Commit graph

11 commits

Author SHA1 Message Date
Dane Everitt
e3df0738da
Change the way API keys are stored and validated; clarify API namespacing
Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.
2018-01-13 16:06:19 -06:00
Dane Everitt
60eb60013c
Update repository base code to be cleaner and make use of PHP 7 features 2018-01-04 22:49:50 -06:00
Dane Everitt
f9df463d32
Implement a better management interface for Settings (#809) 2017-12-14 21:05:26 -06:00
Dane Everitt
285485d7b0
Change how API keys are validated (#771) 2017-12-03 14:29:14 -06:00
Dane Everitt
6409fffdad
Implement fix to allow root admins to view all servers.
closes #722
2017-11-05 12:38:39 -06:00
Dane Everitt
71b90650de
Fix failing test suite 2017-11-04 12:49:05 -05:00
Dane Everitt
3daade7fe5
Fix tests 2017-11-03 18:18:52 -05:00
Dane Everitt
7882250baf
Add more middleware tests 2017-11-03 18:16:49 -05:00
Dane Everitt
54228e8124
Fix multiple controller unit test failures 2017-11-03 16:43:28 -05:00
Dane Everitt
7b3393aff9
More middleware tests 2017-11-01 20:45:43 -05:00
Dane Everitt
d844a36167
Begin adding unit tests for middleware 2017-10-29 21:40:34 -05:00