Core/grin
0
0
Fork 0
mirror of https://github.com/mimblewimble/grin.git synced 2025-01-21 19:41:08 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
2080 commits 7 branches 73 tags 37 MiB
Commit graph

6 commits

Author SHA1 Message Date
hashmap
7fad5b040f
Reduce number of unwwaps in api crate (#2681) 
* Reduce number of unwwaps in api crate

* Format use section
 2019-03-18 19:34:35 +01:00
Quentin Le Sceller
ec1713320b Disable authenthication for OPTIONS requests (#2131) 2018-12-11 09:47:10 -08:00
hashmap
aedac483f5
Convert to Rust 2018 edition (#2084) 
* Convert to Rust 2018 edition

* Update gitignore
 2018-12-08 00:59:40 +01:00
hashmap
8ee8043fd9 Use constant-time token verification in API (#1690) 
Fixes #1641. The size of the token can be leaked, even if we pad or cut user's input we can't make it indistinguishable form the normal case.
 2018-10-09 09:32:53 -04:00
Michalis Kargakis
9e6ef6f237 Conform auth check to rfc2616 (#1607) 
According to rfc2616[1], the response from a server to a request with
bad credentials should be a 401 instead of a 403. Grin does not have
the concept of identities so it does not actually recognize a user
request with bad credentials.

[1] https://tools.ietf.org/html/rfc2616#section-10.4.2
 2018-09-29 09:28:25 +02:00
Quentin Le Sceller
62fd8f2124 Implement Basic Auth for API and Owner API (#1566) 
* Add api_secret

* Add to base64 method

* Add basic auth in API

* Add Basic Auth to owner API

* Add flag to enable disable basic auth

* Add .api_secret file
 2018-09-26 22:38:44 +02:00