Permalink
Commits on Jul 6, 2012
  1. Add save_access_token event to allow saving the access token.

    For some reason, people might want to save the generated access token in
    a database, so the save_access_token event is now emitted. It is
    optional.
    
    Closes #10
    ammmir committed Jul 6, 2012
  2. Update example authorize URLs.

    ammmir committed Jul 6, 2012
  3. Remove Connect dependency since the routing logic is absurdly simple.

    No need to introduce another dependency :)
    
    Closes #12
    Closes #14
    Closes #15
    ammmir committed Jul 6, 2012
Commits on Apr 13, 2012
  1. Add MIT license.

    ammmir committed Apr 13, 2012
Commits on Mar 3, 2012
  1. Release 1.0.1

    ammmir committed Mar 3, 2012
  2. Bracket dependencies' maximum versions.

    Connect 2.0 is incompatible with this until further notice.
    
    Closes #11
    ammmir committed Mar 3, 2012
Commits on Feb 2, 2012
  1. Release 1.0.0

    ammmir committed Feb 2, 2012
Commits on Jan 30, 2012
  1. Fix signature of remove_grant callback.

    From 547f3ab
    
    Closes #7
    ammmir committed Jan 30, 2012
Commits on Jan 26, 2012
  1. Fall-through to next middleware if Authorization isn't of type Bearer.

    This should allow standard HTTP auth to function in a subsequent
    middleware down the stack.
    
    Closes #6
    ammmir committed Jan 26, 2012
Commits on Dec 9, 2011
  1. Change signature of access_token event and return grant_date.

    Provide the access token grant date so implementations can decide when
    to expire tokens if required.
    
    Closes #5
    ammmir committed Dec 9, 2011
Commits on Nov 9, 2011
  1. Minor doc update.

    ammmir committed Nov 9, 2011
Commits on Sep 27, 2011
  1. Improve README

    ammmir committed Sep 27, 2011
Commits on Sep 26, 2011
  1. Bump to 0.0.2

    ammmir committed Sep 26, 2011
  2. Add error logging.

    ammmir committed Sep 26, 2011
Commits on Sep 8, 2011
  1. Add hook for embedding opaque data into access token.

    Emit create_access_token event to add user data to an access token
    that will be available during the access_token event when accessing
    protected resources.
    
    Add creation timestamp to access token so we can expire access tokens
    in the future.
    ammmir committed Sep 8, 2011
Commits on Sep 7, 2011
  1. Add homepage URL.

    ammmir committed Sep 7, 2011
  2. Fix typo (!)

    ammmir committed Sep 7, 2011
  3. Update README.

    ammmir committed Sep 7, 2011
  4. Add support for client-side flow.

    When the 'response_code' query param is set to 'token' an access_token
    will be included as a hash fragment so that client-side JavaScript can
    access it. To support access token generation, the 'enforce_login'
    event's next() callback now requires a user_id as the first argument.
    
    If response_code is ommitted, a default value of 'code' is assumed,
    indicating server-side flow.
    ammmir committed Sep 7, 2011
Commits on Sep 6, 2011
  1. initial drop

    ammmir committed Sep 6, 2011