69552618cf
refactor(signin): Add support for sending flow metrics in email ( #1593 ); r=pb,vladikoff
...
Emails now include X-Flow-Id and X-Flow-Begin-Time headers, and we use them
to emit flow events if the email bounces.
2017-01-04 16:37:52 +11:00
f027f0bda5
fix(server): remove redundant metrics context fields
2016-12-04 04:31:00 -10:00
51d7cdd081
fix(server): hide session token lastAccessTime updates behind a flag
2016-09-27 16:02:43 +01:00
0649a3082a
fix(server): remove metricsContext from payloads where it is never sent
2016-07-21 09:04:04 +01:00
10ee3224f2
feat(signin): Add support for keyFetchToken verification ( #1320 ), r=@rfk
...
This allows sign-in confirmation to work correctly on Fennec
and iOS devices.
2016-07-12 10:08:17 -04:00
06bf05a8ec
fix(verify): Don't sent post-verify email when `service` is blank.
2016-06-21 14:26:25 +10:00
f68eea1eb7
feat(signin): Signin confirmation feature ( #1275 ) r=rfk
...
* feat(signin): Signin confirmation feature
* feat(signin): Fix some merge and failing test cases
* feat(signin): Show device info on signin email
* feat(signin): Send new device email if sign-in confirmation disabled
* feat(signin): Added fallback in recovery_email/status endpoint
* feat(signin): Simplify /resend_code and add legacy fallback
* feat(signin): PR Fixes and signin confirm only for desktop clients
* feat(signin): Removed metricsContext from resend_code
* feat(signin): PR Fixes
* feat(signin): Latest PR Fixes
* feat(signin): Fixed typos
* feat(signin): Add check for invalid verification code
* Final nits on signin confirmation PR (#1288 ) r=vbudhram
* fix(signin): Final nits on signin confirmation PR
* fix(signin): Add test for legacy account verification functionality
* feat(signin): Fix cert sign with verified session=true test
2016-06-10 12:33:05 -04:00
3b23422baf
Merge pull request #1272 from l-hedgehog/multiple-cors-origin
...
feat(config): accept CORS requests from multiple origins
2016-06-08 15:21:19 +10:00
f423ab4799
Merge pull request #1268 from mozilla/post-verify-email-only-for-sync
...
fix(verify): Only send post-verify email when service=sync
2016-06-01 11:25:24 -07:00
f792d352a9
feat(config): accept CORS requests from multiple origins
2016-05-31 10:01:42 +08:00
e0cacf826a
fix(verify): Only send post-verify email when service=sync
2016-05-20 12:10:38 +10:00
333451ef15
feat(signin): Updated password/change/finish and account/reset
2016-05-19 12:24:23 -04:00
09d3851426
feat(logging): add metrics context metadata to activity events
2016-03-17 09:35:20 +00:00
405932314c
fix(api): permit lastAccessTime 0 in devices response
2016-02-29 09:49:10 +00:00
5d7ca53461
feat(api): Add get account status by email endpoint
2016-02-24 00:12:21 -05:00
d7e976b973
feat(server): implement device registration api
2015-11-17 10:28:30 +00:00
9ebec1a32b
feat(profile): Add oauth-authenticated /account/profile endpoint.
2015-10-30 14:58:04 +11:00
664d73ef14
feat(server): optionally enforce a strict CORS origin
2015-10-16 10:29:25 +01:00
e630ed61a7
fix(tests): changes for "Firefox Account Verified" in train-46
2015-09-21 16:28:25 -07:00
98e2ee0fa3
Merge pull request #1050 from jrgm/e2e-email-notifications-script-changes
...
fix(tests): improved script to checking email of all supported locales
2015-09-21 13:10:17 -07:00
bdc9c367b4
fix(tests): changes to allow setting accept-language for some requests
2015-09-12 20:18:33 -07:00
c3eb84d4ff
added post verify email
2015-09-10 12:36:27 -07:00
3d49b5110d
fix(api): accept service as a query parameter
...
Fixes #961
2015-07-17 09:17:03 +01:00
07a8ba1dff
chore(build): Replacing JSHint with ESLint
2015-06-18 17:39:32 -07:00
fa7d1bd6a6
feat(server): Log the `service` and `reason` parameters for `/account/login`.
...
This is the first step to determine the volume of notificatione mails that will be sent.
issue #875
2015-05-20 17:45:37 +01:00
4cabe83c1a
switch promises to bluebird from p-promise to match newer fxa services
2015-05-17 18:08:24 -07:00
2817971924
reorganized source files
2015-05-10 12:11:59 -07:00
24bce22a22
unceremoniously removed /account/devices endpoint
2015-05-07 11:39:32 -07:00
cbad29619c
Locked account updates.
...
* `lockAccount` takes both `lockedAt` and `unlockCode`
* Expose the `unlockCode` endpoint to get the unlock code
* Add an `/account/lock` endpoint. Used for testing.
* Sending an account unlock email requires the account to be locked.
* Add API docs for /account/lock
* Point to the mozilla repo for fxa-auth-db-mem
* Add an `enableLockout` configuration option.
* Extract the route removal code into a module.
* Add a new error `accountNotLocked`. Error is only returned for `/account/unlock/resend_code`
* A new `locked` event is logged whenever an account is locked. Can be used to determine the number of locked accounts over a timespan.
2015-02-26 20:43:37 +00:00
087abb2d99
Initial account lockout work
...
* API spec
* Add account/unlock/resend_code, account/unlock/verify_code routes and and related logic.
2015-02-26 16:06:22 +00:00
696b43ffc3
added 'resume' optional parameter for email sending endpoints
2014-09-04 14:17:52 -07:00
0e66115b9e
initial sketch of preVerifiedTokens
2014-08-22 11:15:21 -07:00
ae8fac776f
test client shouldn't send 'undefined' accept-language
2014-07-27 16:04:16 -07:00
262aa816f1
another account status test case
2014-07-14 15:11:00 -07:00
a00f30aab1
allow /account/status to be authenticated with a sessionToken
2014-07-13 13:55:39 -07:00
3ca7277630
added locale to account
2014-07-08 14:54:25 -07:00
4a15d02726
moved client into test directory
2014-06-03 11:15:36 -07:00
Vijay Budhram
Phil Booth
Ryan Kelly
Ryan Kelly
Sean McArthur
Hector Zhao
Vijay Budhram
John Morrison
Danny Coates
Peter deHaan
Shane Tomlinson
Ryan Kelly