embarklabs
/
embark
mirror of https://github.com/embarklabs/embark.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
4,550 Commits 171 Branches 184 Tags 104 MiB
Commit Graph

13 Commits

Author SHA1 Message Date
Andre Medeiros e229688508
Don't send empty body on authentication 2018-10-23 11:08:23 +02:00
Andre Medeiros 53bc4d945a
Change back how auth works for websockets. 
As it turns out, a websocket request doesn't contain some of the
hashable properties in order to be validated. Because of that, we'll
still use tokens here until we find a better way to do it.
 2018-10-23 11:08:22 +02:00
Andre Medeiros 428f591330
Don't send token in request body. 
Instead, we want to hash a header to sign a request with a client nonce,
http method and URL. This is a first step towards protecting the backend
against eavesdropping.

Please note that this will still be susceptible to replay attacks.
 2018-10-23 11:01:11 +02:00
Iuri Matias 1c59701045
fix wording 2018-10-23 10:59:17 +02:00
Iuri Matias 085a282c96
add copytoken command 2018-10-23 10:59:17 +02:00
Anthony Laibe 2fb5d907ec
Add ability to logout 2018-10-23 10:42:00 +02:00
Jonathan Rainville ae3185d96f
rename event 2018-10-23 10:42:00 +02:00
Jonathan Rainville 749853be32
use port and host from config 2018-10-23 10:42:00 +02:00
Jonathan Rainville 3495f9fbb8
authorize each request through header 2018-10-23 10:41:59 +02:00
Jonathan Rainville 6125329cae
show authorize form when auth error 2018-10-23 10:41:23 +02:00
Jonathan Rainville e68feb81af
add console command to get token 2018-10-23 10:41:23 +02:00
Jonathan Rainville faf09b7d39
use local cache to store the token 2018-10-23 10:41:23 +02:00
Jonathan Rainville 422a98e172
add basic authentication 2018-10-23 10:41:22 +02:00