Skip to content
Commits on Jul 6, 2012
  1. Add save_access_token event to allow saving the access token.

    For some reason, people might want to save the generated access token in
    a database, so the save_access_token event is now emitted. It is
    optional.
    
    Closes #10
    committed Jul 5, 2012
  2. Update example authorize URLs.

    committed Jul 5, 2012
  3. Remove Connect dependency since the routing logic is absurdly simple.

    No need to introduce another dependency :)
    
    Closes #12
    Closes #14
    Closes #15
    committed Jul 5, 2012
Commits on Apr 13, 2012
  1. Add MIT license.

    committed Apr 13, 2012
Commits on Mar 3, 2012
  1. Release 1.0.1

    committed Mar 3, 2012
  2. Bracket dependencies' maximum versions.

    Connect 2.0 is incompatible with this until further notice.
    
    Closes #11
    committed Mar 3, 2012
Commits on Feb 2, 2012
  1. Release 1.0.0

    committed Feb 1, 2012
Commits on Jan 30, 2012
  1. Fix signature of remove_grant callback.

    From 547f3ab
    
    Closes #7
    committed Jan 29, 2012
Commits on Jan 26, 2012
  1. Fall-through to next middleware if Authorization isn't of type Bearer.

    This should allow standard HTTP auth to function in a subsequent
    middleware down the stack.
    
    Closes #6
    committed Jan 26, 2012
Commits on Dec 9, 2011
  1. Change signature of access_token event and return grant_date.

    Provide the access token grant date so implementations can decide when
    to expire tokens if required.
    
    Closes #5
    committed Dec 9, 2011
Commits on Nov 9, 2011
  1. Minor doc update.

    committed Nov 9, 2011
Commits on Sep 27, 2011
  1. Improve README

    committed Sep 27, 2011
Commits on Sep 26, 2011
  1. Bump to 0.0.2

    committed Sep 25, 2011
  2. Add error logging.

    committed Sep 25, 2011
Commits on Sep 8, 2011
  1. Add hook for embedding opaque data into access token.

    Emit create_access_token event to add user data to an access token
    that will be available during the access_token event when accessing
    protected resources.
    
    Add creation timestamp to access token so we can expire access tokens
    in the future.
    committed Sep 8, 2011
Commits on Sep 7, 2011
  1. Add homepage URL.

    committed Sep 6, 2011
  2. Fix typo (!)

    committed Sep 6, 2011
  3. Update README.

    committed Sep 6, 2011
  4. Add support for client-side flow.

    When the 'response_code' query param is set to 'token' an access_token
    will be included as a hash fragment so that client-side JavaScript can
    access it. To support access token generation, the 'enforce_login'
    event's next() callback now requires a user_id as the first argument.
    
    If response_code is ommitted, a default value of 'code' is assumed,
    indicating server-side flow.
    committed Sep 6, 2011
Commits on Sep 6, 2011
  1. initial drop

    committed Sep 6, 2011
Something went wrong with that request. Please try again.