Eneko Lakasta
46e3a87f41
add some auth TODOs
2018-05-30 18:15:35 +02:00
Eneko Lakasta
7764975c09
please jshint: remove unnecessary require (underscore)
2018-05-30 12:08:04 +02:00
Eneko Lakasta
ebe04d04ad
refactor user database service. Get proper DB config based on auth type: oauth vs apikey
...
Oauth uses only master api key configuration
Api key uses master and the provided api key configurations
Also move default api key fallback to this service
2018-05-28 15:53:51 +02:00
Eneko Lakasta
ec75227aa2
use apikeys instead of metadata for the database connections parameters
2018-05-25 17:23:24 +02:00
Simon Martín
5f8e1d8f53
fix validatePGEntitiesAccess access
2018-04-26 10:13:03 +02:00
Simon Martín
e12e16507a
create object and export
2018-04-24 13:21:43 +02:00
Simon Martín
3b228ac17b
solving jshint crazy error
2018-04-24 10:10:37 +02:00
Simon Martín
985f9ef7f5
pgEntitiesAccessValidator
2018-04-23 18:17:44 +02:00
Simon Martín
2a729b7da8
destructuring error_handler parameters
2018-04-03 13:43:17 +02:00
Simon Martín
4301b63189
fix error
2018-03-28 13:31:31 +02:00
Simon Martín
616f3f3c07
errorHandlerFactory
2018-03-28 13:06:39 +02:00
Simon Martín
16ea727fc3
move ErrorHandler logic from error middleware
2018-03-28 12:58:10 +02:00
Simon Martín
b45f5fe31e
move ErrorHandler to services folder
2018-03-28 12:49:33 +02:00
Simon Martín
9cd4e85768
using cartodb-redis in rate limits
2018-03-03 15:01:45 +01:00
Simon Martín
967cdf8a06
refactoring user_limits
2018-03-02 19:54:22 +01:00
Simon Martín
a11d9870a3
exporting RATE_LIMIT_REDIS_DB
2018-03-02 13:17:50 +01:00
Simon Martín
25d1e5442c
new redis keys
2018-03-01 15:51:19 +01:00
Simon Martín
7a6ef637ae
make jshint happy
2018-03-01 14:47:34 +01:00
Simon Martín
3fdb7abeaf
user limits service
2018-03-01 11:30:34 +01:00
Daniel García Aubert
3807d9f94d
Template for User not found error
2018-02-22 17:49:02 +01:00
Daniel García Aubert
ec24019cc0
Apply some ES6 goodies
2018-02-22 17:35:03 +01:00
Daniel García Aubert
095c34358e
Remove step
2018-02-22 15:58:52 +01:00
Daniel García Aubert
8c3b9fa05b
Remove bad assignment
2018-02-22 13:27:50 +01:00
Daniel García Aubert
700c64bba3
Extract to a middleware user timeout limit from user-database-services
2018-02-22 12:45:55 +01:00
Daniel García Aubert
8730b5c517
Read if the request is authenticated through res.locals
2018-02-22 12:04:05 +01:00
Daniel García Aubert
b399abee18
Move authorization to auth-api and extract it from user-database-service
2018-02-22 11:46:34 +01:00
Daniel García Aubert
6c92781600
Remove empty line
2018-02-21 16:19:12 +01:00
Daniel García Aubert
ea6e8b5315
Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found
2018-02-14 16:22:36 +01:00
Daniel García Aubert
7c859f0d7b
Use actual apikey properties
2018-02-12 17:49:50 +01:00
Daniel García Aubert
c003a491c0
Use current implementation of cartodb-redis
2018-02-12 16:41:35 +01:00
Daniel García Aubert
88015aaf0f
Implement new auth system based on api-key tokens with scoped permissions
2017-11-24 17:57:54 +01:00
Daniel García Aubert
15949d2fc2
Fix wrong function name
2017-11-24 15:55:16 +01:00
Daniel García Aubert
01a71ee60e
Apply user timeout to ogr2ogr command
2017-08-09 12:50:16 +02:00
Rafa de la Torre
07890ec608
Change tableCache.get for tableCache.peek #244
...
This will make it consider age of the key when it was initially set,
instead of renewing it with the time of the last access.
2017-07-03 11:13:21 +02:00
Raul Ochoa
66cd1f400f
Skip query tables cache for authenticated requests
2016-03-10 19:20:56 +01:00
Raul Ochoa
5ebc8e43d5
Start hits=0 as first time is not a hit
2016-03-08 14:50:08 +01:00
Raul Ochoa
b8460d033e
Add a cache decorator over QueryTables
2016-03-08 14:48:56 +01:00
Alejandro Martínez
5e06711b4b
Use node-cartodb-querytables library
2016-02-22 12:24:05 +01:00
Raul Ochoa
15f90c1a78
QueryTablesApi only caches affected tables and always retrieve last modification
2016-02-02 01:16:24 +01:00
Raul Ochoa
9deab814c9
Skip query-tables-api for authenticated requests
2016-02-01 16:53:28 +01:00
Raul Ochoa
24ecf130a1
Namespace queries so two users don't share results
...
For instance 'select * from table' should result in different affected
tables (schema+table) depending on the database.
2016-01-28 15:38:08 +01:00
Raul Ochoa
65bcdad657
Fix cyclomatic complexity
2016-01-28 14:48:12 +01:00
Raul Ochoa
86ecc3ad0a
Implements authDbParams interface
...
Uses user and pass from redis and relies on rest of params prepared
for normal dbParams
2016-01-28 14:38:02 +01:00
Raul Ochoa
e70a21a2b4
Adds documentation about values passed over callback in getConnectionParams
2016-01-28 14:25:03 +01:00
Raul Ochoa
131d798653
Change interface to return also authenticated connection params
2016-01-28 14:18:10 +01:00
Raul Ochoa
235e7f9bc1
Rename method to match returning connection params behaviour
2016-01-28 14:14:31 +01:00
Raul Ochoa
023d06fd19
Affected tables and last modified behind QueryTablesApi
...
It handles the internal cache and exposes an unified result
2016-01-28 14:08:18 +01:00
Raul Ochoa
3be769a67e
Fix style
2016-01-28 12:33:32 +01:00
Daniel García Aubert
048d2cd0ea
Refactored user database service ans updated controllers to use it.
2016-01-21 16:17:17 +01:00
Daniel García Aubert
f42727212b
Removed unnecessary checkAborted function in job controller and changed signature for getUserDatabase.
2016-01-21 15:05:46 +01:00