102 Commits (42ddc451338b7902318ab081218319d56d7150eb)

Author SHA1 Message Date
Nick Schonning aef0051fd0
Enable Rubocop HTTP status rules (#23717)
2 years ago
Nick Schonning e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697)
2 years ago
David Vega 1b5d207131
Fix single name variables on controller folder (#20092)
2 years ago
Francis Murillo 5fb1c3e934
Revoke all authorized applications on password reset (#21325)
2 years ago
Claire 48e136605a
Fix form-action CSP directive for external login (#20962)
2 years ago
Daniel Axtens 4d85c27d1a
Add 'private' to Cache-Control, match Rails expectations (#20608)
2 years ago
Claire 1e1289b024
Fix crash when external auth provider has no display_name set (#19962)
2 years ago
Claire a529d6d93e
Fix invites (#19560)
2 years ago
Eugen Rochko 679274465b
Add server rules to sign-up flow (#19296)
2 years ago
Eugen Rochko d83faa1a89
Add ability to block sign-ups from IP (#19037)
2 years ago
Claire 327eed0076
Fix suspicious sign-in mails never being sent (#18599)
2 years ago
Eugen Rochko 96129c2f10
Fix confirmation redirect to app without `Location` header (#18523)
2 years ago
Eugen Rochko 6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970)
3 years ago
chandrn7 a6ed6845c9
Allow login through OpenID Connect (#16221)
3 years ago
Claire 14919fe11e
Change old moderation strikes to be displayed in a separate page (#17566)
3 years ago
Eugen Rochko 564efd0651
Add appeals (#17364)
3 years ago
Claire bddd9ba36d
Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288)
3 years ago
Claire cfa583fa71
Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)
3 years ago
Eugen Rochko 8e84ebf0cb
Remove IP tracking columns from users table (#16409)
3 years ago
Claire 6da135a493
Fix reviving revoked sessions and invalidating login (#16943)
3 years ago
Claire 24f9ea7818
Fix webauthn secure key authentication (#16792)
3 years ago
Truong Nguyen 7283a5d3b9
Explicitly set userVerification to discoraged (#16545)
3 years ago
Claire 94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
3 years ago
Daniel 5c21021176
Fix undefined variable for Auth::OmniauthCallbacksController (#16654)
3 years ago
Eugen Rochko d174d12c83
Add authentication history (#16408)
3 years ago
Claire 8c44b723bb
Change confirmations controller to redirect to / for approved users (#16151)
4 years ago
ThibG 49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
4 years ago
Eugen Rochko 8532429af7
Fix 2FA/sign-in token sessions being valid after password change (#14802)
4 years ago
Eugen Rochko 5e1364c448
Add IP-based rules (#14963)
4 years ago
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
4 years ago
abcang 6a96af4d20
Fix rubocop warning (#14288)
4 years ago
Eugen Rochko 844870273f
Fix other sessions not being logged out on password change (#14252)
4 years ago
Eugen Rochko 72a7cfaa39
Add e-mail-based sign in challenge for users with disabled 2FA (#14013)
4 years ago
ThibG 45202f79ef
Remove confusing “You are already signed in.” flash message (#13547)
5 years ago
ThibG c48d895ea7
Fix sign-ups without checked user agreement being accepted through the web form (#13088)
5 years ago
Eugen Rochko daf71573d0
Fix password change/reset not immediately invalidating other sessions (#12928)
5 years ago
Eugen Rochko 6e9e8d89fa
Fix settings pages being cacheable by the browser (#12714)
5 years ago
Eugen Rochko a1f04c1e34
Fix authentication before 2FA challenge (#11943)
5 years ago
Eugen Rochko e1066cd431
Add password challenge to 2FA settings, e-mail notifications (#11878)
5 years ago
Eugen Rochko c707ef49d9
Fix 2FA challenge and password challenge for non-database users (#11831)
5 years ago
Eugen Rochko 58755439ac
Fix wrong variable regression from #11753 (#11763)
5 years ago
Eugen Rochko 43f56f1291
Change account deletion page to have better explanations (#11753)
5 years ago
Eugen Rochko 964ae8eee5
Change unconfirmed user login behaviour (#11375)
5 years ago
ThibG 21a73c52a7 Check that an invite link is valid before bypassing approval mode (#10657)
6 years ago
Eugen Rochko 8b69a66380 Add "why do you want to join" field to invite requests (#10524)
6 years ago
Eugen Rochko 51e154f5e8
Admission-based registrations mode (#10250)
6 years ago
ThibG 67215692fc Save IP address used for sign-up, not only sign-in (#10026)
6 years ago
Eugen Rochko 5d2fc6de32
Add REST API for creating an account (#9572)
6 years ago
Eugen Rochko 5c8e7f0e1d
Revert "feat(auth/session_controller): Send Clear-Site-Data when logging out (8627)" (#9161)
6 years ago
ThibG 215e649391 Fix styling in /auth/edit (#9117)
6 years ago