1. 28 Feb, 2020 1 commit
  2. 19 Feb, 2020 2 commits
  3. 22 Jul, 2019 1 commit
    • Eugen Rochko's avatar
      Change unconfirmed user login behaviour (#11375) · 964ae8ee
      Eugen Rochko authored
      Allow access to account settings, 2FA, authorized applications, and
      account deletions to unconfirmed and pending users, as well as
      users who had their accounts disabled. Suspended users cannot update
      their e-mail or password or delete their account.
      
      Display account status on account settings page, for example, when
      an account is frozen, limited, unconfirmed or pending review.
      
      After sign up, login users straight away and show a simple page that
      tells them the status of their account with links to account settings
      and logout, to reduce onboarding friction and allow users to correct
      wrongly typed e-mail addresses.
      
      Move the final sign-up step of SSO integrations to be the same
      as above to reduce code duplication.
      964ae8ee
  4. 02 May, 2019 1 commit
  5. 09 Apr, 2019 1 commit
  6. 14 Mar, 2019 1 commit
  7. 12 Feb, 2019 1 commit
  8. 24 Dec, 2018 1 commit
    • Eugen Rochko's avatar
      Add REST API for creating an account (#9572) · 5d2fc6de
      Eugen Rochko authored
      * Add REST API for creating an account
      
      The method is available to apps with a token obtained via the client
      credentials grant. It creates a user and account records, as well as
      an access token for the app that initiated the request. The user is
      unconfirmed, and an e-mail is sent as usual.
      
      The method returns the access token, which the app should save for
      later. The REST API is not available to users with unconfirmed
      accounts, so the app must be smart to wait for the user to click a
      link in their e-mail inbox.
      
      The method is rate-limited by IP to 5 requests per 30 minutes.
      
      * Redirect users back to app from confirmation if they were created with an app
      
      * Add tests
      
      * Return 403 on the method if registrations are not open
      
      * Require agreement param to be true in the API when creating an account
      5d2fc6de
  9. 26 Oct, 2018 1 commit
  10. 30 Jul, 2018 1 commit
  11. 05 Jul, 2018 1 commit
  12. 15 Jun, 2018 1 commit
  13. 02 Feb, 2018 1 commit
    • Alexander's avatar
      pam authentication (#5303) · 04fef7b8
      Alexander authored
      * add pam support, without extra column
      
      * bugfixes for pam login
      
      * document options
      
      * fix code style
      
      * fix codestyle
      
      * fix tests
      
      * don't call remember_me without password
      
      * fix codestyle
      
      * improve checks for pam usage (should fix tests)
      
      * fix remember_me part 1
      
      * add remember_token column because :rememberable requires either a password or this column.
      
      * migrate db for remember_token
      
      * move pam_authentication to the right place, fix logic bug in edit.html.haml
      
      * fix tests
      
      * fix pam authentication, improve username lookup, add comment
      
      * valid? is sometimes not honored, return nil instead trying to authenticate with pam
      
      * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
      
      * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
      
      * codeconvention fixes
      
      * code convention fixes
      
      * fix idention
      
      * update dependency, explicit conflict check
      
      * fix disabled password updates if in pam mode
      
      * fix check password if password is present, fix templates
      
      * block registration if account is maintained by pam
      
      * Revert "block registration if account is maintained by pam"
      
      This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
      
      * fix identation error introduced by rebase
      
      * block usernames maintained by pam
      
      * document pam settings better
      
      * fix code style
      04fef7b8
  14. 02 Jan, 2018 1 commit
    • Patrick Figel's avatar
      Add confirmation step for email changes (#6071) · 04ecf44c
      Patrick Figel authored
      * Add confirmation step for email changes
      
      This adds a confirmation step for email changes of existing users.
      Like the initial account confirmation, a confirmation link is sent
      to the new address.
      
      Additionally, a notification is sent to the existing address when
      the change is initiated. This message includes instruction to reset
      the password immediately or to contact the instance admin if the
      change was not initiated by the account owner.
      
      Fixes #3871
      
      * Add review fixes
      04ecf44c
  15. 27 Nov, 2017 1 commit
    • Eugen Rochko's avatar
      Add consumable invites (#5814) · 740f8a95
      Eugen Rochko authored
      * Add consumable invites
      
      * Add UI for generating invite codes
      
      * Add tests
      
      * Display max uses and expiration in invites table, delete invite
      
      * Remove unused column and redundant validator
      
      - Default follows not used, probably bad idea
      - InviteCodeValidator is redundant because RegistrationsController
        checks invite code validity
      
      * Add admin setting to disable invites
      
      * Add admin UI for invites, configurable role for invite creation
      
      - Admin UI that lists everyone's invites, always available
      - Admin setting min_invite_role to control who can invite people
      - Non-admin invite UI only visible if users are allowed to
      
      * Do not remove invites from database, expire them instantly
      740f8a95
  16. 13 Oct, 2017 1 commit
  17. 10 Oct, 2017 1 commit
  18. 25 Jun, 2017 1 commit
    • Eugen Rochko's avatar
      Add overview of active sessions (#3929) · f7301bd5
      Eugen Rochko authored
      * Add overview of active sessions
      
      * Better display of browser/platform name
      
      * Improve how browser information is stored and displayed for sessions overview
      
      * Fix test
      f7301bd5
  19. 23 May, 2017 1 commit
  20. 17 Apr, 2017 1 commit
  21. 15 Apr, 2017 1 commit
  22. 04 Apr, 2017 1 commit
  23. 08 Feb, 2017 1 commit
  24. 28 Jan, 2017 1 commit
  25. 04 Jan, 2017 1 commit
  26. 06 Dec, 2016 1 commit
  27. 15 Nov, 2016 1 commit
  28. 13 Oct, 2016 1 commit
  29. 29 Sep, 2016 1 commit
  30. 17 Aug, 2016 1 commit
  31. 26 Mar, 2016 1 commit
  32. 21 Mar, 2016 1 commit
  33. 05 Mar, 2016 1 commit