207a7a Add README for user_authn. 2018-09-17 14:37:05 -04:00
Robert Raposa
c91f1fdfc5 Add JWT_COOKIES_FLAG feature toggle. 
This is intended to be a temporary flag for rollout of the JWT Cookies
feature.

ARCH-235
 2018-09-17 12:24:11 -04:00
Nimisha Asthagiri
8cf44283c9 Consolidate user login and authentication code 2018-09-15 03:21:39 -04:00