483c32cfbf
* Users are only authenticated against their password on login, and to retrieve a token. * Passwords are wiped from the app and cookies after login and token retrieval * Tokens are revoked at the end of the session/logout * If the user chooses the "remember me" option, the token is stored in the cookie * A user interface to revoke tokens will be added * Tokens correctly delete themselves on logout * API documentation updated for the new user-token endpoints * Added a Manage tokens tab to the user panel * Added bullet point about the token authentication for the API * Added tests for new endpoints and tests against authentication middleware |
||
|---|---|---|
| .. | ||
| auth_controller.js | ||
| base_post_controller.js | ||
| comments_controller.js | ||
| help_controller.js | ||
| home_controller.js | ||
| not_found_controller.js | ||
| page_controller.js | ||
| password_reset_controller.js | ||
| post_detail_controller.js | ||
| post_list_controller.js | ||
| post_main_controller.js | ||
| post_upload_controller.js | ||
| settings_controller.js | ||
| snapshots_controller.js | ||
| tag_categories_controller.js | ||
| tag_controller.js | ||
| tag_list_controller.js | ||
| top_navigation_controller.js | ||
| user_controller.js | ||
| user_list_controller.js | ||
| user_registration_controller.js | ||