87 Commits (8009c67a09c3cfe958acacab09ef08b4dd48a8e3)

Author SHA1 Message Date
Eugen Rochko 82f8d19424 Add appeals (#17364)
3 years ago
Claire 06f653972a Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288)
3 years ago
Claire 12bb24ea35 Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)
3 years ago
Eugen Rochko 7b3972c270 Remove IP tracking columns from users table (#16409)
3 years ago
Claire 9e122d774d Fix reviving revoked sessions and invalidating login (#16943)
3 years ago
Claire 1dbc4a8611 Fix webauthn secure key authentication (#16792)
3 years ago
Truong Nguyen 567021abeb Explicitly set userVerification to discoraged (#16545)
3 years ago
Claire 84566f17de Fix authentication failures after going halfway through a sign-in attempt (#16607)
3 years ago
Daniel eb30899df2 Fix undefined variable for Auth::OmniauthCallbacksController (#16654)
3 years ago
Eugen Rochko 2067b0bf34 Add authentication history (#16408)
3 years ago
Claire db57eaf207 Change confirmations controller to redirect to / for approved users (#16151)
4 years ago
ThibG e1ef5f3b31 Add honeypot fields and minimum fill-out time for sign-up form (#15276)
4 years ago
Eugen Rochko 90faa8039c Fix 2FA/sign-in token sessions being valid after password change (#14802)
4 years ago
Eugen Rochko da4c730c47 Add IP-based rules (#14963)
4 years ago
santiagorodriguez96 f142983484 Add WebAuthn as an alternative 2FA method (#14466)
4 years ago
abcang aca93fa882 Fix rubocop warning (#14288)
4 years ago
Eugen Rochko a79c5e5e63 Fix other sessions not being logged out on password change (#14252)
4 years ago
Eugen Rochko 2dbf6bc5ad Add e-mail-based sign in challenge for users with disabled 2FA (#14013)
4 years ago
ThibG e9227d8c10 Remove confusing “You are already signed in.” flash message (#13547)
5 years ago
ThibG ddd9bad7f1 Fix sign-ups without checked user agreement being accepted through the web form (#13088)
5 years ago
Eugen Rochko e4aa4a1c28 Fix password change/reset not immediately invalidating other sessions (#12928)
5 years ago
Eugen Rochko 49b6881379 Fix settings pages being cacheable by the browser (#12714)
5 years ago
Eugen Rochko 3773115066 Fix authentication before 2FA challenge (#11943)
5 years ago
Eugen Rochko 1781358bd9 Add password challenge to 2FA settings, e-mail notifications (#11878)
5 years ago
Eugen Rochko 8eb0d880cb Fix 2FA challenge and password challenge for non-database users (#11831)
5 years ago
Eugen Rochko 09fe562dd6 Fix wrong variable regression from #11753 (#11763)
5 years ago
Eugen Rochko 7ef93513f7 Change account deletion page to have better explanations (#11753)
5 years ago
Eugen Rochko 6be7b414e2 Change unconfirmed user login behaviour (#11375)
5 years ago
ThibG af3971a0e6 Check that an invite link is valid before bypassing approval mode (#10657)
6 years ago
Eugen Rochko 7eb05b8724 Add "why do you want to join" field to invite requests (#10524)
6 years ago
Eugen Rochko 73fb7bfa0f Admission-based registrations mode (#10250)
6 years ago
ThibG a60f90b078 Save IP address used for sign-up, not only sign-in (#10026)
6 years ago
Eugen Rochko bbf9f4f93b Add REST API for creating an account (#9572)
6 years ago
Eugen Rochko ca87d98d16 Revert "feat(auth/session_controller): Send Clear-Site-Data when logging out (8627)" (#9161)
6 years ago
ThibG b5042bbeeb Fix styling in /auth/edit (#9117)
6 years ago
luzpaz 1bce70d3c7 Misc. typos (#8694)
6 years ago
Eugen Rochko 72a8ca84e0 Add force_login option to OAuth authorize page (#8655)
6 years ago
Sorin Davidoi 0c756cfd54 feat(auth/session_controller): Send Clear-Site-Data when logging out (#8627)
6 years ago
Eugen Rochko 413a28499d Allow mods to disable login, improve message when login disabled (#8329)
6 years ago
Eugen Rochko a78672ae50 Compensate for scrollbar disappearing when media modal visible (#8100)
6 years ago
Eugen Rochko 08ee72640b If signed in, redirect autofollow invite to profile page (#7956)
6 years ago
Shuhei Kitagawa d61e647e8a Replace bypass option with bypass_sign_in (#7867)
6 years ago
Eugen Rochko 907694df6a Add autofollow option to invites (#7805)
7 years ago
Eugen Rochko fdf409f3b6 If login redirects to omniauth, redirect logout to root_path (#6694)
7 years ago
Eugen Rochko 9721b7746a Fix #942: Seamless LDAP login (#6556)
7 years ago
Ghislain Loaec d1806f5dc4 New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) (#6540)
7 years ago
Eugen Rochko 5322013f25 CAS + SAML authentication feature (#6425)
7 years ago
Alexander 23ce0c86da pam authentication (#5303)
7 years ago
Patrick Figel 3c20cfd734 Add confirmation step for email changes (#6071)
7 years ago
Eugen Rochko 9427823d5c Add more instance stats APIs (#6125)
7 years ago