33 Commits (d377c690a45399fa2baa072e01e51e8d82a8b384)

Author SHA1 Message Date
Eugen Rochko 7b3972c270 Remove IP tracking columns from users table (#16409)
3 years ago
Claire 9e122d774d Fix reviving revoked sessions and invalidating login (#16943)
3 years ago
Claire e47570388a Drop dependency on secure_headers, fix response headers (#15712)
4 years ago
Cecylia Bocovich 6c300f08e5 Onion service related changes to HTTPS handling (#15560)
4 years ago
Eugen Rochko b788e7eb6f Fix cookies not having a SameSite attribute (#15098)
4 years ago
Mathieu Brunot 128a7ab7eb Add an LDAP Mail attribute config (#12053)
5 years ago
Mathieu Brunot 462788cb12 Convert LDAP username (#12461)
5 years ago
Eugen Rochko 3773115066 Fix authentication before 2FA challenge (#11943)
5 years ago
Eugen Rochko 8eb0d880cb Fix 2FA challenge and password challenge for non-database users (#11831)
5 years ago
Moritz Heiber f2cefd9d73 Disable Same-Site cookie implementation to fix SSO issues on WebKit browsers (#9819)
6 years ago
Sorin Davidoi 0b1c90bf88 feat(cookies): Use the same-site attribute to lax (#8626)
6 years ago
Immae cbaabe0215 Add ldap search filter (#8151)
6 years ago
abcang b46416fe47 Add secure option to additional cookie (#8069)
6 years ago
Eugen Rochko 59b3b38b0e Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env (#6845)
7 years ago
Alexander af08f6042d rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) (#6833)
7 years ago
Alexander 988f6505e4 fix logic for pam_controlled_service (#6599)
7 years ago
Eugen Rochko 9721b7746a Fix #942: Seamless LDAP login (#6556)
7 years ago
Eugen Rochko 555e7205da Make PAM gem optional, allow configuration over environment (#6415)
7 years ago
Alexander 23ce0c86da pam authentication (#5303)
7 years ago
Patrick Figel 3c20cfd734 Add confirmation step for email changes (#6071)
7 years ago
Eugen Rochko 506508f30c Extend Devise remember_me longevity to 1 year instead of 2 weeks (#4587)
7 years ago
Eugen Rochko f3e8fca1a7 Fix sessions being replaced needlessly (#4292)
7 years ago
Eugen Rochko 0217e15dd3 Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091)
7 years ago
Eugen Rochko c465c5b3a8 Add overview of active sessions (#3929)
7 years ago
Sorin Davidoi 1280559503 Revocable sessions (#3616)
8 years ago
Patrick Figel 15b393201e Add recovery code support for two-factor auth (#1773)
8 years ago
Yann GUERN dc7ea0225a Avoid user enumeration with devise paranoid mode (#1527)
8 years ago
Eugen Rochko 0bf8c1b5d8 Do not automatically login after password reset, as it would circumvent two-factor auth (if enabled)
8 years ago
Eugen Rochko 9b8670c939 Added optional two-factor authentication
8 years ago
Eugen Rochko 0e0b4f9e59 i18n for devise mailer too
8 years ago
Eugen Rochko 2c374cd97c Adding e-mail configuration
9 years ago
Eugen Rochko ab6696e855 Adding doorkeeper, adding a REST API
9 years ago
Eugen Rochko 7e93da3f8d Removing grape and adding devise
9 years ago