glitchier-soc/spec
Claire 94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
..
controllers Fix authentication failures after going halfway through a sign-in attempt (#16607) 2021-08-25 22:52:41 +02:00
fabricators Add feature to automatically delete old toots (#16529) 2021-08-09 23:11:50 +02:00
features Add submit button to the top of preferences pages (#13068) 2020-03-08 16:04:03 +01:00
fixtures Change references to tootsuite/mastodon to mastodon/mastodon (#16491) 2021-07-13 15:46:20 +02:00
helpers Change RTL detection to rely on unicode-bidi paragraph by paragraph (#14573) 2020-12-15 12:56:43 +01:00
lib Add joined date to profiles in web UI (#16169) 2021-05-07 14:33:19 +02:00
mailers Add Ruby 3.0 support (#16046) 2021-05-06 14:22:54 +02:00
models Fix followers synchronization mechanism not working when URI has empty path (#16510) 2021-08-11 17:48:42 +02:00
policies Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
presenters Change references to tootsuite/mastodon to mastodon/mastodon (#16491) 2021-07-13 15:46:20 +02:00
requests Further preparation for Rails 6 (#15916) 2021-03-19 02:45:34 +01:00
routing Move create/destroy actions for api/v1/statuses to namespace (#3678) 2017-06-10 09:39:26 +02:00
serializers/activitypub Fix account URI in UpdatePollSerializer (#11194) 2019-06-27 19:41:55 +02:00
services Add tests for SuspendAccountService and UnsuspendAccountService (#16627) 2021-08-20 10:53:33 +01:00
support Fix base64-encoded file uploads not being possible (#12748) 2020-01-04 01:54:07 +01:00
validators Add canonical e-mail blocks for suspended accounts (#16049) 2021-04-17 03:14:25 +02:00
views Change references to tootsuite/mastodon to mastodon/mastodon (#16491) 2021-07-13 15:46:20 +02:00
workers Fix followers synchronization mechanism not working when URI has empty path (#16510) 2021-08-11 17:48:42 +02:00
rails_helper.rb Add WebAuthn as an alternative 2FA method (#14466) 2020-08-24 16:46:27 +02:00
spec_helper.rb Move rspec examples to tmp dir (#12539) 2019-12-02 19:55:08 +01:00