1. 20 Mar, 2015 2 commits
  2. 19 Mar, 2015 2 commits
  3. 05 Aug, 2014 1 commit
  4. 24 Mar, 2014 1 commit
    • Stephane Glondu's avatar
      Use per-election authentication · b2ebd810
      Stephane Glondu authored
       - base template is abstracted over login_box
       - per-election templates and services (except those related to
         update_credentials) refer to per-election auth services
       - login templates are parametrized over AUTH_SERVICES
      b2ebd810
  5. 23 Mar, 2014 3 commits
  6. 21 Mar, 2014 2 commits
    • Stephane Glondu's avatar
      Big overhaul of election management · 66e7b8ca
      Stephane Glondu authored
      Summary:
       - WEB_ELECTION gets a new submodule of type ELECTION_SERVICES
       - per-election services do no longer take UUID as a param, but are
         registered at a path containing it
       - no more ESIndex, election home service is back
       - inline some submodules of SITE_SERVICES, drop ALL_SERVICES
       - rename old SITE_SERVICES into CORE_SERVICES
       - move election-specific templates to a new ELECTION_TEMPLATES; the
         templates in the new signature do not longer take an "election"
         argument but TEMPLATES.Election is a functor that takes a
         WEB_ELECTION and returns an ELECTION_TEMPLATES
       - adapt the booth to the new path layout
      
      Additional changes:
       - merge VOTING_SERVICES into ELECTION_SERVICES
       - inline {SITE,AUTH}_TEMPLATES into TEMPLATES
       - all templates take a final () argument to emphasize their impurity
      66e7b8ca
    • Stephane Glondu's avatar
      Refactor Templates · dab2e349
      Stephane Glondu authored
      dab2e349
  7. 20 Mar, 2014 2 commits
  8. 11 Mar, 2014 2 commits
  9. 10 Mar, 2014 2 commits
  10. 07 Mar, 2014 1 commit
    • Stephane Glondu's avatar
      Handle configuration locally in each auth system · 05bc228a
      Stephane Glondu authored
      Summary:
       - move rewrite_prefix to Web_common
       - each auth system now has an $init function that registers its
         configuration spec and an $exec function to Auth_common
       - an auth system may support multiple instances via configuration;
         user_type is specific to each instance
       - when parsing is done, each $exec is called with an $instantiate
         callback; $exec is supposed to call $instantiate for each instance
      
      TODO:
       - default fallback when there are several instances
       - generic login should do security_log
       - auth system instances should not set user_type themselves
       - it should not be possible to login twice
       - admin login
       - update doc
      05bc228a
  11. 06 Mar, 2014 3 commits
  12. 05 Mar, 2014 2 commits
    • Stephane Glondu's avatar
      Generic authentication · b0e97728
      Stephane Glondu authored
      This revision should be bisimilar to the previous one.
      
      Summary:
       - each auth system registers $name and $service
       - $service stores a logout handler in Auth_common.user
       - the generic login service redirects to $service if its parameter
         matches $name
       - the generic logout service clears out Auth_common.user and invokes
         the stored logout handler
       - the default auth system is the one registered last
       - Templates directly query Auth_common for available auth systems
      
      TODO:
       - enforce user_type = $name (currently not the case for CAS)
       - export Auth_common.register_auth_system
       - move existing auth systems out of Auth_common
       - integrate with config parsing
       - rework CAS
       - generic login should do security_log
       - do admin login
      b0e97728
    • Stephane Glondu's avatar
      Add login dispatch service · ac1999b9
      Stephane Glondu authored
      Currently, it takes the auth_system name as an optional parameter, and
      redirects to the existing services. This revision should have the same
      behaviour as the previous one, except for login links and the
      associated additional redirections.
      
      Summary:
       - Auth_common.Make is now split in two functors: one for declaring
         services (Make) and one for registering them (Register)
       - auth_systems moved to its own signature
       - login and logout are in their own signature
       - new signature ALL_SERVICES
      ac1999b9
  13. 04 Mar, 2014 1 commit
    • Stephane Glondu's avatar
      Move authentication-related stuff to its own module · 07dbc36d
      Stephane Glondu authored
      This is preliminary work to make the authentication system more
      flexible. This big refactoring should be semantically equivalent to
      the previous commit.
      
      Summary:
       - create Auth_common and Web_signatures
       - split Web_election out of Web_common (to cut dep cycle)
       - move service definitions out of Services
       - functorize Templates
      07dbc36d
  14. 30 Jan, 2014 1 commit
  15. 10 Jan, 2014 1 commit
  16. 07 Jan, 2014 2 commits
  17. 08 Nov, 2013 1 commit
  18. 29 Oct, 2013 1 commit