Commit graph

349 commits

Author SHA1 Message Date
Nicholas Charriere
699293b5a0 Remove support for py26 and py33 from readme 2018-05-07 09:49:04 -07:00
Nicholas Charriere
6fe4733baa
Merge pull request #81 from pinterest/bumpversion-1.3.0
Bump version to 1.3.0
2018-05-07 09:45:54 -07:00
Nicholas Charriere
e45feb1cfd Bump version to 1.3.0 2018-05-07 09:23:51 -07:00
Nicholas Charriere
173f33f66e
Merge pull request #79 from pinterest/mock-redis
Mock redis
2018-05-07 09:13:00 -07:00
Nicholas Charriere
68b4cec5e8
Merge pull request #80 from pinterest/quoteurls
Quote url to fix equal sign breaking outlook clients
2018-05-07 08:59:31 -07:00
Nicholas Charriere
75b6a6919f Make mock a requirement, not dev-requirement 2018-05-07 08:23:30 -07:00
Nicholas Charriere
13f294cae5 Use werkzeug quote/unquote functions instead of urllib 2018-05-07 08:21:07 -07:00
Nicholas Charriere
9e7ca474cd py2 and py3 support 2018-05-06 15:07:01 -07:00
Nicholas Charriere
5a0beb1a75 Quote url to fix equal sign breaking outlook clients 2018-05-06 14:57:00 -07:00
Nicholas Charriere
f59fd3379e Remove 2.6 and 3.3 from .travis.yml 2018-05-06 14:41:44 -07:00
Nicholas Charriere
2e0a296222 Remove -s flag in tests 2018-05-06 14:30:21 -07:00
Nicholas Charriere
331d421e10 Mock redis in tests using mockredis 2018-05-06 14:29:48 -07:00
Nicholas Charriere
b8ce29ed6d
Merge pull request #78 from pinterest/deprectate-py26-py34
Deprecate support for py26 and py33
2018-05-06 14:26:00 -07:00
Nicholas Charriere
7fc18ecfd5 Deprecate support for py26 and py34 2018-05-06 12:45:38 -07:00
Nicholas Charriere
71529bcf99 Merge pull request #66 from pinterest/v120
v1.2.0
2017-05-25 14:24:08 -07:00
Nicholas Charriere
788e8bcd85 Change filetype to rst to stay consistent 2017-05-25 14:08:04 -07:00
Nicholas Charriere
4e67cebf0b Add CHANGELOG file, fixes #67 2017-05-25 14:08:04 -07:00
Nicholas Charriere
4cf28fb4cc Bump version: 1.1.1 → 1.2.0 2017-05-25 14:08:04 -07:00
Nicholas Charriere
9e5507e9f5 Bump version: 1.1.0 → 1.1.1 2017-05-25 14:07:56 -07:00
Nicholas Charriere
9ee02d35d9 Merge pull request #71 from coyotwill/fix/term-signal
Send sigint signal to properly shutdown flask
2017-05-24 13:14:07 -07:00
coyotwill
30791342c8 Use SIGINT to grecefully shutdown flask 2017-05-24 14:02:23 -04:00
Nicholas Charriere
1a0546f035 Merge pull request #68 from samueldg/fix/setup_cryptography
Add cryptography in setup.py
2017-05-16 10:47:36 -07:00
Samuel Dion-Girardeau
75639357ab Add cryptography in setup.py 2017-05-16 13:33:23 -04:00
Nicholas Charriere
2b4a6a4b50 Merge pull request #65 from samueldg/feature/secure_password_storage
Feature/secure password storage
2017-05-16 10:08:17 -07:00
Samuel Dion-Girardeau
4ea2195c72 Fix header size for new section 2017-05-16 09:25:03 -04:00
Samuel Dion-Girardeau
68d4c3fc7b Document security features in the README 2017-05-15 21:34:13 -04:00
Samuel Dion-Girardeau
734336ef67 Fix alphabetical order in main.py 2017-05-15 21:07:28 -04:00
Nicholas Charriere
2fcfc6b8f1 Merge pull request #64 from guewen/add-iframely-sneaky-user-agent
Add Iframely in sneaky user-agents
2017-05-12 11:42:28 -07:00
Guewen Baconnier
7b5f804551 Add Iframely in sneaky user-agents
This "embeds as a service" is used by many apps/websites. Discovered
when my pass got eaten by the HipChat preview.
2017-05-12 08:27:52 +02:00
Samuel Dion-Girardeau
076b271be2 Use assertEqual, not assertEquals (deprecated)
Removes the following warning:

```
tests.py:96: DeprecationWarning: Please use assertEqual instead.
  self.assertEquals(rv.status_code, 404)
```
2017-05-11 21:39:26 -04:00
Samuel Dion-Girardeau
e4f5aed4fa Add tests for the encryption
Check that:

- Password is not stored in plain text in Redis;
- The token returned has the expected format;
- The key returned is indeed the decryption key;
- API backwards compatibility is maintained: passwords stored in plain text
  can be retrieved via the original URL token.

`test_returned_token_format` superseeds `test_set_password`, which
was only validating the key length.

f
2017-05-11 21:38:43 -04:00
Samuel Dion-Girardeau
dc6054f09c Encrypt passwords stored in Redis
Using symmetric encryption in the `cryptography`'s `Fernet` class,
we can ensure that no one can snoop the passwords simply by having access
to the Redis store.

An encryption key is sent to the secret receiver, along with the 32 character
Redis key that identifies the secret, which is needed to decrypt the password.
2017-05-11 21:28:22 -04:00
Nicholas Charriere
27928ad833 Merge pull request #62 from samueldg/docs/pypi_badge
Docs/pypi badge
2017-05-01 21:03:06 -07:00
Samuel Dion-Girardeau
428c49a1b6 Add PyPI badge
Now that the package will be updated
2017-04-30 17:17:14 -04:00
Samuel Dion-Girardeau
2f6afd0e58 Improve Travis badge
- Alt text
- Clicking will lead to the build result, not the image.
2017-04-30 17:15:46 -04:00
Nicholas Charriere
b03755969b Merge pull request #61 from pinterest/bump-version
Bump version
2017-04-28 09:55:18 -07:00
Nicholas Charriere
e7da786016 Bump version fixing bumpversion workflow, minor 2017-04-28 09:47:46 -07:00
Nicholas Charriere
d36a91d939 Add files to bumpversion config 2017-04-28 09:46:02 -07:00
Nicholas Charriere
e1b3042ba7 Catchup version bump on release files 2017-04-28 09:42:12 -07:00
Nicholas Charriere
c377e31145 Merge pull request #59 from pinterest/10
Prepare for v1.0.0 release
2017-04-23 18:30:44 -07:00
Nicholas Charriere
47f3a31bee Fix tox env name, flake8 is recognized by the flake8 tool and duplicates setup.cfg 2017-04-23 10:08:49 -07:00
Nicholas Charriere
6d38e2b43e Add flake8 checking 2017-04-22 22:36:41 -07:00
Nicholas Charriere
47d94630db Version should be a string 2017-04-22 22:33:08 -07:00
Nicholas Charriere
ee9e996fa1 All Caps for constant vars 2017-04-22 22:29:25 -07:00
Nicholas Charriere
0edacbe037 Prepare for v1.0.0 release 2017-04-22 22:26:20 -07:00
Nicholas Charriere
431ab3b2e1 Merge pull request #57 from samueldg/fix/misc-docs
Various documentation fixes and improvements
2017-04-16 10:39:42 -07:00
Samuel Dion-Girardeau
57a40a06af Use consistent capitalization for "SnapPass" 2017-04-15 12:58:38 -04:00
Samuel Dion-Girardeau
669aa74599 Point to the appropriate Flask doc sections 2017-04-15 12:57:12 -04:00
Samuel Dion-Girardeau
400dc5cc84 Fix typo 2017-04-15 12:56:07 -04:00
Samuel Dion-Girardeau
5026711647 Fix spacing (format warning) 2017-04-15 12:56:07 -04:00