about summary refs log tree commit diff
path: root/app/controllers/auth
AgeCommit message (Expand)Author
2022-12-15Revoke all authorized applications on password reset (#21325)Francis Murillo
2022-11-17Fix form-action CSP directive for external login (#20962)Claire
2022-11-16Add 'private' to Cache-Control, match Rails expectations (#20608)Daniel Axtens
2022-11-07Fix crash when external auth provider has no display_name set (#19962)Claire
2022-10-30Fix invites (#19560)Claire
2022-10-05Add server rules to sign-up flow (#19296)Eugen Rochko
2022-08-24Add ability to block sign-ups from IP (#19037)Eugen Rochko
2022-06-21Fix suspicious sign-in mails never being sent (#18599)Claire
2022-05-26Fix confirmation redirect to app without `Location` header (#18523)Eugen Rochko
2022-04-06Remove sign-in token authentication, instead send e-mail about new sign-in (#...Eugen Rochko
2022-03-09Allow login through OpenID Connect (#16221)chandrn7
2022-03-01Change old moderation strikes to be displayed in a separate page (#17566)Claire
2022-02-14Add appeals (#17364)Eugen Rochko
2022-01-23Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288)Claire
2022-01-23Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)Claire
2022-01-16Remove IP tracking columns from users table (#16409)Eugen Rochko
2021-11-06Fix reviving revoked sessions and invalidating login (#16943)Claire
2021-09-30Fix webauthn secure key authentication (#16792)Claire
2021-08-26Explicitly set userVerification to discoraged (#16545)Truong Nguyen
2021-08-25Fix authentication failures after going halfway through a sign-in attempt (#1...Claire
2021-08-25Fix undefined variable for Auth::OmniauthCallbacksController (#16654)Daniel
2021-06-21Add authentication history (#16408)Eugen Rochko
2021-05-03Change confirmations controller to redirect to / for approved users (#16151)Claire
2020-12-10Add honeypot fields and minimum fill-out time for sign-up form (#15276)ThibG
2020-11-12Fix 2FA/sign-in token sessions being valid after password change (#14802)Eugen Rochko
2020-10-12Add IP-based rules (#14963)Eugen Rochko
2020-08-24Add WebAuthn as an alternative 2FA method (#14466)santiagorodriguez96
2020-07-14Fix rubocop warning (#14288)abcang
2020-07-07Fix other sessions not being logged out on password change (#14252)Eugen Rochko
2020-06-09Add e-mail-based sign in challenge for users with disabled 2FA (#14013)Eugen Rochko
2020-05-10Remove confusing “You are already signed in.” flash message (#13547)ThibG
2020-02-16Fix sign-ups without checked user agreement being accepted through the web fo...ThibG
2020-01-24Fix password change/reset not immediately invalidating other sessions (#12928)Eugen Rochko
2019-12-30Fix settings pages being cacheable by the browser (#12714)Eugen Rochko
2019-09-24Fix authentication before 2FA challenge (#11943)Eugen Rochko
2019-09-18Add password challenge to 2FA settings, e-mail notifications (#11878)Eugen Rochko
2019-09-15Fix 2FA challenge and password challenge for non-database users (#11831)Eugen Rochko
2019-09-05Fix wrong variable regression from #11753 (#11763)Eugen Rochko
2019-09-04Change account deletion page to have better explanations (#11753)Eugen Rochko
2019-07-22Change unconfirmed user login behaviour (#11375)Eugen Rochko
2019-05-02Check that an invite link is valid before bypassing approval mode (#10657)ThibG
2019-04-09Add "why do you want to join" field to invite requests (#10524)Eugen Rochko
2019-03-14Admission-based registrations mode (#10250)Eugen Rochko
2019-02-12Save IP address used for sign-up, not only sign-in (#10026)ThibG
2018-12-24Add REST API for creating an account (#9572)Eugen Rochko
2018-10-30Revert "feat(auth/session_controller): Send Clear-Site-Data when logging out ...Eugen Rochko
2018-10-26Fix styling in /auth/edit (#9117)ThibG
2018-09-14Misc. typos (#8694)luzpaz
2018-09-09Add force_login option to OAuth authorize page (#8655)Eugen Rochko
2018-09-07feat(auth/session_controller): Send Clear-Site-Data when logging out (#8627)Sorin Davidoi