Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-08-25 | Fix authentication failures after going halfway through a sign-in attempt ↵ | Claire | |
(#16607) * Add tests * Add security-related tests My first (unpublished) attempt at fixing the issues introduced (extremely hard-to-exploit) security vulnerabilities, addressing them in a test. * Fix authentication failures after going halfway through a sign-in attempt * Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious | |||
2021-06-21 | Add authentication history (#16408) | Eugen Rochko | |
2020-11-12 | Fix 2FA/sign-in token sessions being valid after password change (#14802) | Eugen Rochko | |
If someone tries logging in to an account and is prompted for a 2FA code or sign-in token, even if the account's password or e-mail is updated in the meantime, the session will show the prompt and allow the login process to complete with a valid 2FA code or sign-in token | |||
2020-06-20 | Fix not working I18n on 2FA and Sign in token page (#14087) | fuyu | |
2020-06-09 | Add e-mail-based sign in challenge for users with disabled 2FA (#14013) | Eugen Rochko | |