50 Commits

Author SHA1 Message Date
dandds
bd8a469e93 Fix tests that were broken by a fixture CRL expiring.
Adjust the broken tests to use our dynamic fixtures for PKI files. Some
tests still rely on these fixtures, but this is a minimal patch to get
the test suite passing again. Eventually all tests should use the pytest
fixtures.
2019-07-10 11:11:49 -04:00
richard-dds
c653cf2dbf Display a flash message when a user logs out 2019-05-28 16:55:52 -04:00
leigh-mil
610aef428d Add user's last login to the session data 2019-04-03 12:24:02 -04:00
dandds
c4b4cc0912 update atat-wide permission sets 2019-03-21 05:38:28 -04:00
dandds
bec5d11bfe users have permission sets for site-wide perms 2019-03-21 05:38:28 -04:00
dandds
13bc7f56b0
Merge pull request #701 from dod-ccpo/portfolio-perms
Portfolio perms
2019-03-18 08:40:35 -04:00
dandds
1a122c5335 rename role -> permission_set everywhere 2019-03-15 07:14:49 -04:00
Montana
effec85cf9 Raise Error Code 008 for invalid CRLs 2019-03-14 13:42:12 -04:00
dandds
d3d36822df workspace -> portfolio everywhere 2019-01-14 16:00:17 -05:00
dandds
08806eed24 put requests workflow tests behind a feature toggle 2019-01-07 16:05:27 -05:00
Patrick Smith
8bb9c1ab8a Add __repr__ to models 2018-10-02 14:14:39 -04:00
dandds
8a89c519eb on user login, redirect based on next query parameter if available 2018-10-01 16:16:30 -04:00
dandds
8b8d694abd apply destination url path as next parameter to login redirect 2018-10-01 16:16:30 -04:00
Patrick Smith
a27c1b5712 Set current user for public routes as well 2018-09-26 16:50:43 -04:00
dandds
04d03f3c93 fix and refactor test for protected routes 2018-09-24 16:59:08 -04:00
dandds
0e8d5f1390 some cleanup to auth tests 2018-09-17 10:27:49 -04:00
dandds
0d1494ea11 create logout endpoint that clears user data from session 2018-09-17 10:18:14 -04:00
richard-dds
fa105a95e3 Redirect to home after login, which redirects elsewhere 2018-09-05 10:39:05 -04:00
richard-dds
533dc8e0f6 Redirect CCPO to requests index after login 2018-09-04 16:18:43 -04:00
richard-dds
daa8634cb4 Format project 2018-08-23 16:25:36 -04:00
Montana
5f0a9e22d6 Fix tests 2018-08-22 16:05:37 -04:00
dandds
07ce940650 create AuthenticationContext to consolidate auth logic 2018-08-09 15:01:43 -04:00
dandds
05de0665d4 basic implementation of email parsing for CAC user login 2018-08-09 15:01:06 -04:00
dandds
7b8934e0cb add Flask error handlers 2018-08-08 13:54:15 -04:00
dandds
d693db7dbb apply authentication to the whole app, track exceptions 2018-08-06 14:06:06 -04:00
dandds
7ea3f682e0 better test name 2018-08-06 12:59:01 -04:00
dandds
ac95bf371e implement CRL checking from authnid 2018-08-06 11:12:58 -04:00
dandds
be079a62dc apply auth requirement to virtually all endpoints 2018-08-06 10:45:33 -04:00
dandds
ad1e1e771b extract get_current_user, fix tests 2018-08-06 10:44:24 -04:00
dandds
6dce89df1b 401 unauthorized page for bad logins 2018-08-06 10:44:24 -04:00
richard-dds
13146e9362 Implement log_in_user 2018-08-06 10:44:00 -04:00
dandds
45b47c41bf update tests for Flask 2018-08-02 16:03:54 -04:00
dandds
7d3cd04bdd
Merge pull request #75 from dod-ccpo/authz-permissions
Authz permissions
2018-07-18 09:44:46 -04:00
dandds
37ee8f9c7a confirm user site perms are stored in session 2018-07-16 15:58:43 -04:00
richard-dds
e48644fb44 Create authz users on login 2018-07-16 13:19:35 -04:00
dandds
335bbed94d ensure we clear session cookies 2018-07-12 16:43:41 -04:00
dandds
21c970e4b4 rename some handlers with more specificity 2018-07-12 11:39:22 -04:00
dandds
b7d191a8eb do not redirect in get_current_user 2018-07-09 14:04:04 -04:00
dandds
46016faceb test and update to README 2018-06-28 10:24:20 -04:00
richard-dds
118a84560a Add simple session management using redis 2018-06-27 16:07:25 -04:00
richard-dds
0e852ae8ff Fix two linter warnings as well 2018-06-26 10:39:30 -04:00
richard-dds
f9335c7a4e Use black for formatting 2018-06-26 10:31:39 -04:00
richard-dds
606bd61d3a Simplify test by removing ThreadPool 2018-06-14 13:10:19 -04:00
dandds
e89be59d3e remove unused monkeypatch 2018-06-13 17:08:10 -04:00
dandds
261a00adb2 pass authnid_client directly to Login handler and other small cleanup 2018-06-13 17:08:10 -04:00
dandds
34f3c7776b fall back to regular tornado authentication decorator 2018-06-13 17:08:10 -04:00
dandds
4e61b08330 handle auth via redirect with parameter 2018-06-13 17:08:09 -04:00
dandds
234bbcea0f validate bearer tokens against authnid 2018-06-13 17:08:09 -04:00
dandds
d573c5459b provide dev access to app 2018-06-13 17:08:09 -04:00
dandds
25db6fabbe WIP: authentication handling for ATST 2018-06-13 17:08:09 -04:00