Commit graph

47 commits

Author SHA1 Message Date
Daniel Krol
5985631410 Don't hand out auth tokens if they're not verified 2022-07-26 10:53:31 -04:00
Daniel Krol
55db62e2f9 Register endpoint handles "verified" status
Based on the verification mode specified in env. The db doesn't do anything with it yet.
2022-07-26 10:16:44 -04:00
Daniel Krol
aefda1245b Make emails case insensitive (for now).
Prevents duplicate accounts. Also allows case insensitive search (user id, salt seed, etc) while still having an index. This is done by storing normalized as a separate field from originally formated (which we'll use for sending emails, etc).
2022-07-22 16:29:03 -04:00
Daniel Krol
f10cc8aa26 Salt Seed, used to generate secrets on client 2022-07-21 19:10:16 -04:00
Daniel Krol
4430013bae KDF for server password. Save salt in DB. 2022-07-14 22:04:03 -04:00
Daniel Krol
55686cb7b5 Change module name to new repo account 2022-07-11 22:14:53 -04:00
Daniel Krol
7833015f56 Clear up what ErrNoWallet means 2022-07-11 10:41:18 -04:00
Daniel Krol
f8d51f9b31 Rename file to be more uniform 2022-07-06 15:26:26 -04:00
Daniel Krol
9aa2082a7c Change a check to be like other times I made that check in the file. 2022-07-06 15:22:45 -04:00
Daniel Krol
2b55d0f678 use QueryRow in store.go for cleaner code 2022-07-06 15:15:17 -04:00
Daniel Krol
125e461d95 Change password endpoint implemented and tested 2022-07-06 14:03:59 -04:00
Daniel Krol
02a5b9ce24 store.ChangePasswordNoWallet implement and test 2022-07-05 17:12:14 -04:00
Daniel Krol
41b65d08ab Add test to make sure tokens don't set expiration on error. 2022-07-04 11:50:00 -04:00
Daniel Krol
37fae6436b Create and test password change method
Includes updating the wallet if the user has one
2022-07-04 11:41:08 -04:00
Daniel Krol
8fce2cd868 Don't check that userId is non-zero; it's already handled by ForeignKey constraints 2022-06-29 00:12:01 -04:00
Daniel Krol
a37b64faad Actually put in foreign key constraints! Also test wallet and account empty db fields. 2022-06-29 00:06:43 -04:00
Daniel Krol
fac36a7931 Reject empty fields for insert token 2022-06-28 18:43:43 -04:00
Daniel Krol
098319bc77 Safer and slightly more efficient auth token query 2022-06-27 16:18:16 -04:00
Daniel Krol
dce5f8dd6c Don't use store functions to set up store function tests 2022-06-27 16:10:31 -04:00
Daniel Krol
0a74c67db0 Don't rely on store functions to verify other store functions in tests 2022-06-27 15:59:56 -04:00
Daniel Krol
535799299e Rename test file 2022-06-27 11:39:44 -04:00
Daniel Krol
897ee4b9a7 Move tests around a bit more 2022-06-27 11:36:58 -04:00
Daniel Krol
4b309154c6 Split store tests up 2022-06-27 11:28:39 -04:00
Daniel Krol
ff25de92e7 Make sure we're saving as UTC to the db.
Don't know whether it'd even be an issue, but better not to have a bunch of problems saved in databases.
2022-06-24 14:28:07 -04:00
Daniel Krol
99f17511e4 Test GetUserId 2022-06-24 13:26:21 -04:00
Daniel Krol
6d34f39f12 CreateAccount test and cleanup 2022-06-24 13:15:21 -04:00
Daniel Krol
55b4db0fe8 GetWallet test 2022-06-24 12:19:06 -04:00
Daniel Krol
70b8f1f886 SetWallet tests 2022-06-24 11:59:04 -04:00
Daniel Krol
7af1ea90bc Shorten test strings 2022-06-24 11:32:13 -04:00
Daniel Krol
76d7737341 Split out wallet test init 2022-06-24 11:30:53 -04:00
Daniel Krol
377f598b23 Clean up wallet tests 2022-06-24 11:20:51 -04:00
Daniel Krol
2ff2b7dee0 var name 2022-06-24 11:19:32 -04:00
Daniel Krol
157f1233d7 Clean up token tests with helper functions 2022-06-23 20:33:49 -04:00
Daniel Krol
9ece00c128 Wallet update tests 2022-06-23 20:03:26 -04:00
Daniel Krol
127f8724a4 Fix comments and test error messages 2022-06-23 19:57:55 -04:00
Daniel Krol
bfd797be03 Insert wallet test 2022-06-23 18:12:01 -04:00
Daniel Krol
b1c987815d Update test stubs to match current store functions 2022-06-23 17:29:16 -04:00
Daniel Krol
3d492d8b86 Update API: PostWallet no longer returns a wallet 2022-06-23 15:22:31 -04:00
Daniel Krol
62866a0045 Handle oversized requests. 2022-06-19 17:49:05 -04:00
Daniel Krol
512ebe3e95 Protocol changes
* Regress from `lastSynced` to just `sequence` to start with something simpler
* Simplified payload: separate metadata, assume canonical way to hmac it together
  * No more "wallet state" except as a simple wrapper on the front end
* Version number in wallet payloads
2022-06-10 15:04:31 -04:00
Daniel Krol
95cbac71ed Cleanup in a test 2022-06-07 18:26:47 -04:00
Daniel Krol
41721a8f70 Delete some things we don't need anymore 2022-06-07 18:15:46 -04:00
Daniel Krol
0bf11b059c Change to normal password auth, and various things 2022-06-07 17:47:38 -04:00
Daniel Krol
15c68d7153 Move and comment a function 2022-06-02 14:04:33 -04:00
Daniel Krol
6610d7800b Better variable name 2022-06-02 13:49:49 -04:00
Daniel Krol
f664519d56 signature in DB should be TEXT not INTEGER 2022-06-01 14:46:56 -04:00
Daniel Krol
2fbcf6ee6d Get/Post WalletState, account recover, test client
A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later.

* Get/Post WalletState
* downloadKey/email so that a second client can log in, and/or recover from lost client
* Test client in Python to demonstrate the above
* Organize into packages
2022-01-04 16:07:23 -05:00