Daniel Krol
f60e5659b6
Don't update verify tokens if the account is already verified
2022-07-31 14:13:30 -04:00
Daniel Krol
39144aa3c0
Comment assumptions on store functions
2022-07-31 13:54:40 -04:00
Daniel Krol
ea3b04eff6
store.VerifyToken
2022-07-31 12:42:03 -04:00
Daniel Krol
2dd3019b08
store.UpdateVerifyTokenString
2022-07-31 12:26:03 -04:00
Daniel Krol
eabfa9d54c
No password change for unverified accounts
2022-07-30 23:09:33 -04:00
Daniel Krol
4a205bbda7
GetUserId - Return error if account unverified
2022-07-30 15:06:27 -04:00
Daniel Krol
dee2882fe9
Verify token db fields, CreateAccount changes
2022-07-30 14:24:33 -04:00
Daniel Krol
5ffcddf8f7
Endpoint to re-send verify token string
2022-07-29 20:49:00 -04:00
Daniel Krol
19396e9797
Make error message more accurate. Rename test.
2022-07-29 15:52:23 -04:00
Daniel Krol
6672175a25
Server test/implement send verify-account email
2022-07-27 19:45:09 -04:00
Daniel Krol
f15875c4a6
Verify account endpoint
2022-07-26 16:36:57 -04:00
Daniel Krol
aee351a2b1
Don't allow password change for unverified accounts
...
Mainly because wallet change is tied up in it
2022-07-26 11:18:43 -04:00
Daniel Krol
5985631410
Don't hand out auth tokens if they're not verified
2022-07-26 10:53:31 -04:00
Daniel Krol
55db62e2f9
Register endpoint handles "verified" status
...
Based on the verification mode specified in env. The db doesn't do anything with it yet.
2022-07-26 10:16:44 -04:00
Daniel Krol
aefda1245b
Make emails case insensitive (for now).
...
Prevents duplicate accounts. Also allows case insensitive search (user id, salt seed, etc) while still having an index. This is done by storing normalized as a separate field from originally formated (which we'll use for sending emails, etc).
2022-07-22 16:29:03 -04:00
Daniel Krol
f10cc8aa26
Salt Seed, used to generate secrets on client
2022-07-21 19:10:16 -04:00
Daniel Krol
4430013bae
KDF for server password. Save salt in DB.
2022-07-14 22:04:03 -04:00
Daniel Krol
55686cb7b5
Change module name to new repo account
2022-07-11 22:14:53 -04:00
Daniel Krol
7833015f56
Clear up what ErrNoWallet means
2022-07-11 10:41:18 -04:00
Daniel Krol
9aa2082a7c
Change a check to be like other times I made that check in the file.
2022-07-06 15:22:45 -04:00
Daniel Krol
2b55d0f678
use QueryRow in store.go for cleaner code
2022-07-06 15:15:17 -04:00
Daniel Krol
125e461d95
Change password endpoint implemented and tested
2022-07-06 14:03:59 -04:00
Daniel Krol
02a5b9ce24
store.ChangePasswordNoWallet implement and test
2022-07-05 17:12:14 -04:00
Daniel Krol
37fae6436b
Create and test password change method
...
Includes updating the wallet if the user has one
2022-07-04 11:41:08 -04:00
Daniel Krol
8fce2cd868
Don't check that userId is non-zero; it's already handled by ForeignKey constraints
2022-06-29 00:12:01 -04:00
Daniel Krol
a37b64faad
Actually put in foreign key constraints! Also test wallet and account empty db fields.
2022-06-29 00:06:43 -04:00
Daniel Krol
fac36a7931
Reject empty fields for insert token
2022-06-28 18:43:43 -04:00
Daniel Krol
098319bc77
Safer and slightly more efficient auth token query
2022-06-27 16:18:16 -04:00
Daniel Krol
0a74c67db0
Don't rely on store functions to verify other store functions in tests
2022-06-27 15:59:56 -04:00
Daniel Krol
4b309154c6
Split store tests up
2022-06-27 11:28:39 -04:00
Daniel Krol
6d34f39f12
CreateAccount test and cleanup
2022-06-24 13:15:21 -04:00
Daniel Krol
3d492d8b86
Update API: PostWallet no longer returns a wallet
2022-06-23 15:22:31 -04:00
Daniel Krol
62866a0045
Handle oversized requests.
2022-06-19 17:49:05 -04:00
Daniel Krol
512ebe3e95
Protocol changes
...
* Regress from `lastSynced` to just `sequence` to start with something simpler
* Simplified payload: separate metadata, assume canonical way to hmac it together
* No more "wallet state" except as a simple wrapper on the front end
* Version number in wallet payloads
2022-06-10 15:04:31 -04:00
Daniel Krol
41721a8f70
Delete some things we don't need anymore
2022-06-07 18:15:46 -04:00
Daniel Krol
0bf11b059c
Change to normal password auth, and various things
2022-06-07 17:47:38 -04:00
Daniel Krol
f664519d56
signature
in DB should be TEXT not INTEGER
2022-06-01 14:46:56 -04:00
Daniel Krol
2fbcf6ee6d
Get/Post WalletState, account recover, test client
...
A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later.
* Get/Post WalletState
* downloadKey/email so that a second client can log in, and/or recover from lost client
* Test client in Python to demonstrate the above
* Organize into packages
2022-01-04 16:07:23 -05:00