Skip to content
This repository
tag: v1.1.0

Jul 06, 2012

  1. Amir Malik

    Add save_access_token event to allow saving the access token.

    For some reason, people might want to save the generated access token in
    a database, so the save_access_token event is now emitted. It is
    optional.
    
    Closes #10
    authored
  2. Amir Malik

    Update example authorize URLs.

    authored
  3. Amir Malik

    Remove Connect dependency since the routing logic is absurdly simple.

    No need to introduce another dependency :)
    
    Closes #12
    Closes #14
    Closes #15
    authored

Apr 13, 2012

  1. Amir Malik

    Add MIT license.

    authored

Mar 03, 2012

  1. Amir Malik

    Release 1.0.1

    authored
  2. Amir Malik

    Bracket dependencies' maximum versions.

    Connect 2.0 is incompatible with this until further notice.
    
    Closes #11
    authored

Feb 02, 2012

  1. Amir Malik

    Release 1.0.0

    authored

Jan 30, 2012

  1. Amir Malik

    Fix signature of remove_grant callback.

    From 547f3ab
    
    Closes #7
    authored

Jan 26, 2012

  1. Amir Malik

    Fall-through to next middleware if Authorization isn't of type Bearer.

    This should allow standard HTTP auth to function in a subsequent
    middleware down the stack.
    
    Closes #6
    authored

Dec 09, 2011

  1. Amir Malik

    Change signature of access_token event and return grant_date.

    Provide the access token grant date so implementations can decide when
    to expire tokens if required.
    
    Closes #5
    authored
  2. Amir Malik

    Add warning about master instability.

    authored

Nov 09, 2011

  1. Amir Malik

    Minor doc update.

    authored

Sep 27, 2011

  1. Amir Malik

    Improve README

    authored

Sep 26, 2011

  1. Amir Malik

    Bump to 0.0.2

    authored
  2. Amir Malik

    Add error logging.

    authored

Sep 08, 2011

  1. Amir Malik

    Add hook for embedding opaque data into access token.

    Emit create_access_token event to add user data to an access token
    that will be available during the access_token event when accessing
    protected resources.
    
    Add creation timestamp to access token so we can expire access tokens
    in the future.
    authored
  2. Amir Malik

    Add next callback to save_grant event.

    authored
  3. Amir Malik

    Add anti-CSRF support for consumers.

    authored

Sep 07, 2011

  1. Amir Malik

    Add homepage URL.

    authored
  2. Amir Malik

    Fix typo (!)

    authored
  3. Amir Malik

    Update README.

    authored
  4. Amir Malik

    Add support for client-side flow.

    When the 'response_code' query param is set to 'token' an access_token
    will be included as a hash fragment so that client-side JavaScript can
    access it. To support access token generation, the 'enforce_login'
    event's next() callback now requires a user_id as the first argument.
    
    If response_code is ommitted, a default value of 'code' is assumed,
    indicating server-side flow.
    authored

Sep 06, 2011

  1. Amir Malik

    Pass client_id in authorize_form event.

    authored
  2. Amir Malik

    initial drop

    authored
Something went wrong with that request. Please try again.