Commit Graph

15 Commits (9c7505489f9348feade8f8a7b0836cb8f3e92df5)

Author SHA1 Message Date
Akihiko Odaki 7bf2d6cb06 Spec Auth::ConfirmationsController (#3348) 8 years ago
Akihiko Odaki a7f2961621 Spec Auth::PasswordsController (#3352) 8 years ago
Akinori MUSHA f6a93fc150 Go to root after login in single user mode (#3289)
In single user mode, visitors are redirected to the single user's
profile page.  So, if you are the owner without a session, you start
from that page, click the login button and authenticate yourself
expecting you'll soon get started with the home page, but in reality
you'll get redirected back to where you started from -- your own
profile page.

This fixes the behavior by redirecting you home after login if you
have started from your own profile page.
8 years ago
Eugen Rochko 2ca1f0737a Fix Devise destroy method being available to delete user record (#3266)
(You may think that we need account deletions, but this way would've just orphaned the db records)
8 years ago
Matt Jankowski 268dd32d76 Auth sign out (#2511)
* Add a spec for signing out

* Add spec showing that suspended user gets a 403 forbidden on sign out

* Allow suspended account users to sign out
8 years ago
Matt Jankowski b48f2cbc8b Catch error when server decryption fails on 2FA (#2512) 8 years ago
alpaca-tc 9317ec8eb1 Localize with i18n for Devise::FailureApp (#2309)
This PR fixes I18n.locale for rake middlewares. Mastodon uses Devise that depends on Warden.
Warden::Manager can be found in rake middleware. It is outside of the controller.

In the case of authentication failed, warden calls throw(:warden). At the time Warden::Manager
delegates request to failure_app to generate response and flash[:alert] after catching it.
Unfortunately, I18n.locale is already reset then because I18n.with_locale is enabled only
inside the controller. If we used I18n.locale=, Devise::FailureApp could get the current locale.
8 years ago
saturday06 d87ee1167e Assign user locale on signup (#1982) 8 years ago
Patrick Figel df4ff9a8e1 Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth

When users enable two-factor auth, the app now generates ten
single-use recovery codes. Users are encouraged to print the codes
and store them in a safe place.

The two-factor prompt during login now accepts both OTP codes and
recovery codes.

The two-factor settings UI allows users to regenerated lost
recovery codes. Users who have set up two-factor auth prior to
this feature being added can use it to generate recovery codes
for the first time.

Fixes #563 and fixes #987

* Set OTP_SECRET in test enviroment

* add missing .html to view file names
8 years ago
Eugen 15d442cf9d Fix /api/v1/accounts/update_credentials tests (#1357) 8 years ago
Eugen Rochko 1bbcd71cd4 Fix #390 - fix redirect after sign-up (to login page instead of homepage) 8 years ago
Eugen Rochko 7ac574d9a9 Fix #148 - Devise mailer fixed, test spec added so it won't slip past again 8 years ago
Eugen Rochko 7e14eefc81 Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app
registration API
8 years ago
Eugen Rochko 10ba09f546 Upgrade to Rails 5.0.0.1 8 years ago
Eugen Rochko ff2cbc0753 Remember me enabled by default 9 years ago