Commit Graph

20 Commits

Author SHA1 Message Date
Ray J. Greenwell 59f5a7cb90 Drive-by: Depot provides a CountRecord. 2013-04-26 13:19:38 -07:00
Michael Bayne 38d341bb18 Facebook's session keys now exceed 255 characters. W00t. 2013-04-10 14:29:46 -07:00
Matt Jensen ee6cbc2337 Most of our games don't share a ooouser database anyway and this flag is not longer specific to yohoho, so let's not be jerks about which sites can set the subscription status. 2013-02-19 14:58:55 -08:00
Jamie Doornbos c77673839a Added newgrounds 2012-12-03 21:04:08 -08:00
Nathan Curtis 5ef4dc48e9 Add Armorgames as an ExternalAuther. 2012-10-02 14:14:54 -07:00
Nathan Curtis 30c38839f9 Add a method for getting many external ids at once. 2012-08-27 14:25:22 -07:00
Mark Johnson 0968284e69 We have a lower case email index, we should be using it for lookup. 2012-07-12 17:48:40 -07:00
Mark Johnson af586da003 Added a Junior Support token 2012-06-11 12:24:46 -07:00
Ray J. Greenwell 7c927d57ad Remove public'd registerMigration().
It's public in the base class now and I can use the latest depot
where I had needed this.
2012-04-05 15:33:28 -07:00
Ray J. Greenwell efa397559a Added two methods we want in SK.
Also made registerMigration public, temporarily.
2012-04-04 11:06:22 -07:00
Mark Johnson 9e43e061c4 - Add a addFlags that works with a username 2012-02-29 15:39:50 -08:00
Nathan Curtis 81a1927dca Add a method to clear an existing session for a given user. 2012-01-18 13:37:34 -08:00
Nathan Curtis 7e20cb898d Surely a migration from 2009 has been applied everywhere. 2012-01-18 13:34:37 -08:00
Nathan Curtis 1a07549a30 Added some missing constants 2011-12-18 19:53:34 -08:00
Ray J. Greenwell b14734277e More fix: two validation records would collide if generated at the
same millisecond. Use a persistent random, and include the userId
and a bit of the timestamp to make a secret that cannot collide
with another user's secret.
2011-11-08 11:35:34 -08:00
Ray J. Greenwell 77b02552b1 Match changes to the Depot user repo commited in r....
Oh hello, git.
I mean... "change 4e5882cb4b89bb084ba3a63d6060323a2b371f98".
Yeah. Hm.

Anyway, fix validation records so that we only store one and it
corresponds to the latest email address.
2011-11-04 15:14:54 -07:00
Ray J. Greenwell 4e5882cb4b Uhhh... WHY do we want to re-use the validation record? Don't.
The validation record doesn't have an email address in it.
When we change the user's email address we create a validation record.

So, with the re-use, the following would work:
1) Set your email address to real.address@site.com, a validation email
   is sent.
2) Don't click it! Instead, go back and change your email address to
   fake.address@fakeyfake.com, another validation email is sent (but
   bounces).
3) Click on the link in the first email. Ta-dah! You've "validated"
   fake.address@fakeyfake.com!!

So: generate a new validation code every time we're asked to create
one for the user.

Right? Right?
2011-11-03 18:45:53 -07:00
Michael Bayne 94b6d1d9f2 Added changeEmailAndInvalidate as well as flag manipulation methods. 2011-10-21 10:33:34 -07:00
Michael Bayne 736d7405f5 Fixed some deprecated Interval usage. 2011-10-05 09:40:39 -07:00
Michael Bayne 1d78bbe27b Extracted ooo-user bits into separate library. 2011-10-05 09:37:10 -07:00