| Age | Commit message (Collapse) | Author |
|---|
|
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes #15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
|
|
|
|
* Verify link ownership with rel="me"
* Add explanation about verification to UI
* Perform link verifications
* Add click-to-copy widget for verification HTML
* Redesign edit profile page
* Redesign forms
* Improve responsive design of settings pages
* Restore landing page sign-up form
* Fix typo
* Support <link> tags, add spec
* Fix links not being verified on first discovery and passive updates
|
|
|
|
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
|
|
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
|
|
|
|
* Fix autocomplete in two_factor.html.haml
* Fix autocomplete in registrations edit.html.haml
* Fix autocomplete in passwords edit.html.haml
* Fix autocomplete in _registration.html.haml
* Fix autocomplete in new.html.haml
* Fix autocomplete in show.html.haml
* Add autocomplete option to sessions new.html.haml
* Add autocomplete option to 2FA new.html.haml
* Add autocomplete option to 2FA show.html.haml
|
|
* add haml_lint to Gemfile
* add .haml-lint.yml
* fix warnings of haml_lint
|
|
|
|
|
|
|
|
|
|
|
|
about page
|
|
|
