aboutsummaryrefslogtreecommitdiffhomepage
path: root/app/config/security.yml
Commit message (Collapse)AuthorAgeFilesLines
* Add client_credentials as grant_typeoauth-changesThomas Citharel2017-06-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Therefore, username and password are no longer needed Signed-off-by: Thomas Citharel <tcit@tcit.fr> Allow to have global clients, auth through direct token or auth code and bring scopes Signed-off-by: Thomas Citharel <tcit@tcit.fr> fix review Signed-off-by: Thomas Citharel <tcit@tcit.fr> remove redirect uri requirement on specific clients add back password and depreciate it enforce state Signed-off-by: Thomas Citharel <tcit@tcit.fr> Allow apps to register themselves A handful of changes Signed-off-by: Thomas Citharel <tcit@tcit.fr> change timeout values Signed-off-by: Thomas Citharel <tcit@tcit.fr> set access_token lifetime to 1 year and double for refresh_token Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* API user creation behing a toggleJeremy Benoist2017-06-021-0/+1
| | | | | | | | I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled. Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information. I've moved all the internal settings definition to config to avoid duplicated place to define them. I don't know why we didn't did that earlier.
* Add users management UIJeremy Benoist2016-10-021-0/+1
| | | | | | - remove the “add a user” from the config page - add a CRUD on user - fix some missing translations (+ bad indentation)
* Share entry with a public URLNicolas Lœuillet2016-08-231-0/+1
|
* Remove useless spacesJeremy Benoist2016-06-241-7/+9
|
* Add version in APIVincent2016-03-071-0/+1
|
* Comment work with annotator v2Thomas Citharel2016-02-261-0/+1
| | | | | | - add missing annotator.js file and fix typo - edit & delete routes, started tests - basic tests
* Fix permission to settings pageJeremy Benoist2016-01-311-1/+1
|
* Add CraueConfig for internal settingsJeremy Benoist2016-01-311-0/+1
|
* Update bundle & stock fileJeremy Benoist2016-01-151-2/+7
| | | | | | - update stock file (AppKernel, app.php, etc ..) from SymfonyStandard edition) - update bundle to latest release - remove security on profiler
* CleanupJeremy Benoist2015-10-031-0/+1
| | | | | - remove unecessary routing for UserBundle - remove unused form type
* remove old implementation for login/register/recoverNicolas Lœuillet2015-10-031-2/+2
|
* allow API documentation for anonymousNicolas Lœuillet2015-10-031-1/+1
|
* * public registrationNicolas Lœuillet2015-10-031-10/+11
| | | | | * remove WSSE implementation * add oAuth2 implementation
* implement FosUserNicolas Lœuillet2015-09-111-23/+6
|
* Merge pull request #1323 from wallabag/v2-1302-checkboxJeremy Benoist2015-08-121-0/+6
|\ | | | | fix #1302: add 'stay connected' checkbox
| * add 'stay connected' checkboxNicolas Lœuillet2015-08-121-0/+6
| |
* | fix #1311, redirect after loginNicolas Lœuillet2015-08-101-2/+2
|/
* Add testsJeremy2015-03-311-0/+1
| | | | and fix few mistakes
* Handle forgot passwordJeremy2015-03-081-0/+1
|
* getSalt methodNicolas Lœuillet2015-02-101-0/+1
|
* authentication on APINicolas Lœuillet2015-02-091-3/+5
|
* Add custom auth encoder & providerJeremy2015-02-081-31/+31
| | | | These custom classes allow Wallabag v2 to be compatible with Wallabag v1 salted password
* disable authentication for the momentNicolas Lœuillet2015-02-021-29/+30
|
* first implementation of securityNicolas Lœuillet2015-01-311-38/+44
|
* symfony is thereNicolas Lœuillet2015-01-221-0/+52