Commit Graph

192 Commits (b7442d65715a341db7b5460c7b4efd8f3cba482a)

Author SHA1 Message Date
Michael Frister 673c620306 Begin to replace OpenID with omniauth 11 years ago
Michael Frister 3c324bdc42 Use strong_parameters for User, remove safe_attribtues 11 years ago
Johannes Wollert 8b096975fe updates copyright headers 11 years ago
Michael Frister 626848551b Rename Redmine::Configuration to OpenProject::Configuration 11 years ago
Philipp Tessenow a1e67dd460 new copyright header #1903 11 years ago
Michael Frister 1a848ee2f5 Add password expiry check 11 years ago
Philipp Tessenow 7aeb2fc979 fix #1405: fake invalid credentials when a blocked user tries to login 11 years ago
Michael Frister 4e439e2551 Don't show notice about brute force prevention when it's disabled 12 years ago
Michael Frister d01ec32b3d Block user on too many failed logins within specific period 12 years ago
Michael Frister c75820a3e1 Don't force password change after using lost password 12 years ago
Michael Frister 7ba90102a7 Add option to force a user to change password on next login 12 years ago
Michael Frister 089db98541 Improve password complexity requirements 12 years ago
Jens Ulferts 21459a384f provide every possible file with a short copyright notice 12 years ago
Philipp Tessenow ec3829e11b be careful with nested namespace'd controllers in our controllers 12 years ago
Jens Ulferts d5daa90937 prevents exploiting implicit mysql typecasting 12 years ago
Martin Linkhorst 6eafde439d force attributes to be set where needed 12 years ago
Martin Linkhorst 2ed585a297 converted account activation requested email 12 years ago
Martin Linkhorst a585c1b437 renamed lost_password to password_lost 12 years ago
Martin Linkhorst 727a232d3d use the new mailer! 12 years ago
Tom Rochette eed627011c Login should redirect to welcome/home page if already logged in. 13 years ago
Stephan Eckardt 28d7bb1198 Show a notification about account activation on failed login due to inactive account 13 years ago
Gregor Schmidt bc1aa80f02 Adding welcome page and asking for impaired settings 13 years ago
Holger Just 91070236db Set source encoding to UTF-8 13 years ago
Romano Licker 0048ee49ac [#671] include password in user form 13 years ago
Holger Just 07185fb169 [#436] Remove trailing whitespace 14 years ago
Eric Davis 99507a0391 [#197] Upgrade the copyright in the code files 14 years ago
Eric Davis e131c3b531 [#197] Remove old copyrights 14 years ago
Eric Davis ed252f7246 [#309] Set the back_url after sending a lost password so HTTP_REFERER isn't used 14 years ago
Eric Davis 1eee7312f6 [#289] Remove single helpers in favor of :all in ApplicationController 14 years ago
Felix Schäfer 10dffcf3b9 Get the autologin cookie name from the config #273 14 years ago
Jean-Philippe Lang ef32606c43 Set the httponly flag on the autologin cookie. 14 years ago
Jean-Philippe Lang 4adf3abf83 Makes the autologin cookie configurable (#1763). 14 years ago
Eric Davis 8dde6e019d Merged r3906 from trunk. 14 years ago
Eric Davis 13234f8552 Refactor: Add methods to User to edit the encapsulate the status field. 14 years ago
Jean-Philippe Lang e109c9b6b6 Do not reset session when a non logged in user request the login form (#4958). 15 years ago
Eric Davis afdcd770dc Refactor: Extract method 15 years ago
Eric Davis bc79caaf69 Refactor: Extract method 15 years ago
Eric Davis d2baf5f2a7 Log failed user logins to the Rails logger 15 years ago
Eric Davis c478fa7f90 Extract method 15 years ago
Eric Davis 0844a22b02 Refactor: Use the existing method for failing onthefly creations. 15 years ago
Jean-Philippe Lang 488c192286 Removes "xxx and return" calls (#4446). 15 years ago
Jean-Philippe Lang a842769c3f AccountController#show (/account/show/:id) moved to UsersController#show (/users/:id). 15 years ago
Jean-Philippe Lang ac56d1d5e5 Do not show user profile if no visible project or activity (#4129, #3720). 15 years ago
Eric Davis e48cc150ec Added a plugin hook for :controller_account_success_authentication_after 16 years ago
Jean-Philippe Lang 4181f85962 Fixes that user's last_login_on was not set when using registration with automatic activation. 16 years ago
Jean-Philippe Lang 21eb3c089d Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820). 16 years ago
Eric Davis 24ee6b9a1b Fixed the bug in the OpenID registration where the form wouldn't take a login 16 years ago
Eric Davis aed1787d51 Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't 16 years ago
Jean-Philippe Lang ff9da0bab0 Removes the fat ruby-openid gem. Simply use 'gem install ruby-openid' to enable openid support. 16 years ago
Eric Davis 8d53e433c5 Added a system setting for allowing OpenID logins and registrations 16 years ago