about summary refs log tree commit diff
path: root/app/controllers/auth
AgeCommit message (Collapse)Author
2017-09-10Default follows for new users (#4871)Eugen Rochko
When a new user confirms their e-mail, bootstrap their home timeline by automatically following a set of accounts. By default, all local admin accounts (that are unlocked). Can be customized by new admin setting (comma-separated usernames, local and unlocked only)
2017-08-03Redirect to PasswordController#new when reset_password_token is invalid (#4506)nullkal
2017-06-25Add overview of active sessions (#3929)Eugen Rochko
* Add overview of active sessions * Better display of browser/platform name * Improve how browser information is stored and displayed for sessions overview * Fix test
2017-06-11Make sure email is case insensitive on all places (#3688)René Klačan
When case insensitivity is enabled via devise's `config.case_insensitive_keys` then `.find_for_authentication` method needs to be used instead of `.find_by` because second mentioned returns `nil` when valid email with different cases is passed. More info https://github.com/plataformatec/devise/wiki/How-To:-Use-case-insensitive-emails
2017-05-27Fix empty flash message on the settings page (#3345)unarist
2017-05-26Go to root after login in single user mode (#3289)Akinori MUSHA
In single user mode, visitors are redirected to the single user's profile page. So, if you are the owner without a session, you start from that page, click the login button and authenticate yourself expecting you'll soon get started with the home page, but in reality you'll get redirected back to where you started from -- your own profile page. This fixes the behavior by redirecting you home after login if you have started from your own profile page.
2017-05-23Fix Devise destroy method being available to delete user record (#3266)Eugen Rochko
(You may think that we need account deletions, but this way would've just orphaned the db records)
2017-05-02Auth sign out (#2511)Matt Jankowski
* Add a spec for signing out * Add spec showing that suspended user gets a 403 forbidden on sign out * Allow suspended account users to sign out
2017-05-01Fix Rubocop offences (#2630)yhirano
* disable Bundler/OrderedGems * fix rubocop Lint/UselessAssignment * fix rubocop Style/BlockDelimiters * fix rubocop Style/AlignHash * fix rubocop Style/AlignParameters, Style/EachWithObject * fix rubocop Style/SpaceInLambdaLiteral
2017-04-27Catch error when server decryption fails on 2FA (#2512)Matt Jankowski
2017-04-17Assign user locale on signup (#1982)saturday06
2017-04-15Give SINGLE_USER a chance to register (#1820)Marcin Cieślak
An attempt to open a brand new Mastodon instance configured as SINGLE_USER_MODE=true will cause an exception. Enable temporary registration if we have no users in the database Fixes #1817
2017-04-15Add recovery code support for two-factor auth (#1773)Patrick Figel
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
2017-04-04New admin setting: open/close registrations, with custom message, from the ↵Eugen Rochko
admin UI
2017-02-08Fix #611 - Layout setting in registrations controllerEugen
2017-01-28Split 2FA login into two promptsEugen Rochko
2017-01-28Update settings to re-use admin layout, one big navigation tree, improve ↵Eugen Rochko
settings forms
2017-01-27Added optional two-factor authenticationEugen Rochko
2017-01-04Fix #390 - fix redirect after sign-up (to login page instead of homepage)Eugen Rochko
2016-12-06Add single user modeEugen Rochko
2016-11-15Fix rubocop issues, introduce usage of frozen literal to improve performanceEugen Rochko
2016-10-13Shorten rendered links (strip protocol and www, truncate to 30 chars), redirectEugen Rochko
to sign in page after sign up instead of root path which redirects to /about
2016-10-03Adding e-mail confirmationsEugen Rochko
2016-10-02Redirect after sign in to previous page (unless it's a sign in/up/etc page)Eugen Rochko
2016-09-29Improve code styleEugen Rochko
2016-09-26Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - appEugen Rochko
registration API
2016-08-17Upgrade to Rails 5.0.0.1Eugen Rochko
2016-03-28Remember me enabled by defaultEugen Rochko
2016-03-26Moving Salmon notifications to background processing, fixing mini-profilerEugen Rochko
behaviour with Turbolinks enabled, optimizing Rabl for production
2016-03-26Fix favourite handling in ProcessInteractionServiceEugen Rochko
2016-03-26Remember user logins by defaultEugen Rochko
2016-03-21Change default avatar, redirect to home after sign upEugen Rochko
2016-03-05Customizing devise views and controllersEugen Rochko