about summary refs log tree commit diff
path: root/config/initializers/devise.rb
AgeCommit message (Collapse)Author
2018-01-02Add confirmation step for email changes (#6071)Patrick Figel
* Add confirmation step for email changes This adds a confirmation step for email changes of existing users. Like the initial account confirmation, a confirmation link is sent to the new address. Additionally, a notification is sent to the existing address when the change is initiated. This message includes instruction to reset the password immediately or to contact the instance admin if the change was not initiated by the account owner. Fixes #3871 * Add review fixes
2017-08-12Extend Devise remember_me longevity to 1 year instead of 2 weeks (#4587)Eugen Rochko
Force SSL only cookies for remember_me, adjust confirmation expiration time to fit with the user cleanup scheduler
2017-07-22Fix sessions being replaced needlessly (#4292)Eugen Rochko
2017-07-07Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091)Eugen Rochko
* Fix #4058 - Use a long-lived cookie to keep track of user-level sessions * Fix tests, smooth migrate from previous session-based identifier
2017-06-25Add overview of active sessions (#3929)Eugen Rochko
* Add overview of active sessions * Better display of browser/platform name * Improve how browser information is stored and displayed for sessions overview * Fix test
2017-06-23Revocable sessions (#3616)Sorin Davidoi
* feat: Revocable sessions * fix: Tests using sign_in * feat: Configuration entry for the maximum number of session activations
2017-04-15Add recovery code support for two-factor auth (#1773)Patrick Figel
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
2017-04-11Avoid user enumeration with devise paranoid mode (#1527)Yann GUERN
2017-01-27Do not automatically login after password reset, as it would circumvent ↵Eugen Rochko
two-factor auth (if enabled) Do not require e-mail address changes to be re-confirmed, it's only trouble for no real benefit
2017-01-27Added optional two-factor authenticationEugen Rochko
2016-11-16i18n for devise mailer tooEugen Rochko
2016-03-16Adding e-mail configurationEugen Rochko
2016-03-07Adding doorkeeper, adding a REST APIEugen Rochko
POST /api/statuses Params: status (text contents), in_reply_to_id (optional) GET /api/statuses/:id POST /api/statuses/:id/reblog GET /api/accounts/:id GET /api/accounts/:id/following GET /api/accounts/:id/followers POST /api/accounts/:id/follow POST /api/accounts/:id/unfollow POST /api/follows Params: uri (e.g. user@domain) OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
2016-03-05Removing grape and adding deviseEugen Rochko
generated by cgit-pink (git 2.37.1) at 2024-11-05 05:31:57 +0000