0642c18a6e
Created timestamper module to start the application.
Added cookie-based authentication to ts_api.
Added utility methods to ts_api:
* make_json_400/1 and make_json_400/1
* make_json_401/1 and make_json_401/2
* parse_json_body/1 reads a JSON object from a HTTP request body.
Implemented ts_api_session module to manage api user sessions.
Fixed ts_entry:list* methods to be 0-indexed.
Removed the ts_json:ejson_to_record/1 implementation for ts_user records.
Decided that ts_user records are never trusted from the client,
manipulation of fields such as pwd, username will be restricted to
app pages.
Changed the password hashing algorithm. Now uses SHA1(pwd + 256bit salt).
Want to use bcrypt, investingating cross-platform bcrypt implementation.
Fixed yaws.conf config file.
32 lines
571 B
Erlang
32 lines
571 B
Erlang
-record(ts_user, {
|
|
username,
|
|
pwd,
|
|
pwd_salt,
|
|
name,
|
|
email,
|
|
join_date
|
|
}).
|
|
|
|
-record(ts_timeline, {
|
|
ref, % {username, timelineid}
|
|
created,% {{year, month, day}, {hour, minute, second}}
|
|
desc
|
|
}).
|
|
|
|
-record(ts_entry, {
|
|
ref, % {username, timelineid, entryid}
|
|
timestamp, % gregorian seconds
|
|
mark, % String description of entry
|
|
notes % String with further notes about the entry
|
|
}).
|
|
|
|
-record(ts_api_session, {
|
|
username,
|
|
expires
|
|
}).
|
|
|
|
%-record(ts_session, {
|
|
%session_id,
|
|
%expires,
|
|
%username
|