Wrong config option was used to display the minimum length error msg.
(username_min_len instead of passwd_min_len)
Signed-off-by: moson <moson@archlinux.org>
Renaming of symbols. Functions, variables, values, DB values, etc.
Basically everything that is not user-facing.
This only covers "Trusted User" things:
tests, comments, etc. will covered in a following commit.
Whenever the AURREMEMBER cookie was defined, regardless of its value,
"remember_me" is always set to True
The get method of a dict returns a string,
converting a value of str "False" into a bool -> True
We have to check AURREMEMBERs value instead.
Signed-off-by: moson-mo <mo-son@mailbox.org>
In my opinion, this kind of handling of transactions is pretty ugly.
The being said, we have issues with running into deadlocks on aur.al,
so this commit works against that immediate bug.
An ideal solution would be to deal with retrying transactions through
the `db.begin()` scope, so we wouldn't have to explicitly annotate
functions as "retry functions," which is what this commit does.
Closes#376
Signed-off-by: Kevin Morris <kevr@0cost.org>
There was one blazing issue with the previous implementation regardless
of the multiple records: we were generating fingerprints by storing
the key into a file and reading it with ssh-keygen. This is absolutely
terrible and was not meant to be left around (it was forgotten, my bad).
Took this opportunity to clean up a few things:
- simplify pubkey validation
- centralize things a bit better
Signed-off-by: Kevin Morris <kevr@0cost.org>
While this does make more sense to me personally, there is no need
to change how the AUR treats its users; it has been accepted for
ages and not found to be ridden with flaws. Stay with the tried
and true method.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit also decouples testing regarding this feature
into several test functions.
Signed-off-by: Kevin Morris <kevr@0cost.org>
bump
Signed-off-by: Kevin Morris <kevr@0cost.org>
Changes:
-------
- Add aurweb.db.get_session()
- Returns aurweb.db's global `session` instance
- Provides us a way to change the implementation of the session
instance without interrupting user code.
- Use aurweb.db.get_session() in session API methods
- Add docstrings to session API methods
- Refactor aurweb.db.delete
- Normalize aurweb.db.delete to an alias of session.delete
- Refresh instances in places we depend on their non-PK columns
being up to date.
Signed-off-by: Kevin Morris <kevr@0cost.org>
