lcpojr / watcher_ex Goto Github PK
View Code? Open in Web Editor NEWAn Oauth2 server interelly in elixir.
License: Apache License 2.0
An Oauth2 server interelly in elixir.
License: Apache License 2.0
We have to block an subject that fails on sign in continuously temporarilly.
This will help a lot to prevent this kind of attack because any attempt after subject be blocked will not succeed.
We have to start creating admin APIs to be facilitate our tests while developing.
We could start by just requests totp.
We could use redix and other services for saving cache instead of local ets.
I was reading the policies on authorizer app and something came into my mind when I read the validation part. Shouldn't we catch all on validation failure? I mean, when the first function clause doesn't match.
def validate(%Conn{private: %{session: session}} = context) when is_map(session) do
case session do
%{subject_id: id, subject_type: type} when is_binary(id) and type in @subject_types ->
Logger.debug("Policity #{__MODULE__} validated with success")
{:ok, context}
_any ->
Logger.error("Policy #{__MODULE__} failed on validation because session is invalid")
{:error, :unauthorized}
end
end
def validate(%Conn{private: %{session: _}}) do
Logger.error("Policy #{__MODULE__} failed on validation because session was not found")
{:error, :unauthorized}
end
The difference is that it returns a 50x instead of 403 because the process dies (right?)
When we starting creating admin routes we will need an authorizer plug to ensure that the subject really is an admin.
It will be easy to test and makes more sense if we move all input validations to RestAPI controllers.
In order to improve the endpoint documentation \ tests it would be nice to have an library to generate docs for endpoints.
Maybe we could use this: https://github.com/open-api-spex
We have to start creating admin APIs to be facilitate our tests while developing.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.