Michael Bayne
40ca8a0dd1
Improve the API, add getCreateAccountUrl().
...
We don't need to expose the gameId to the caller, we can handle that all
internally.
2026-04-24 14:34:04 -07:00
Michael Bayne
23fc31c24e
Support not saving the session token.
2026-04-20 14:54:06 -07:00
Michael Bayne
379c6249c1
Switch to polling-based auth integration.
...
It turns out that having the web page talk to the running game client via HTTP
on localhost is fraught with various web-browser-dependent security limits and
complexity. This polling based system doesn't require any more of the web
browser than doing what it could do back in 1996.
2026-04-20 08:51:03 -07:00
Michael Bayne
bd3ab02049
Java code for talking to authosaurus server.
...
This allows games to plug into the "email a login link" auth system.
2026-04-12 00:32:02 -07:00
Michael Bayne
c3f32eb8bf
Switch to Depot ByteEnum.
2026-03-11 12:37:58 -07:00
Michael Bayne
c9be34a6c4
Oops, don't want that in there!
2026-01-29 11:18:10 -08:00
Michael Bayne
0b9822c706
Add authenticator that uses OOOUser.checkPassword.
...
This allows webapps (like billing) to do the same password checking that the
games do.
2026-01-28 10:31:08 -08:00
Michael Bayne
63becb0699
Migrate from javax.servlet to jakarta.servlet.
2026-01-02 16:32:00 -08:00
fourbites
676a08fa86
Update password setting method documentation for clarity
2025-08-19 00:00:27 +02:00
fourbites
802ec201fa
Implement Argon2 password hashing and verification in user management
2025-08-18 23:52:41 +02:00
Michael Bayne
7b42c59c32
Nix these ancient migrations.
...
They've surely run anywhere they need to. And one of them is not guarded by an
existence check and thus borks setting up a new database.
2025-02-05 11:31:04 -08:00
Michael Bayne
2e9b1c8270
Javadoc fixes and javadoc defanging.
2016-12-18 09:48:44 -08:00
Michael Bayne
ec027a560e
Added 'create' and 'make_admin' commands for db bootstrap.
...
When setting up a local deployment, it's nice to be able to create a user
without having to go to all the trouble of setting up the register webapp.
2016-12-18 09:24:41 -08:00
Michael Bayne
218a333f15
Convert to new non-samski-Depot.
2015-04-02 08:08:18 -07:00
Jamie Doornbos
1c190092a8
Javadoc fix.
2014-11-17 11:18:01 -08:00
Lars Harrison
da70bdd7df
Add Aeria Games to list of external authers.
2013-05-10 14:11:00 -07:00
Michael Bayne
068f77476f
Fixed use of rawtypes.
2013-05-07 12:47:07 -07:00
Ray J. Greenwell
59f5a7cb90
Drive-by: Depot provides a CountRecord.
2013-04-26 13:19:38 -07:00
Michael Bayne
38d341bb18
Facebook's session keys now exceed 255 characters. W00t.
2013-04-10 14:29:46 -07:00
Matt Jensen
ee6cbc2337
Most of our games don't share a ooouser database anyway and this flag is not longer specific to yohoho, so let's not be jerks about which sites can set the subscription status.
2013-02-19 14:58:55 -08:00
Jamie Doornbos
c77673839a
Added newgrounds
2012-12-03 21:04:08 -08:00
Nathan Curtis
5ef4dc48e9
Add Armorgames as an ExternalAuther.
2012-10-02 14:14:54 -07:00
Nathan Curtis
30c38839f9
Add a method for getting many external ids at once.
2012-08-27 14:25:22 -07:00
Mark Johnson
0968284e69
We have a lower case email index, we should be using it for lookup.
2012-07-12 17:48:40 -07:00
Mark Johnson
af586da003
Added a Junior Support token
2012-06-11 12:24:46 -07:00
Ray J. Greenwell
7c927d57ad
Remove public'd registerMigration().
...
It's public in the base class now and I can use the latest depot
where I had needed this.
2012-04-05 15:33:28 -07:00
Ray J. Greenwell
efa397559a
Added two methods we want in SK.
...
Also made registerMigration public, temporarily.
2012-04-04 11:06:22 -07:00
Mark Johnson
9e43e061c4
- Add a addFlags that works with a username
2012-02-29 15:39:50 -08:00
Nathan Curtis
81a1927dca
Add a method to clear an existing session for a given user.
2012-01-18 13:37:34 -08:00
Nathan Curtis
7e20cb898d
Surely a migration from 2009 has been applied everywhere.
2012-01-18 13:34:37 -08:00
Nathan Curtis
1a07549a30
Added some missing constants
2011-12-18 19:53:34 -08:00
Ray J. Greenwell
b14734277e
More fix: two validation records would collide if generated at the
...
same millisecond. Use a persistent random, and include the userId
and a bit of the timestamp to make a secret that cannot collide
with another user's secret.
2011-11-08 11:35:34 -08:00
Ray J. Greenwell
77b02552b1
Match changes to the Depot user repo commited in r....
...
Oh hello, git.
I mean... "change 4e5882cb4b89bb084ba3a63d6060323a2b371f98".
Yeah. Hm.
Anyway, fix validation records so that we only store one and it
corresponds to the latest email address.
2011-11-04 15:14:54 -07:00
Ray J. Greenwell
4e5882cb4b
Uhhh... WHY do we want to re-use the validation record? Don't.
...
The validation record doesn't have an email address in it.
When we change the user's email address we create a validation record.
So, with the re-use, the following would work:
1) Set your email address to real.address@site.com , a validation email
is sent.
2) Don't click it! Instead, go back and change your email address to
fake.address@fakeyfake.com , another validation email is sent (but
bounces).
3) Click on the link in the first email. Ta-dah! You've "validated"
fake.address@fakeyfake.com !!
So: generate a new validation code every time we're asked to create
one for the user.
Right? Right?
2011-11-03 18:45:53 -07:00
Michael Bayne
94b6d1d9f2
Added changeEmailAndInvalidate as well as flag manipulation methods.
2011-10-21 10:33:34 -07:00
Michael Bayne
736d7405f5
Fixed some deprecated Interval usage.
2011-10-05 09:40:39 -07:00
Michael Bayne
1d78bbe27b
Extracted ooo-user bits into separate library.
2011-10-05 09:37:10 -07:00