discourse/lib/auth
Sam ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
..
authenticator.rb Typo fix 2013-09-24 18:47:57 +05:30
current_user_provider.rb SECURITY: don't grant same privileges to user_api and api access 2016-12-16 12:05:43 +11:00
default_current_user_provider.rb FEATURE: per client user tokens 2017-02-07 09:22:16 -05:00
facebook_authenticator.rb FIX: download avatar from facebook/twitter in a job in order to prevent hangs when avatars are huge 2016-10-24 17:15:13 +02:00
github_authenticator.rb Add support for email whitelist/blacklist to GitHub auth 2016-09-22 11:31:10 -07:00
google_oauth2_authenticator.rb FIX: protect against future regressions of google omniauth 2016-11-07 12:48:00 +11:00
instagram_authenticator.rb Update instagram_authenticator.rb 2016-02-26 11:37:48 +10:00
oauth2_authenticator.rb Perform the where(...).first to find_by(...) refactoring. 2014-05-06 14:41:59 +01:00
open_id_authenticator.rb FEATURE: raise an exception when the email is missing in the OpenId callback 2014-08-07 19:28:50 +02:00
result.rb Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
twitter_authenticator.rb FIX: download avatar from facebook/twitter in a job in order to prevent hangs when avatars are huge 2016-10-24 17:15:13 +02:00