about summary refs log tree commit diff
path: root/app/models/concerns/omniauthable.rb
AgeCommit message (Collapse)Author
2023-02-18Autofix Rubocop Style/IfUnlessModifier (#23697)Nick Schonning
2023-02-08Apply Rubocop Style/RedundantAssignment (#23452)Nick Schonning
2023-01-13Don't crash on unobtainable avatars (#22462)David Freedman
2022-03-09Allow login through OpenID Connect (#16221)chandrn7
* added OpenID Connect as an SSO option * minor fixes * added comments, removed an option that shouldn't be set * fixed Gemfile.lock * added newline to end of Gemfile.lock * removed tab from Gemfile.lock * remove chomp * codeclimate changes and small name change to make function's purpose clearer * codeclimate fix * added SSO buttons to /about page * minor refactor * minor style change * removed spurious change * removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth * minor changes
2021-03-19WIP (#15222)Eugen Rochko
2021-01-22Optimize some regex matching (#15528)luigi
* Use Regex#match? * Replace =~ too * Avoid to call match? from Nil * Keep value of Regexp.last_match
2020-07-14Fix rubocop warning (#14288)abcang
* Fix rubocop warning * use limit variable * use ContextCreatingMethods option
2020-04-30Only check locally when deduplicating usernames (#13581)kaiyou
When deduplicating account usernames for OAuthable users, the routine did check if any account was known with that username, including remote accounts. This caused some unnecessary deduplication, and usernames ending with unexpected trailing _1. This fixes #13580
2019-09-16Fix SSO login not using existing account when e-mail is verified (#11862)Eugen Rochko
Fix #11472
2019-07-22Change unconfirmed user login behaviour (#11375)Eugen Rochko
Allow access to account settings, 2FA, authorized applications, and account deletions to unconfirmed and pending users, as well as users who had their accounts disabled. Suspended users cannot update their e-mail or password or delete their account. Display account status on account settings page, for example, when an account is frozen, limited, unconfirmed or pending review. After sign up, login users straight away and show a simple page that tells them the status of their account with links to account settings and logout, to reduce onboarding friction and allow users to correct wrongly typed e-mail addresses. Move the final sign-up step of SSO integrations to be the same as above to reduce code duplication.
2019-04-25Fix LDAP/PAM/SAML/CAS users not being approved instantly (#10621)Eugen Rochko
2019-03-14Refactor User model, extract PamAuthenticable, LdapAuthenticable (#10217)Eugen Rochko
2019-01-25Fix SSO authentication not working due to missing agreement boolean (#9915)Eugen Rochko
Fix #9906
2018-10-08rubocop issues - Cleaning up (#8912)ashleyhull-versent
* cleanup pass * undo mistakes * fixed. * revert
2018-03-07Add additional first_name and last_name SAML attribute statement options, ↵Effy Elden
and modify Omniauthable concern to use full_name or first_name + last_name if not available (#6669)
2018-02-23New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML ↵Ghislain Loaec
strategies) (#6540)
2018-02-22New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 (#6538)Ghislain Loaec
2018-02-04CAS + SAML authentication feature (#6425)Eugen Rochko
* Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales