Commit graph

264 commits

Author SHA1 Message Date
Nicholas Charriere
b45312c650
Merge pull request #89 from brennentsmith/master
Use local assets for fontawesome for isolated environments.
2018-07-07 10:47:52 -07:00
Brennen Smith
25e10ef8a1 Use local assets for fontawesome for isolated environments.
Currently FontAwesome uses Cloudflare to serve font assets, however all
of the other assets are delivered locally. This standardizes the assets
to use all local assets from `/static/`.
2018-07-05 16:43:14 -07:00
Nicholas Charriere
798f358ed6
Merge pull request #88 from pinterest/new-release-140
New release 140
2018-07-03 08:38:07 -07:00
Nicholas Charriere
fb9974cbd5 Add changelog for 1.4.0 2018-07-03 08:30:22 -07:00
Nicholas Charriere
04ead0da32 Bump version: 1.3.0 → 1.4.0 2018-07-03 08:22:23 -07:00
Nicholas Charriere
47565b3831
Merge pull request #87 from pinterest/prefix-redis
Add prefix to redis
2018-07-03 08:13:35 -07:00
Nicholas Charriere
76962f8d8c Add REDIS_PREFIX documentation 2018-07-01 10:25:55 -07:00
Nicholas Charriere
386a378c5d Add prefix to memcache 2018-07-01 10:19:56 -07:00
Nicholas Charriere
a42815d17e
Merge pull request #84 from pinterest/shameless-hiring-plug
Add hiring plug in readme
2018-06-16 10:17:16 -07:00
Nicholas Charriere
a2d4245a3a Add hiring plug in readme 2018-05-12 09:02:24 -07:00
Nicholas Charriere
5ddecd4e64
Merge pull request #83 from samueldg/enhancement/modernize-tests
Enhancement/modernize tests
2018-05-07 19:19:46 -07:00
Samuel Dion-Girardeau
d407c2657f Drop the dot in py.test (as recommended by pytest) 2018-05-07 21:35:31 -04:00
Samuel Dion-Girardeau
80f77a6572 Fix assertEqual parameter order (expected, actual)
This ensures the failure message, if any, is reflective of the
intended value.
2018-05-07 21:27:13 -04:00
Samuel Dion-Girardeau
e6eca0daf8 Use assertion methods introduced in Python 2.7
Since Python 2.6 support was dropped, we can use all these:
https://docs.python.org/2/library/unittest.html#assert-methods
2018-05-07 21:20:54 -04:00
Nicholas Charriere
548c9986ee
Merge pull request #82 from pinterest/readme-update
Remove support for py26 and py33 from readme
2018-05-07 10:01:29 -07:00
Nicholas Charriere
699293b5a0 Remove support for py26 and py33 from readme 2018-05-07 09:49:04 -07:00
Nicholas Charriere
6fe4733baa
Merge pull request #81 from pinterest/bumpversion-1.3.0
Bump version to 1.3.0
2018-05-07 09:45:54 -07:00
Nicholas Charriere
e45feb1cfd Bump version to 1.3.0 2018-05-07 09:23:51 -07:00
Nicholas Charriere
173f33f66e
Merge pull request #79 from pinterest/mock-redis
Mock redis
2018-05-07 09:13:00 -07:00
Nicholas Charriere
68b4cec5e8
Merge pull request #80 from pinterest/quoteurls
Quote url to fix equal sign breaking outlook clients
2018-05-07 08:59:31 -07:00
Nicholas Charriere
75b6a6919f Make mock a requirement, not dev-requirement 2018-05-07 08:23:30 -07:00
Nicholas Charriere
13f294cae5 Use werkzeug quote/unquote functions instead of urllib 2018-05-07 08:21:07 -07:00
Nicholas Charriere
9e7ca474cd py2 and py3 support 2018-05-06 15:07:01 -07:00
Nicholas Charriere
5a0beb1a75 Quote url to fix equal sign breaking outlook clients 2018-05-06 14:57:00 -07:00
Nicholas Charriere
f59fd3379e Remove 2.6 and 3.3 from .travis.yml 2018-05-06 14:41:44 -07:00
Nicholas Charriere
2e0a296222 Remove -s flag in tests 2018-05-06 14:30:21 -07:00
Nicholas Charriere
331d421e10 Mock redis in tests using mockredis 2018-05-06 14:29:48 -07:00
Nicholas Charriere
b8ce29ed6d
Merge pull request #78 from pinterest/deprectate-py26-py34
Deprecate support for py26 and py33
2018-05-06 14:26:00 -07:00
Nicholas Charriere
7fc18ecfd5 Deprecate support for py26 and py34 2018-05-06 12:45:38 -07:00
Nicholas Charriere
71529bcf99 Merge pull request #66 from pinterest/v120
v1.2.0
2017-05-25 14:24:08 -07:00
Nicholas Charriere
788e8bcd85 Change filetype to rst to stay consistent 2017-05-25 14:08:04 -07:00
Nicholas Charriere
4e67cebf0b Add CHANGELOG file, fixes #67 2017-05-25 14:08:04 -07:00
Nicholas Charriere
4cf28fb4cc Bump version: 1.1.1 → 1.2.0 2017-05-25 14:08:04 -07:00
Nicholas Charriere
9e5507e9f5 Bump version: 1.1.0 → 1.1.1 2017-05-25 14:07:56 -07:00
Nicholas Charriere
9ee02d35d9 Merge pull request #71 from coyotwill/fix/term-signal
Send sigint signal to properly shutdown flask
2017-05-24 13:14:07 -07:00
coyotwill
30791342c8 Use SIGINT to grecefully shutdown flask 2017-05-24 14:02:23 -04:00
Nicholas Charriere
1a0546f035 Merge pull request #68 from samueldg/fix/setup_cryptography
Add cryptography in setup.py
2017-05-16 10:47:36 -07:00
Samuel Dion-Girardeau
75639357ab Add cryptography in setup.py 2017-05-16 13:33:23 -04:00
Nicholas Charriere
2b4a6a4b50 Merge pull request #65 from samueldg/feature/secure_password_storage
Feature/secure password storage
2017-05-16 10:08:17 -07:00
Samuel Dion-Girardeau
4ea2195c72 Fix header size for new section 2017-05-16 09:25:03 -04:00
Samuel Dion-Girardeau
68d4c3fc7b Document security features in the README 2017-05-15 21:34:13 -04:00
Samuel Dion-Girardeau
734336ef67 Fix alphabetical order in main.py 2017-05-15 21:07:28 -04:00
Nicholas Charriere
2fcfc6b8f1 Merge pull request #64 from guewen/add-iframely-sneaky-user-agent
Add Iframely in sneaky user-agents
2017-05-12 11:42:28 -07:00
Guewen Baconnier
7b5f804551 Add Iframely in sneaky user-agents
This "embeds as a service" is used by many apps/websites. Discovered
when my pass got eaten by the HipChat preview.
2017-05-12 08:27:52 +02:00
Samuel Dion-Girardeau
076b271be2 Use assertEqual, not assertEquals (deprecated)
Removes the following warning:

```
tests.py:96: DeprecationWarning: Please use assertEqual instead.
  self.assertEquals(rv.status_code, 404)
```
2017-05-11 21:39:26 -04:00
Samuel Dion-Girardeau
e4f5aed4fa Add tests for the encryption
Check that:

- Password is not stored in plain text in Redis;
- The token returned has the expected format;
- The key returned is indeed the decryption key;
- API backwards compatibility is maintained: passwords stored in plain text
  can be retrieved via the original URL token.

`test_returned_token_format` superseeds `test_set_password`, which
was only validating the key length.

f
2017-05-11 21:38:43 -04:00
Samuel Dion-Girardeau
dc6054f09c Encrypt passwords stored in Redis
Using symmetric encryption in the `cryptography`'s `Fernet` class,
we can ensure that no one can snoop the passwords simply by having access
to the Redis store.

An encryption key is sent to the secret receiver, along with the 32 character
Redis key that identifies the secret, which is needed to decrypt the password.
2017-05-11 21:28:22 -04:00
Nicholas Charriere
27928ad833 Merge pull request #62 from samueldg/docs/pypi_badge
Docs/pypi badge
2017-05-01 21:03:06 -07:00
Samuel Dion-Girardeau
428c49a1b6 Add PyPI badge
Now that the package will be updated
2017-04-30 17:17:14 -04:00
Samuel Dion-Girardeau
2f6afd0e58 Improve Travis badge
- Alt text
- Clicking will lead to the build result, not the image.
2017-04-30 17:15:46 -04:00