tandem
/
numerus
2
0
Fork 0
Code Issues 39 Pull Requests Packages Projects 1 Releases 1 Wiki Activity
numerus/test
History
jordi fita mas 917db31227 Add cross-request forgery detection 
I use the ten first digits of the cookie’s hash, that i believe it is
not a problem, has the advantage of not expiring until the user logs
out, and using a per user session token is explicitly allowed by
OWASP[0].

[0]: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
 		2023-02-02 11:39:34 +01:00
..
build_cookie.sql Remove execution grant on build_cookie to guest 2023-01-23 21:40:22 +01:00
change_password.sql Add function to change the current user’s password 2023-01-23 21:41:14 +01:00
check_cookie.sql Use user’ß email for auth funcs and return cookie on email change 2023-01-23 21:18:55 +01:00
company.sql Use a select for company’s country field 2023-01-27 21:30:14 +01:00
company_user.sql Add the company relation and read-only form to edit 2023-01-24 21:46:07 +01:00
contact.sql Add the contact relation and a rough first form 2023-01-29 15:14:31 +01:00
country.sql Use a select for company’s country field 2023-01-27 21:30:14 +01:00
country_code.sql Use a select for company’s country field 2023-01-27 21:30:14 +01:00
country_i18n.sql Use a select for company’s country field 2023-01-27 21:30:14 +01:00
currency.sql Remove an unnecessary truncate from a SQL test 2023-01-27 19:40:38 +01:00
currency_code.sql Add the company relation and read-only form to edit 2023-01-24 21:46:07 +01:00
current_user_cookie.sql Use user’ß email for auth funcs and return cookie on email change 2023-01-23 21:18:55 +01:00
current_user_email.sql Use user’ß email for auth funcs and return cookie on email change 2023-01-23 21:18:55 +01:00
email.sql Allow guest access to user_profile with an empty profile 2023-01-23 01:18:47 +01:00
encrypt_password.sql Add the schema for all function’s tests 2023-01-18 14:13:58 +01:00
ensure_role_exists.sql Add the schema for all function’s tests 2023-01-18 14:13:58 +01:00
extensions.sql Add the company relation and read-only form to edit 2023-01-24 21:46:07 +01:00
language.sql Add user_profile view to update the profile with form 2023-01-22 02:23:09 +01:00
login.sql Add the schema for all function’s tests 2023-01-18 14:13:58 +01:00
login_attempt.sql Implement login cookie, its verification, and logout 2023-01-17 20:58:13 +01:00
logout.sql Use user’ß email for auth funcs and return cookie on email change 2023-01-23 21:18:55 +01:00
roles.sql Setup authentication schema and user relation 2023-01-13 20:30:21 +01:00
schemas.sql Move check_cookie to public and give access to authenticator 2023-01-18 14:12:59 +01:00
set_cookie.sql Use user’ß email for auth funcs and return cookie on email change 2023-01-23 21:18:55 +01:00
tax.sql Add the tax relation with very rough form and handler 2023-01-28 14:18:58 +01:00
tax_rate.sql Add the tax relation with very rough form and handler 2023-01-28 14:18:58 +01:00
user.sql Add user_profile view to update the profile with form 2023-01-22 02:23:09 +01:00
user_profile.sql Add cross-request forgery detection 2023-02-02 11:39:34 +01:00