Claire
06f653972a
Add OMNIAUTH_ONLY environment variable to enforce externa log-in ( #17288 )
...
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes #15959
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
2022-01-23 15:52:58 +01:00
Eugen Rochko
a217a14b58
Fix omniauth (SAML/CAS) sign-in routes not having CSRF protection ( #15228 )
2020-11-28 05:17:53 +01:00
Eugen Rochko
d3105031f8
Redesign forms, verify link ownership with rel="me" ( #8703 )
...
* Verify link ownership with rel="me"
* Add explanation about verification to UI
* Perform link verifications
* Add click-to-copy widget for verification HTML
* Redesign edit profile page
* Redesign forms
* Improve responsive design of settings pages
* Restore landing page sign-up form
* Fix typo
* Support <link> tags, add spec
* Fix links not being verified on first discovery and passive updates
2018-09-18 16:45:58 +02:00
Eugen Rochko
9721b7746a
Fix #942 : Seamless LDAP login ( #6556 )
2018-02-28 19:04:53 +01:00
Eugen Rochko
5322013f25
CAS + SAML authentication feature ( #6425 )
...
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
2018-02-04 05:42:13 +01:00
Alexander
23ce0c86da
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
takayamaki
cfab4a7ce4
sign_in and sign_up views present og meta infos ( #5308 )
2017-10-11 00:52:25 +02:00
Lynx Kotoura
b7482e4a9f
Fix autocomplete option in haml files ( #4438 )
...
* Fix autocomplete in two_factor.html.haml
* Fix autocomplete in registrations edit.html.haml
* Fix autocomplete in passwords edit.html.haml
* Fix autocomplete in _registration.html.haml
* Fix autocomplete in new.html.haml
* Fix autocomplete in show.html.haml
* Add autocomplete option to sessions new.html.haml
* Add autocomplete option to 2FA new.html.haml
* Add autocomplete option to 2FA show.html.haml
2017-07-29 14:20:31 +02:00
yhirano
cf1f65bf58
Added haml-lint and fix warnings ( #2773 )
...
* add haml_lint to Gemfile
* add .haml-lint.yml
* fix warnings of haml_lint
2017-05-08 03:35:25 +02:00
Eugen Rochko
c58da52e9f
Split 2FA login into two prompts
2017-01-28 20:43:38 +01:00
Eugen Rochko
9b8670c939
Added optional two-factor authentication
2017-01-27 20:35:16 +01:00
Eugen Rochko
0e956910c3
Adding some localizations
2016-11-15 23:02:57 +01:00
Eugen Rochko
be2b3eb241
Fix #136 : Add aria-labels
2016-11-03 19:19:39 +01:00
Eugen Rochko
be98addccc
Improving all forms
2016-10-18 16:37:15 +02:00
Eugen Rochko
32b6dc088e
Add window titles to auth pages and about page, link sign up/login from about page
2016-10-14 01:03:12 +02:00
Eugen Rochko
6045b6cb18
Customizing devise views and controllers
2016-03-05 22:43:05 +01:00