Commit Graph

113 Commits (a4b1e435ce6f3d3c13f6fac8d79441248ef2df12)

Author SHA1 Message Date
Michael Frister 98f81665db CSRF Protection: Prevent login CSRF 11 years ago
Markus Kahl e624f84c87 log login directly during omniauth procedure 11 years ago
Markus Kahl 8c94da8d89 log last login for omniauth too 11 years ago
Michael Frister d02fde7c40 Fix flash message shown when an account is inactive 11 years ago
Michael Frister d29f5b8421 Fix flash message shown when an account is inactive 11 years ago
Michael Frister c91d04981e Show error on attempt to register with disabled self registration 11 years ago
Philipp Tessenow 281b8d8e5b extract omniauth logic from AccountController into separate omniauth concern 11 years ago
Philipp Tessenow 49c8bec8ec extract methods from omniauth_login 11 years ago
Philipp Tessenow 759775b37a small refactorings in ApplicationController#omniauth_login 11 years ago
kgalli a0af103553 Removal of unnecessary CGI.unescape for back url 11 years ago
kgalli 2a43d74e88 Bugfix for back url if registration is performed via omniauth 11 years ago
Michael Frister 40982532b0 Omniauth: Fix user redirect after pending account and login 11 years ago
Michael Frister cd6fb1dcd4 Redirect user back to original page when logging in via omniauth 11 years ago
Michael Frister e00d26d604 AccountController: Remove unused open_id_authenticate 11 years ago
kgalli 2dbff1fbb2 Log warning if omniauth error occurs but show generic message to user 11 years ago
Michael Frister c5d1d58fad AccountController: Refactor registration via AuthSource into own method 11 years ago
Michael Frister 09cbe712b2 Login: Fix log warning being shown on not allowed password change 11 years ago
Michael Frister 0978e24dc0 AccountController#register: Refactor omniauth part into own method 11 years ago
kgalli 9e4f84844b Removal of trailing white spaces 11 years ago
kgalli a4b155eef2 Removal of unnecessary auth_hash method 11 years ago
kgalli 8f0c7cbfcd bugfix for register method and refactoring of specs 11 years ago
kgalli 5cb176124a add omniauth failure callback and specs for omniauth login/registration 11 years ago
Michael Frister 068c04b1d1 AccountController: Rename method 11 years ago
kgalli decc834ea6 Replace of flash notice for registration scenarios with automatic login 11 years ago
kgalli 35c334c6c5 redirect to first_login page for all new users to set accessibility mode 11 years ago
Michael Frister d16e062b41 Omniauth: Fix lost_password deciding whether to allow reset 11 years ago
Michael Frister 475d0b33c5 Omniauth: Allow correcting validation errors via registration form 11 years ago
Michael Frister 673c620306 Begin to replace OpenID with omniauth 11 years ago
Michael Frister 3c324bdc42 Use strong_parameters for User, remove safe_attribtues 11 years ago
Johannes Wollert 8b096975fe updates copyright headers 11 years ago
Michael Frister 626848551b Rename Redmine::Configuration to OpenProject::Configuration 11 years ago
Philipp Tessenow a1e67dd460 new copyright header #1903 11 years ago
Michael Frister 1a848ee2f5 Add password expiry check 11 years ago
Philipp Tessenow 7aeb2fc979 fix #1405: fake invalid credentials when a blocked user tries to login 11 years ago
Michael Frister 4e439e2551 Don't show notice about brute force prevention when it's disabled 11 years ago
Michael Frister d01ec32b3d Block user on too many failed logins within specific period 11 years ago
Michael Frister c75820a3e1 Don't force password change after using lost password 12 years ago
Michael Frister 7ba90102a7 Add option to force a user to change password on next login 12 years ago
Michael Frister 089db98541 Improve password complexity requirements 12 years ago
Jens Ulferts 21459a384f provide every possible file with a short copyright notice 12 years ago
Philipp Tessenow ec3829e11b be careful with nested namespace'd controllers in our controllers 12 years ago
Jens Ulferts d5daa90937 prevents exploiting implicit mysql typecasting 12 years ago
Martin Linkhorst 6eafde439d force attributes to be set where needed 12 years ago
Martin Linkhorst 2ed585a297 converted account activation requested email 12 years ago
Martin Linkhorst a585c1b437 renamed lost_password to password_lost 12 years ago
Martin Linkhorst 727a232d3d use the new mailer! 12 years ago
Tom Rochette eed627011c Login should redirect to welcome/home page if already logged in. 13 years ago
Stephan Eckardt 28d7bb1198 Show a notification about account activation on failed login due to inactive account 13 years ago
Gregor Schmidt bc1aa80f02 Adding welcome page and asking for impaired settings 13 years ago
Holger Just 91070236db Set source encoding to UTF-8 13 years ago