Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,926 Commits 212 Branches 500 Tags 864 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Sam 2c59ffeb2c FIX: token rotation not accounting for overlapping tokens correctly 
also... freeze_time has no block form, correct all usages and specs
 2017-02-15 10:58:18 -05:00
Sam 5346cd3514 correct the test 2017-02-14 09:34:39 -05:00
Sam c52784f9d2 FIX: race condition when marking tokens as seen 
- in rare conditions can lead to users being logged off
 2017-02-14 09:34:09 -05:00
Sam 0ab96a7691 FEATURE: add hidden setting for verbose auth token logging 
This is only needed to debug auth token issues, will result in lots
of logging
 2017-02-13 14:01:09 -05:00
Sam ff49f72ad9 FEATURE: per client user tokens 
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
 2017-02-07 09:22:16 -05:00