501 Commits (d4de717cf7e64f21388cc2b1d6c12df277738275)
 

Author SHA1 Message Date
Tom Hacohen d5300a76d8 Members: add support for iterators when listing members 4 years ago
Tom Hacohen b4db35bca1 List APIs: add done to APIs that didn't have it. 4 years ago
Tom Hacohen fcb58f0f4c List APIs: fix the stoken calculation for collections.
I'm not sure why it just wouldn't work with aggregate. I also couldn't get it
to work with annotate then aggregate or any other alternative.
4 years ago
Tom Hacohen 6117cac111 List APIs: return a done field to indicate the fetch is done. 4 years ago
Tom Hacohen 2d7b90e848 Collection items: also show deleted items.
This was a mistake. We want deleted items to show because we want to
know when things have been deleted when we ask for updates.
4 years ago
Tom Hacohen ab0d85c84f Change password: change to require a signed request, just like login.
Without this, it would be sufficient to steal an auth token to render the account
unusable because it would be possible to just reset the encrypted content
of the account. With this change we require the user to actually know
the account password in order to do it.
5 years ago
Tom Hacohen 54268ac027 Login: add an action indicator to know the user signed a login request. 5 years ago
Tom Hacohen d1017aac76 Rename django_etesync to django_etebase. 5 years ago
Tom Hacohen 23b2bb3c0a Batch: refactor code and allow passing deps to check against. 5 years ago
Tom Hacohen 653341115f Chunks: add stricter validation. 5 years ago
Tom Hacohen e062fcd429 Revision: add salt. 5 years ago
Tom Hacohen 119479d22b Test reset: allow anyone to reset test users and fully init accounts. 5 years ago
Tom Hacohen 29145f2215 Logout: don't use internal auth accessor. 5 years ago
Tom Hacohen c00c208199 Change to our own token authentication. 5 years ago
Tom Hacohen cc23d516a0 Add an endpoint to change password. 5 years ago
Tom Hacohen 9cc68291df Authentication classes: add permissions to logout. 5 years ago
Tom Hacohen ad184f0ac3 Rename encryptedSeckey to encryptedContent. 5 years ago
Tom Hacohen 7842bd4d9c CollectionItem list: don't return the main item. 5 years ago
Tom Hacohen 1bd4c5be52 Send the login signal on login. 5 years ago
Tom Hacohen c2337f244d Signup: fix signup for users without user info. 5 years ago
Tom Hacohen 15cd41db83 login: gracefully handle bad login attempts. 5 years ago
Tom Hacohen 215a260700 Login: use only the username (not email) for login.
We may add support for email in the future.
5 years ago
Tom Hacohen 6051a5ae3a Signup: use the recommended drf style for validation. 5 years ago
Tom Hacohen 40db4e14b0 Signup: rename the UserQuerySerializer to Signup. 5 years ago
Tom Hacohen 5b2040fda3 Fix running with postgres: convert memoryview to bytes for nacl. 5 years ago
Tom Hacohen ddc43c638a Requirements: remove unused requirements. 5 years ago
Tom Hacohen 9347682997 Collection update: support limiting vs not limiting based on stoken. 5 years ago
Tom Hacohen 64b947d455 Change invitations to also follow our list return type format. 5 years ago
Tom Hacohen 89b47c67b7 Removed redundant get_serializer_context.
This is already provided by default in drf.
5 years ago
Tom Hacohen 9f2140ffac Change serializer fetching to the more drf way of doing it.
Also fix the ItemChunk serializer.
5 years ago
Tom Hacohen 6c31b8fb30 CollectionItemView: disallow normal item creation
People should only use transaction/batch
5 years ago
Tom Hacohen f6960bb8cb CollectionMember: fix collection list to return data in the right format. 5 years ago
Tom Hacohen e159bf971b Collection/item viewsets: enforce access. 5 years ago
Tom Hacohen 6e7fd5d0dd Collection membership: implement leaving/revoking access. 5 years ago
Tom Hacohen d93a5d3f06 Collections: use the member stokens for filtering based on stoken
While at it, also generalised the stoken handling to be generic and
extendible.
5 years ago
Tom Hacohen 1f18f4e50b CollectionMember: add stokens when we create/change the member. 5 years ago
Tom Hacohen 91aadb6565 Make etag write-only. 5 years ago
Tom Hacohen 9c63f8d674 Rename stoken to etag and cstoken to stoken.
This conforms better with what people know from HTTP and properly
differentiates from CSToken which is now renamed to stoken.
5 years ago
Tom Hacohen 8eee280bbb Split cstoken and stoken to be different concepts
The stokens are really just integrity checks for items, and are really
just tied to what revision we expected to have first what we have. So we
will rename stoken to lastRev or something, and have them completely
separate.

A partial revert of e22a49f982046e875d4e1c5007a91353527d7a0f
5 years ago
Tom Hacohen 6e7ad92a12 Add missing migrations forgotten in the previous commit
Missing from: 73f4ff765c7713c9aa48dec2bfc4c3c1c0c7e9f3
5 years ago
Tom Hacohen 2a39f3538e Change to standalone stoken objects (+ small optimisation).
Makes it possible to now generate Stokens as we need so we can add them to
non-revision objects, for example, membership changes.

We also slightly improved how we filter by revs.
5 years ago
Tom Hacohen 3cdb7783fe Make sure to always return fresh stokens. 5 years ago
Tom Hacohen fce844bfc3 Uid: Change how validation is done. 5 years ago
Tom Hacohen 10b9d33ffe UidValidator: fix to actually validate. 5 years ago
Tom Hacohen e94e2f9d70 Add a separate pubkey/privatekey for sharing.
It's separated from the login one so that encryption key and identity
can be rotated separately.
5 years ago
Tom Hacohen 863c405802 Rename pubkey to loginPubkey because we'll soon have another pubkey.
This breaks sharing because we no longer have a normal pubkey.
This will be fixed in the next commit.
5 years ago
Tom Hacohen 2412c295de Signup: fix bug making signup not to work. 5 years ago
Tom Hacohen 8323f23561 Add a nop for api/logout/
It's there for etesync.com and is used to invalidate the token.
Unfortunately we can't fully implement it here because the token
implementation is lacking. This will be fixed soon once we update the
token library with the next version of the protocol.
5 years ago
Tom Hacohen a965a76c36 Invitation: move outgoing invitations to invite/outgoing. 5 years ago
Tom Hacohen 118dbea4e3 InvitationSerializer: fix user validator. 5 years ago