timestamper

jdb/timestamper

Fork 0

Commit Graph

Author	SHA1	Message	Date
Jonathan Bernard	0642c18a6e	Implemented cookie-based authentication to the API. Created timestamper module to start the application. Added cookie-based authentication to ts_api. Added utility methods to ts_api: * make_json_400/1 and make_json_400/1 * make_json_401/1 and make_json_401/2 * parse_json_body/1 reads a JSON object from a HTTP request body. Implemented ts_api_session module to manage api user sessions. Fixed ts_entry:list* methods to be 0-indexed. Removed the ts_json:ejson_to_record/1 implementation for ts_user records. Decided that ts_user records are never trusted from the client, manipulation of fields such as pwd, username will be restricted to app pages. Changed the password hashing algorithm. Now uses SHA1(pwd + 256bit salt). Want to use bcrypt, investingating cross-platform bcrypt implementation. Fixed yaws.conf config file.	2011-02-07 08:56:07 -06:00

Author

SHA1

Message

Date

Jonathan Bernard

0642c18a6e

Implemented cookie-based authentication to the API.

Created timestamper module to start the application.
Added cookie-based authentication to ts_api.
Added utility methods to ts_api:
    * make_json_400/1 and make_json_400/1
    * make_json_401/1 and make_json_401/2
    * parse_json_body/1 reads a JSON object from a HTTP request body.
Implemented ts_api_session module to manage api user sessions.
Fixed ts_entry:list* methods to be 0-indexed.
Removed the ts_json:ejson_to_record/1 implementation for ts_user records.
    Decided that ts_user records are never trusted from the client,
    manipulation of fields such as pwd, username will be restricted to
    app pages.
Changed the password hashing algorithm. Now uses SHA1(pwd + 256bit salt).
    Want to use bcrypt, investingating cross-platform bcrypt implementation.
Fixed yaws.conf config file.

2011-02-07 08:56:07 -06:00

1 Commits