| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-04-06 | Remove sign-in token authentication, instead send e-mail about new sign-in ↵ | Eugen Rochko | |
| (#17970) | |||
| 2021-08-25 | Fix authentication failures after going halfway through a sign-in attempt ↵ | Claire | |
| (#16607) * Add tests * Add security-related tests My first (unpublished) attempt at fixing the issues introduced (extremely hard-to-exploit) security vulnerabilities, addressing them in a test. * Fix authentication failures after going halfway through a sign-in attempt * Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious | |||
| 2021-06-21 | Add authentication history (#16408) | Eugen Rochko | |
| 2020-11-12 | Fix 2FA/sign-in token sessions being valid after password change (#14802) | Eugen Rochko | |
| If someone tries logging in to an account and is prompted for a 2FA code or sign-in token, even if the account's password or e-mail is updated in the meantime, the session will show the prompt and allow the login process to complete with a valid 2FA code or sign-in token | |||
| 2020-06-20 | Fix not working I18n on 2FA and Sign in token page (#14087) | fuyu | |
| 2020-06-09 | Add e-mail-based sign in challenge for users with disabled 2FA (#14013) | Eugen Rochko | |
 |
index : mastodon | |
| Plural Café fork of Mastodon/Glitch Social |
| about summary refs log tree commit diff |