mastodon

Commit Graph

Author	SHA1	Message	Date
Thibaut Girka	1c448d6474	Merge branch 'master' into glitch-soc/merge-upstream Conflicts: - app/controllers/auth/sessions_controller.rb Upstream reverted something we partially reverted already. Reverted the rest to match upstream.	7 years ago
Eugen Rochko	5c8e7f0e1d	Revert "feat(auth/session_controller): Send Clear-Site-Data when logging out (8627)" (#9161 ) This reverts commit `10680f93e7`.	7 years ago
Thibaut Girka	91bef4759f	Merge branch 'master' into glitch-soc/merge-upstream Conflicts: Vagrantfile app/javascript/packs/public.js app/views/admin/settings/edit.html.haml app/views/settings/preferences/show.html.haml app/views/settings/profiles/show.html.haml config/locales/es.yml config/locales/simple_form.en.yml config/webpack/configuration.js config/webpack/loaders/babel.js package.json yarn.lock Split new additions to app/javascript/packs/public.js to app/javascript/core/settings.js	8 years ago
luzpaz	40dd19be37	Misc. typos (#8694 ) Found via `codespell -q 3 --skip="./app/javascript/mastodon/locales,./config/locales"`	8 years ago
Thibaut Girka	f1214f00d9	Do not clear local storage on log out	8 years ago
Thibaut Girka	cd99255698	Merge branch 'master' into glitch-soc/merge-upstream Conflicts: app/controllers/oauth/authorizations_controller.rb Just two changes being too close to one another. Took both.	8 years ago
Eugen Rochko	2288d50a7b	Add force_login option to OAuth authorize page (#8655 ) * Add force_login option to OAuth authorize page For when a user needs to sign into an app from multiple accounts on the same server * When logging out from modal header, redirect back after re-login	8 years ago
Sorin Davidoi	10680f93e7	feat(auth/session_controller): Send Clear-Site-Data when logging out (#8627 ) Will clear the browser's cache, cookies and storage. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data https://w3c.github.io/webappsec-clear-site-data/	8 years ago
Thibaut Girka	246c313d45	Merge branch 'master' into glitch-soc/merge-upstream Conflicts: app/controllers/application_controller.rb Changed instance theme selection by instance flavour selection.	8 years ago
Eugen Rochko	2f34b747b3	Allow mods to disable login, improve message when login disabled (#8329 ) * Allow moderators to disable/enable login * Instead of rejecting login, show forbidden error when login disabled Avoid confusion because when login is rejected, the message is that the account is not activated, which is wrong. * Fix tests	8 years ago
Thibaut Girka	c1c514ca70	Merge branch 'master' into glitch-soc/merge-upstream Manually-resolved conflicts: .circleci/config.yml app/controllers/accounts_controller.rb app/controllers/auth/passwords_controller.rb app/controllers/statuses_controller.rb app/javascript/packs/public.js app/models/media_attachment.rb app/views/stream_entries/_content_spoiler.html.haml app/views/stream_entries/_media.html.haml config/locales/en.yml config/locales/ja.yml config/locales/pl.yml lib/mastodon/version.rb Some content from app/javascript/packs/public.js has been split to app/javascript/core/settings.js. Translation strings for glitch-soc's keyword mutes were dropped. Everything else was mostly “take both”.	8 years ago
Eugen Rochko	60df87f6f0	Compensate for scrollbar disappearing when media modal visible (#8100 ) * Compensate for scrollbar disappearing when media modal visible Make auth pages backgrounds lighter * Fix typo	8 years ago
Jenkins	447d7e6127	Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master	8 years ago
Eugen Rochko	a29d409e20	If login redirects to omniauth, redirect logout to root_path (#6694 ) Fix #6670	8 years ago
David Yip	1b8fcd4df5	Merge remote-tracking branch 'origin/master' into merge-upstream Conflicts: README.md app/controllers/follower_accounts_controller.rb app/controllers/following_accounts_controller.rb app/serializers/rest/instance_serializer.rb app/views/stream_entries/_simple_status.html.haml config/locales/simple_form.ja.yml	8 years ago
Eugen Rochko	47bdb9b33b	Fix #942 : Seamless LDAP login (#6556 )	8 years ago
imncls	bb6988a7ac	Merge branch 'master' of https://github.com/tootsuite/mastodon # Conflicts: # app/controllers/settings/exports_controller.rb # app/models/media_attachment.rb # app/models/status.rb # app/views/about/show.html.haml # docker_entrypoint.sh # spec/views/about/show.html.haml_spec.rb	8 years ago
Ghislain Loaec	e668180044	New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) (#6540 )	8 years ago
David Yip	4c1fd9a19c	Merge remote-tracking branch 'tootsuite/master' into merge-upstream Conflicts: app/javascript/styles/mastodon/components.scss	8 years ago
Alexander	04fef7b888	pam authentication (#5303 ) * add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style	8 years ago
David Yip	bf1eb0912c	Set packs on 2FA-related pages. Fixes #271 . Specifically, this commit: - changes S::TFA::{Confirmations,RecoveryCodes}Controller to derive from S::BaseController, because this gives us the necessary actions and packs - prepends set_pack to Auth::SessionsController's action chain so that it takes effect in time for render :two_factor	8 years ago
kibigo!	bdbbd06dad	Finalized theme loading and stuff	8 years ago
Eugen Rochko	3e90987c8b	Fix some rubocop style issues (#5730 )	8 years ago
takayamaki	552d22bec9	sign_in and sign_up views present og meta infos (#5308 )	9 years ago
René Klačan	dcf0530218	Make sure email is case insensitive on all places (#3688 ) When case insensitivity is enabled via devise's `config.case_insensitive_keys` then `.find_for_authentication` method needs to be used instead of `.find_by` because second mentioned returns `nil` when valid email with different cases is passed. More info https://github.com/plataformatec/devise/wiki/How-To:-Use-case-insensitive-emails	9 years ago
unarist	ecef03bb15	Fix empty flash message on the settings page (#3345 )	9 years ago
Akinori MUSHA	f6a93fc150	Go to root after login in single user mode (#3289 ) In single user mode, visitors are redirected to the single user's profile page. So, if you are the owner without a session, you start from that page, click the login button and authenticate yourself expecting you'll soon get started with the home page, but in reality you'll get redirected back to where you started from -- your own profile page. This fixes the behavior by redirecting you home after login if you have started from your own profile page.	9 years ago
Matt Jankowski	268dd32d76	Auth sign out (#2511 ) * Add a spec for signing out * Add spec showing that suspended user gets a 403 forbidden on sign out * Allow suspended account users to sign out	9 years ago
yhirano	3988f2dade	Fix Rubocop offences (#2630 ) * disable Bundler/OrderedGems * fix rubocop Lint/UselessAssignment * fix rubocop Style/BlockDelimiters * fix rubocop Style/AlignHash * fix rubocop Style/AlignParameters, Style/EachWithObject * fix rubocop Style/SpaceInLambdaLiteral	9 years ago
Matt Jankowski	b48f2cbc8b	Catch error when server decryption fails on 2FA (#2512 )	9 years ago
Patrick Figel	df4ff9a8e1	Add recovery code support for two-factor auth (#1773 ) * Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names	9 years ago
Eugen Rochko	23b997ae55	Split 2FA login into two prompts	9 years ago
Eugen Rochko	ba192f12e3	Added optional two-factor authentication	9 years ago
Eugen Rochko	fdc17bea58	Fix rubocop issues, introduce usage of frozen literal to improve performance	9 years ago
Eugen Rochko	fc198a8b4c	Adding e-mail confirmations	10 years ago
Eugen Rochko	a0f85774c4	Redirect after sign in to previous page (unless it's a sign in/up/etc page)	10 years ago
Eugen Rochko	7e14eefc81	Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app registration API	10 years ago
Eugen Rochko	ff2cbc0753	Remember me enabled by default	10 years ago
Eugen Rochko	da4b675aca	Fix favourite handling in ProcessInteractionService	10 years ago
Eugen Rochko	43bb8a25e7	Remember user logins by default	10 years ago
Eugen Rochko	6045b6cb18	Customizing devise views and controllers	10 years ago

41 Commits (cf4fd8bcfe22c8ef8e6e2a86149dec3b39adc93c)