about summary refs log tree commit diff
path: root/app/views/auth/registrations
AgeCommit message (Collapse)Author
2022-11-08Add password autocomplete hints (#20071)Claire
Fixes #20067 Our password autocomplete hints were “off” but that does not prevent current browsers from trying to autocomplete them anyway, so use `current-password` and `new-password` so they don't put a newly-generated password in a password confirmation prompt, or the old password for a password renewal prompt.
2022-11-07Set autocomplete attr for email field on signup page (#19833)rcombs
The email address will be used as the "username" for sign-in purposes, so it's the value that should be stored in password managers. We can inform the password manager of this by setting `autocomplete="email"`. Without this hint, password managers may instead store the `username` field, which isn't valid for sign-in (this happens with iCloud Keychain in Safari, for instance).
2022-10-30Fix invites (#19560)Claire
Fixes #19507 Fix regression from #19296
2022-10-06Remove setting that disables account deletes (#17683)Eugen Rochko
2022-10-05Add server rules to sign-up flow (#19296)Eugen Rochko
2022-03-22Fix IDN domains not being rendered correctly in a few left-over places (#17848)Eugen Rochko
2022-03-01Change old moderation strikes to be displayed in a separate page (#17566)Claire
* Change old moderation strikes to be displayed in a separate page Fixes #17552 This changes the moderation strikes displayed on `/auth/edit` to be those from the past 3 months, and make all moderation strikes targeting the current user available in `/disputes`. * Add short description of what the strikes page is for * Move link to list of strikes to “Account status” instead of navigation item * Normalize i18n file * Fix layout and styling of strikes link * Revert highlights_on regexp * Reintroduce account status summary - this way, “Account status” is never empty - account status is not necessarily bound to strikes, or recent strikes
2022-02-14Add appeals (#17364)Eugen Rochko
* Add appeals * Add ability to reject appeals and ability to browse pending appeals in admin UI * Add strikes to account page in settings * Various fixes and improvements - Add separate notification setting for appeals, separate from reports - Fix style of links in report/strike header - Change approving an appeal to not restore statuses (due to federation complexities) - Change style of successfully appealed strikes on account settings page - Change account settings page to only show unappealed or recently appealed strikes * Change appealed_at to overruled_at * Fix missing method error
2021-06-21Add authentication history (#16408)Eugen Rochko
2020-12-14Add ability to require invite request text (#15326)ThibG
Fixes #15273 Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10Add honeypot fields and minimum fill-out time for sign-up form (#15276)ThibG
* Add honeypot fields to limit non-specialized spam Add two honeypot fields: a fake website input and a fake password confirmation one. The label/placeholder/aria-label tells not to fill them, and they are hidden in CSS, so legitimate users should not fall into these. This should cut down on some non-Mastodon-specific spambots. * Require a 3 seconds delay before submitting the registration form * Fix tests * Move registration form time check to model validation * Give people a chance to clear the honeypot fields * Refactor honeypot translation strings Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-09-11Refactor settings controllers (#14767)Eugen Rochko
- Disallow suspended accounts from revoking sessions and apps - Allow suspended accounts to access exports
2020-08-19Fix client-side form validation not accepting handles with uppercase letters ↵ThibG
(#14599)
2020-08-12Add client-side validation in password change forms (#14564)ThibG
* Fix client-side username validation at registration It used the Account::USERNAME_RE regexp which is for *remote* users, local user validation is stricter. Also take into account max username length. * Add client-side form validation for password change * Add client-side form validation to dedicated registration form Previous changes only applied to the /about page, not the dedicated form on /auth
2020-04-28Fix end-user-facing uses of inline CSS (#13438)ThibG
* Move some inline styles to CSS files * Move default_account_display_name span to fix useless tags with duplicate id * Change handling of public pages spoiler text from inline CSS to dataset attribute * Use the `dir` HTML attribute instead of inline CSS * Move status action bar inline CSS to CSS file * Hide logo resources from CSS file, not inline CSS Fixes #11601 * Move translation prompt styling from inline CSS to CSS file * Move “invited by” styling on registration form from inline to CSS file * Use the progress tag to display poll results in JS fallback * Fix poll results JS-less fallback when the user has voted for an option * Change account public page “moved” notice to use img tags instead of inline CSS * Move OTP hint inline CSS to SCSS file * Hide JS-less fallback vote progressbars from accessibility tools Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-02-16Fix invite request input not being shown on sign-up error if left empty (#13089)ThibG
If the “Why do you want to join?” textarea is left empty and the entered params do not validate, the textarea isn't shown again, unlike other fields. This commit fixes that by populating an empty `UserInviteRequest` when needed.
2019-09-29Add (back) option to set redirect notice on account without moving followers ↵Eugen Rochko
(#11994) Fix #11913
2019-09-19Add account migration UI (#11846)Eugen Rochko
Fix #10736 - Change data export to be available for non-functional accounts - Change non-functional accounts to include redirecting accounts
2019-09-03Change OpenGraph description on sign-up page to reflect invite (#11744)Eugen Rochko
2019-07-30Add whitelist mode (#11291)Eugen Rochko
2019-07-22Change unconfirmed user login behaviour (#11375)Eugen Rochko
Allow access to account settings, 2FA, authorized applications, and account deletions to unconfirmed and pending users, as well as users who had their accounts disabled. Suspended users cannot update their e-mail or password or delete their account. Display account status on account settings page, for example, when an account is frozen, limited, unconfirmed or pending review. After sign up, login users straight away and show a simple page that tells them the status of their account with links to account settings and logout, to reduce onboarding friction and allow users to correct wrongly typed e-mail addresses. Move the final sign-up step of SSO integrations to be the same as above to reduce code duplication.
2019-04-23Fix sign up button not saying sign up when invite is used (#10623)Eugen Rochko
Fix #10616
2019-04-09Add "why do you want to join" field to invite requests (#10524)Eugen Rochko
* Add "why do you want to join" field to invite requests Fix #10512 * Remove unused translations * Fix broken registrations when no invite request text is submitted
2019-03-14Admission-based registrations mode (#10250)Eugen Rochko
Fix #6856 Fix #6951
2018-11-16Change the password form order (#9267)mayaeh
* Change order of password. * Update Japanese translation for "Show thread". * Separate the translation PR.
2018-10-30Fix td instead of th in sessions table header (#9162)Eugen Rochko
Fix #9130
2018-09-18Redesign forms, verify link ownership with rel="me" (#8703)Eugen Rochko
* Verify link ownership with rel="me" * Add explanation about verification to UI * Perform link verifications * Add click-to-copy widget for verification HTML * Redesign edit profile page * Redesign forms * Improve responsive design of settings pages * Restore landing page sign-up form * Fix typo * Support <link> tags, add spec * Fix links not being verified on first discovery and passive updates
2018-07-28Redesign public profiles and toots (#8068)Eugen Rochko
2018-06-15Add autofollow option to invites (#7805)Eugen Rochko
* Add autofollow option to invites * Trigger CodeClimate rebuild
2018-03-07Add headings to the security settings page (#6661)Sylvhem
* Changes the headings' rank of the security settings section This commit changes the existing headings' rank of the security settings section from level 6 to level 4. * Renames the auth.change_password string into auth.security The "Security" preferences' section used to be called "Change password". When it was renamed, the string name wasn't changed. This commits changes auth.change_password to auth.security. * Adds a heading to the password change form There was previously no heading for the part of the "Security" page that contain the password change form. This commit adds a rank 4 heading to this section and reintroduces an "auth.change_password" string to be used inside it. * Removes useless HR elements The various sections of the "Security" settings page were previously separated by HR elements. Now that there is proper headings, they're not required anymore. * Updates CSS This commit updates CSS in such a way that the same style is applied to all the H4 elements of the settings. * Correct a mistake A character went missing on one of the previous commits, broking the CSS. This new commit fixes it.
2018-02-28Fix #942: Seamless LDAP login (#6556)Eugen Rochko
2018-02-10Fix password recovery (#6459)ThibG
* Fix password recovery * Use “resource” instead of “current_user”
2018-02-02pam authentication (#5303)Alexander
* add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
2018-01-12Handle sessions that can't be translated (#6245)Jeong Arm
* Handle sessions that can't be translated This commit fixes #6165. * Fix typo
2017-11-27Add consumable invites (#5814)Eugen Rochko
* Add consumable invites * Add UI for generating invite codes * Add tests * Display max uses and expiration in invites table, delete invite * Remove unused column and redundant validator - Default follows not used, probably bad idea - InviteCodeValidator is redundant because RegistrationsController checks invite code validity * Add admin setting to disable invites * Add admin UI for invites, configurable role for invite creation - Admin UI that lists everyone's invites, always available - Admin setting min_invite_role to control who can invite people - Non-admin invite UI only visible if users are allowed to * Do not remove invites from database, expire them instantly
2017-10-11sign_in and sign_up views present og meta infos (#5308)takayamaki
2017-09-16Adjust landing pages 2 (#4967)Lynx Kotoura
* Adjust landing pages 2 Fix styles of terms page Remove action buttons from timeline in about page Adjust styles of short description Adjust form inputs Set autocomplete off for username and email box in registration form. Remove line breakings. * Revert removing action buttons
2017-09-09Scrollable tables in settings pages (#4857)Lynx Kotoura
* Scrollable tables in settings pages * Add space before curly brace
2017-09-02Adjust settings pages (#4765)Lynx Kotoura
* views: Adjust heading positions * Adjust settings pages Adjust label. Adjust tables. Adjust admin/reports/* pages. Fix 2FA QR code style for narrow devices. Widen several pages. Increase contrast. * Remove trailing whitespace
2017-07-29Fix autocomplete option in haml files (#4438)Lynx Kotoura
* Fix autocomplete in two_factor.html.haml * Fix autocomplete in registrations edit.html.haml * Fix autocomplete in passwords edit.html.haml * Fix autocomplete in _registration.html.haml * Fix autocomplete in new.html.haml * Fix autocomplete in show.html.haml * Add autocomplete option to sessions new.html.haml * Add autocomplete option to 2FA new.html.haml * Add autocomplete option to 2FA show.html.haml
2017-07-28Fix current session not being displayed in sessions list (#4424)Eugen Rochko
2017-07-19Add feature to revoke sessions (#4259)Yamagishi Kazutoshi
2017-07-11Redesign the landing page, mount public timeline on it (#4122)Eugen Rochko
* Redesign the landing page, mount public timeline on it * Adjust the standalone mounted component to the lacking of router * Adjust auth layout pages to new design * Fix tests * Standalone public timeline polling every 5 seconds * Remove now obsolete translations * Add responsive design for new landing page * Address reviews * Add floating clouds behind frontpage form * Use access token from public page when available * Fix mentions and hashtags links, cursor on status content in standalone mode * Add footer link to source code * Fix errors on pages that don't embed the component, use classnames * Fix tests * Change anonymous autoPlayGif default to false * When gif autoplay is disabled, hover to play * Add option to hide the timeline preview * Slightly improve alt layout * Add elephant friend to new frontpage * Display "back to mastodon" in place of "login" when logged in on frontpage * Change polling time to 3s
2017-07-03Add fa-fw class to user agent icon (#4047)Yamagishi Kazutoshi
2017-06-25Add overview of active sessions (#3929)Eugen Rochko
* Add overview of active sessions * Better display of browser/platform name * Improve how browser information is stored and displayed for sessions overview * Fix test
2017-06-19setting-for-account-deletable (#3852)masarakki
2017-06-14Account deletion (#3728)Eugen Rochko
* Add form for account deletion * If avatar or header are gone from source, remove them * Add option to have SuspendAccountService remove user record, add tests * Exclude suspended accounts from search
2017-05-08Added haml-lint and fix warnings (#2773)yhirano
* add haml_lint to Gemfile * add .haml-lint.yml * fix warnings of haml_lint
2017-01-28Update settings to re-use admin layout, one big navigation tree, improve ↵Eugen Rochko
settings forms
2016-11-15Adding some localizationsEugen Rochko