Commit Graph

33 Commits

Author SHA1 Message Date
Guo Xiang Tan 14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward 4ae1bbaeba FIX: Only show the full suspension reason on the admin side 2017-12-07 13:27:02 -05:00
Robin Ward 971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Robin Ward 6bce3004d9 UX: Nicer selection of suspend duration 2017-09-25 12:28:00 -04:00
Neil Lalonde 9ae8813a53 FIX: admin user page should show count of all posts, including private messages, so admins can delete them. This bug was making it impossible to delete users. 2017-03-17 17:01:45 -04:00
Arpit Jalan 046cbad10b FEATURE: add a button on admin user page that links to action log 2017-02-21 21:38:37 +05:30
Régis Hanol 1e57bbf5c8 Lots bounce emails related fixes
- Show bounce score on user admin page
- Added reset bounce score button on user admin page
- Only whitelisted email types are sent to emails with high bounce score
- FIX: properly detect bounces even when there is no TO: header in the email
- Don't desactivate a user when reaching the bounce threshold
2016-05-06 19:34:33 +02:00
Régis Hanol 5018a8033d FIX: add link to user profile for staged users 2016-01-19 16:41:07 +01:00
Robin Ward e8424bd54e SECURITY: Moderators should not see API keys 2015-10-14 15:40:23 -04:00
Neil Lalonde 608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Robin Ward edb34c178a FEATURE: Show user fields when the user is signing up 2014-09-30 10:45:18 -04:00
riking bff95a6a97 Rename 'leader' -> 'tl3' 2014-09-30 13:16:34 +10:00
Robin Ward 334e21a03a Revert "Revert "FEATURE: Can create warnings for users via PM""
This reverts commit 1c7559380c.
2014-09-08 11:11:56 -04:00
Robin Ward 1c7559380c Revert "FEATURE: Can create warnings for users via PM"
This reverts commit b0bfc1f93f.
2014-09-08 10:38:59 -04:00
Robin Ward b0bfc1f93f FEATURE: Can create warnings for users via PM 2014-09-08 10:27:06 -04:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Neil Lalonde 00c28f2391 Show total likes given. Put likes given/received and flags given/received together. 2014-08-22 15:23:19 -04:00
Neil Lalonde dafc63e3a0 Show how many likes users received in the last 100 days on their admin profile page 2014-08-22 14:37:07 -04:00
Benjamin Kampmann ac3f1ba3d6 Improved Group Member Management on User Administration
Allows for a quick and easy group membership management on the
user-administration page. Uses the select2 UI component to
autosuggest other groups, remove existing ones and lock in automatic
groups.
2014-07-13 20:11:38 +02:00
Vikhyat Korrapati 4c0f85650e Display badge count in the user admin page. 2014-04-16 18:08:10 +05:30
Robin Ward b61df08d1b FEATURE: Admin selector to choose a primary group for a user, display it
and apply a CSS class to their posts.
2014-02-10 17:00:15 -05:00
Neil Lalonde 90e195b2e7 More work on trust level 3 requirements page 2014-01-24 11:56:46 -05:00
Neil Lalonde ae3b53bb76 Add a page in admin to view trust level 3 requirements for a user. Only shows for users who are currently at trust level 2. 2014-01-22 18:17:45 -05:00
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde 92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Robin Ward 348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Neil Lalonde 4fd5087f91 Add button to delete a spammer in the flag modal
Add SiteSettings: delete_user_max_age, delete_all_posts_max. Add delete spammer button to admin flags UI
Moderators can delete users too
2013-07-29 15:29:44 -04:00
Sam 62c60540be pull moderator into own column, rename trust levels 2013-03-19 21:06:11 -07:00
Ismael Abreu 80bec6efc9 Adds grant and revoke moderation buttons so admins can make users moderators 2013-02-14 01:12:23 +00:00
Jakub Arnold 61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Sam Saffron 85973ce6b0 added delete all posts button
wired up the ability to enable all themes
2013-02-07 18:11:56 +11:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00