aboutsummaryrefslogtreecommitdiffstats
path: root/backend/routes (follow)
Commit message (Collapse)AuthorAgeLines
* Reverts "Validates Form Patch Request"Gravatar Hassan Abouelela2021-06-03-2/+6
| | | | | | | Reverts the changes made in 4f28ae85 because they made it impossible to send a partial patch request. Changes to a simpler try/except instead. Signed-off-by: Hassan Abouelela <[email protected]>
* Set Form Viewing URLGravatar Hassan Abouelela2021-05-30-1/+1
| | | | Signed-off-by: Hassan Abouelela <[email protected]>
* Validates Form Patch RequestGravatar Hassan Abouelela2021-05-30-1/+3
| | | | | | Makes sure patch requests send a validated request. Signed-off-by: Hassan Abouelela <[email protected]>
* Adds A Dev Only Endpoint For Adding AdminsGravatar Hassan Abouelela2021-05-15-8/+35
| | | | | | | Copies the admin adding endpoint into an unprotected endpoint that is only registered in non-production builds. Signed-off-by: Hassan Abouelela <[email protected]>
* Simplify role assigning rate limit handlingGravatar ks1292021-03-09-12/+6
| | | Co-authored-by: Hassan Abouelela <[email protected]>
* Merge branch 'main' into ks123/role-assigningGravatar ks1292021-03-09-21/+291
|\
| * Corrects Token Cookie DomainGravatar Hassan Abouelela2021-03-07-4/+2
| | | | | | | | | | | | Removes schema from the token cookie's domain field. Signed-off-by: Hassan Abouelela <[email protected]>
| * Switches Forwarded Protocol HeaderGravatar Hassan Abouelela2021-03-07-12/+9
| | | | | | | | | | | | | | | | Traefik forwards https traffic to http, which causes issues with the protocol in a request's URL. This switch uses the protocol header to correctly set the protocol. Signed-off-by: Hassan Abouelela <[email protected]>
| * Corrects Domain On Token CookieGravatar Hassan Abouelela2021-03-07-1/+2
| | | | | | | | | | | | Correctly formats the domain set on the cookie used for tokens. Signed-off-by: Hassan Abouelela <[email protected]>
| * Corrects Domain On Token CookieGravatar Hassan Abouelela2021-03-07-2/+3
| | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * Fixes Domain URL On Token CookieGravatar Hassan Abouelela2021-03-07-11/+18
| | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * Makes Helper To Handle Token SameSite LogicGravatar Hassan Abouelela2021-03-07-17/+41
| | | | | | | | | | | | Adds a helper method to allow tokens to work on deploy previews. Signed-off-by: Hassan Abouelela <[email protected]>
| * Revert "Sets Token Cookie To Same Site To Lax"Gravatar Hassan Abouelela2021-03-06-2/+2
| | | | | | | | | | | | This reverts commit 013ea900 Signed-off-by: Hassan Abouelela <[email protected]>
| * Sets Token Cookie To Same Site To LaxGravatar Hassan Abouelela2021-03-06-2/+2
| | | | | | | | | | | | | | Sets the authorization token cookie's security policy to lax, to allow it to work on the site. Signed-off-by: Hassan Abouelela <[email protected]>
| * Formats Authorize FileGravatar Hassan Abouelela2021-03-06-3/+2
| | | | | | | | | | | | | | | | Cleans up the authorize file, and the __init__ to maintain the project's code style. Co-authored-by: Joe Banks <[email protected]> Signed-off-by: Hassan Abouelela <[email protected]>
| * Renames Token To `token` Gravatar Hassan Abouelela2021-03-06-3/+3
| | | | | | | | | | Changes the name for the token used to authorize with the backend. Co-authored-by: Joe Banks <[email protected]>
| * Merge branch 'main' into token-expiryGravatar Hassan Abouelela2021-02-28-1/+153
| |\ | | | | | | | | | | | | | | | # Conflicts: # backend/routes/forms/form.py # backend/routes/forms/submit.py
| | * Obliterate the _unit_cache variableGravatar Matteo Bertucci2021-02-27-3/+0
| | |
| | * Use base64 encoded code snippetsGravatar Matteo Bertucci2021-02-26-4/+4
| | |
| | * Properly hadnle hidden tests starting with test_Gravatar Matteo Bertucci2021-02-25-1/+1
| | |
| | * Remove unused importGravatar Matteo Bertucci2021-02-25-2/+4
| | |
| | * Make _make_unit_code more readableGravatar Matteo Bertucci2021-02-25-1/+4
| | |
| | * Remove unneeded temp variableGravatar Matteo Bertucci2021-02-25-4/+2
| | |
| | * Only filter units if we aren't using an admin tokenGravatar Matteo Bertucci2021-02-25-1/+2
| | |
| | * Make use of list.copy() instead of [:]Gravatar Matteo Bertucci2021-02-25-2/+2
| | |
| | * Don't try to parse the composed codeGravatar Matteo Bertucci2021-02-25-40/+32
| | |
| | * Make use of .raise_for_status()Gravatar Matteo Bertucci2021-02-25-8/+6
| | | | | | | | | | | | Co-authored-by: Hassan Abouelela <[email protected]>
| | * Add return code 7 for processes killed by NsJailGravatar Matteo Bertucci2021-02-25-22/+25
| | |
| | * Add return code 6 for exceptions when loading moduleGravatar Matteo Bertucci2021-02-25-1/+1
| | |
| | * Properly handle return codes 5 and 99Gravatar Matteo Bertucci2021-02-24-14/+18
| | |
| | * Document unittest codeGravatar Matteo Bertucci2021-02-24-6/+16
| | |
| | * Censor unittests on GET /forms/$idGravatar Matteo Bertucci2021-02-24-0/+16
| | |
| | * Add support for hidden testsGravatar Matteo Bertucci2021-02-24-2/+17
| | |
| | * Return 403 on failed testsGravatar Matteo Bertucci2021-02-24-1/+1
| | |
| | * Switch to 100 chars line length and get rid of the noqasGravatar Matteo Bertucci2021-02-24-6/+14
| | |
| | * Hook up unittesting in the submit protocolGravatar Matteo Bertucci2021-02-24-0/+14
| | |
| | * Support code unit testing through snekboxGravatar Matteo Bertucci2021-02-24-0/+91
| | |
| * | Dynamically Selects OAuth Redirect URIGravatar Hassan Abouelela2021-02-21-2/+4
| | | | | | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * | Centralizes Admin AuthenticationGravatar Hassan Abouelela2021-02-20-1/+2
| | | | | | | | | | | | | | | | | | | | | Sets admin authentication on authenticator to allow the addition and removal of admins without creating a new token. Signed-off-by: Hassan Abouelela <[email protected]>
| * | Adds Expiry To Authorization RoutesGravatar Hassan Abouelela2021-02-20-1/+6
| | | | | | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * | Remove AuthorizationHeaders ClassGravatar Hassan Abouelela2021-02-19-2/+1
| | | | | | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * | Refreshes User Data On Form SubmitGravatar Hassan Abouelela2021-02-19-8/+38
| | | | | | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * | Adds Token Refresh RouteGravatar Hassan Abouelela2021-02-19-13/+68
| |/ | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
* | Merge branch 'main' into ks123/role-assigningGravatar ks1292021-01-23-5/+3
|\|
| * Order discoverable forms alphabeticallyGravatar Joe Banks2021-01-04-1/+1
| |
| * Use $in operator for non-admin filtering to allow fetching closed formsGravatar ks1292021-01-04-1/+1
| | | | | | This was OPEN before, but we need to return discoverable closed forms too.
| * `jwt.encode` returns a string, not a bytestring.Gravatar kosayoda2020-12-31-3/+1
| | | | | | | | | | | | | | As of pyjwt 2.0.0, `jwt.encode` does not return a bytestring, so decoding is unnecessary. ref: https://github.com/jpadilla/pyjwt/blob/c96131b970fd341106ce33d0a85b50e3bdbb67ec/CHANGELOG.md#jwtencode-return-type
* | Handle ratelimits for role assigningGravatar ks1292020-12-29-7/+19
| |
* | Implement roles assigning to submit routeGravatar ks1292020-12-29-12/+40
|/
* Minor DevOps tweaksGravatar Joe Banks2020-12-28-1/+7
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-21 13:45:12 +0000