about summary refs log tree commit diff
path: root/app/controllers/auth/sessions_controller.rb
AgeCommit message (Collapse)Author
2018-10-30Revert "feat(auth/session_controller): Send Clear-Site-Data when logging out ↵Eugen Rochko
(8627)" (#9161) This reverts commit 10680f93e7d6333d43aabc4c6f251a076120231c.
2018-09-14Misc. typos (#8694)luzpaz
Found via `codespell -q 3 --skip="./app/javascript/mastodon/locales,./config/locales"`
2018-09-09Add force_login option to OAuth authorize page (#8655)Eugen Rochko
* Add force_login option to OAuth authorize page For when a user needs to sign into an app from multiple accounts on the same server * When logging out from modal header, redirect back after re-login
2018-09-07feat(auth/session_controller): Send Clear-Site-Data when logging out (#8627)Sorin Davidoi
Will clear the browser's cache, cookies and storage. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data https://w3c.github.io/webappsec-clear-site-data/
2018-08-23Allow mods to disable login, improve message when login disabled (#8329)Eugen Rochko
* Allow moderators to disable/enable login * Instead of rejecting login, show forbidden error when login disabled Avoid confusion because when login is rejected, the message is that the account is not activated, which is wrong. * Fix tests
2018-07-31Compensate for scrollbar disappearing when media modal visible (#8100)Eugen Rochko
* Compensate for scrollbar disappearing when media modal visible Make auth pages backgrounds lighter * Fix typo
2018-03-08If login redirects to omniauth, redirect logout to root_path (#6694)Eugen Rochko
Fix #6670
2018-02-28Fix #942: Seamless LDAP login (#6556)Eugen Rochko
2018-02-23New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML ↵Ghislain Loaec
strategies) (#6540)
2018-02-02pam authentication (#5303)Alexander
* add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
2017-11-17Fix some rubocop style issues (#5730)Eugen Rochko
2017-10-11sign_in and sign_up views present og meta infos (#5308)takayamaki
2017-06-11Make sure email is case insensitive on all places (#3688)René Klačan
When case insensitivity is enabled via devise's `config.case_insensitive_keys` then `.find_for_authentication` method needs to be used instead of `.find_by` because second mentioned returns `nil` when valid email with different cases is passed. More info https://github.com/plataformatec/devise/wiki/How-To:-Use-case-insensitive-emails
2017-05-27Fix empty flash message on the settings page (#3345)unarist
2017-05-26Go to root after login in single user mode (#3289)Akinori MUSHA
In single user mode, visitors are redirected to the single user's profile page. So, if you are the owner without a session, you start from that page, click the login button and authenticate yourself expecting you'll soon get started with the home page, but in reality you'll get redirected back to where you started from -- your own profile page. This fixes the behavior by redirecting you home after login if you have started from your own profile page.
2017-05-02Auth sign out (#2511)Matt Jankowski
* Add a spec for signing out * Add spec showing that suspended user gets a 403 forbidden on sign out * Allow suspended account users to sign out
2017-05-01Fix Rubocop offences (#2630)yhirano
* disable Bundler/OrderedGems * fix rubocop Lint/UselessAssignment * fix rubocop Style/BlockDelimiters * fix rubocop Style/AlignHash * fix rubocop Style/AlignParameters, Style/EachWithObject * fix rubocop Style/SpaceInLambdaLiteral
2017-04-27Catch error when server decryption fails on 2FA (#2512)Matt Jankowski
2017-04-15Add recovery code support for two-factor auth (#1773)Patrick Figel
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
2017-01-28Split 2FA login into two promptsEugen Rochko
2017-01-27Added optional two-factor authenticationEugen Rochko
2016-11-15Fix rubocop issues, introduce usage of frozen literal to improve performanceEugen Rochko
2016-10-03Adding e-mail confirmationsEugen Rochko
2016-10-02Redirect after sign in to previous page (unless it's a sign in/up/etc page)Eugen Rochko
2016-09-26Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - appEugen Rochko
registration API
2016-03-28Remember me enabled by defaultEugen Rochko
2016-03-26Fix favourite handling in ProcessInteractionServiceEugen Rochko
2016-03-26Remember user logins by defaultEugen Rochko
2016-03-05Customizing devise views and controllersEugen Rochko
generated by cgit-pink (git 2.37.1) at 2024-11-03 02:59:24 +0000