Arpit Jalan
67357b84b9
FIX: only allow one user to be created per invite
2018-04-27 19:21:10 +05:30
Neil Lalonde
bd77795d7a
REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges
2018-04-26 13:25:24 -04:00
Joffrey JAFFEUX
73a1be0d57
Fix spec
2018-04-26 17:19:44 +02:00
Joffrey JAFFEUX
b9c7e09a4e
linting
2018-04-26 15:21:02 +02:00
Joffrey JAFFEUX
9fabf2543b
dashboard next: activity metrics and new contributors
...
This commit also introduces a better grouping of data points.
2018-04-26 14:49:41 +02:00
Gerhard Schlager
3f6d1a583e
Add helper for grouping by periods
...
The methods are still experimental and might change without notice!
You need to add `include DateGroupable` to your model before you can use it like this:
`User.smart_group_by_date("users.created_at", start_date, end_date)`.count
2018-04-24 23:31:26 +02:00
Robin Ward
456e40a709
FIX: Don't allow a user to become TL3 if they've ever been penalized
...
Previously the code would only check if they were *currently* suspended
or silenced.
2018-04-24 15:15:32 -04:00
Gerhard Schlager
ed4c0c4a63
FEATURE: Add option to delete all replies of flagged post
2018-04-24 11:08:05 -04:00
Arpit Jalan
0a442977b3
FEATURE: add staff action log for post approvals
2018-04-23 11:28:44 +05:30
Guo Xiang Tan
9eabf7c02c
Fix randomly failing specs due to SearchLog cache.
2018-04-23 10:10:10 +08:00
Neil Lalonde
70f2c5d3fd
FEATURE: move staff tags setting to tag group settings
2018-04-20 15:34:23 -04:00
Arpit Jalan
91bf10bd12
FIX: create upload record for exported csv files
2018-04-20 00:27:49 +05:30
Joffrey JAFFEUX
58a53017c9
simplify code
2018-04-19 18:26:30 +02:00
Joffrey JAFFEUX
0e414d0890
dashboard next: trending search report
...
This commit also improves how data is loaded sync and async
2018-04-19 18:19:21 +02:00
Régis Hanol
45850a0cd6
FIX: don't break when posting invalid URIs
2018-04-19 12:29:35 +02:00
Joffrey JAFFEUX
01c061d20d
dashboard next: perf and UI tweaks
...
* cache CORE reports
* adds backups/uploads section
* few css tweaks
2018-04-18 21:30:41 +02:00
Neil Lalonde
8fc1289172
move topic excerpt code to one method to DRY it up and for extensibility
2018-04-17 15:08:21 -04:00
Joffrey JAFFEUX
2b8307c6c3
dashboard next: minor improvements
...
* rename route to dashboard-next
* better scaling of charts for large data sets
* adjust trend position to avoid overlap
* makes sure silenced/suspended is made on real users
* correctly format data when only one data point
* minor refactoring
2018-04-17 11:01:06 +02:00
Joffrey JAFFEUX
06b6c805d5
dashboard next: adds report for user types
2018-04-16 13:03:43 +02:00
Arpit Jalan
9353ae4b5d
Remove obsolete per topic unsubscribe page.
2018-04-16 16:11:20 +05:30
Neil Lalonde
3e9230714f
UX: moved posts message links to the first post at the destination topic
2018-04-13 12:47:36 -04:00
Arpit Jalan
00f59f648d
Merge pull request #5755 from techAPJ/flag-webhook
...
FEATURE: webhook for flag events
2018-04-13 07:50:21 +05:30
Arpit Jalan
a16b616861
FEATURE: webhook for flag events
2018-04-13 07:47:58 +05:30
Guo Xiang Tan
6e46f81123
Add a distributed mutex around user creation via SSO.
...
* When two SSO requests containing the same email in the payload are
sent at the same time, it would sometimes result in two users
being created but one without an email record. Investigations
points to ActiveRecord not generating the right statements but
we have no figured out the reproduction steps yet. We should review
this after upgrading to Rails 5.2.
2018-04-12 16:18:49 +08:00
Vinoth Kannan
19e8f9af13
Remove support for theme settings in raw handlebar templates
2018-04-11 18:21:04 +05:30
Arpit Jalan
9ca6ebe8fe
FEATURE: enforce tagging on categories
2018-04-11 07:15:24 +05:30
Guo Xiang Tan
874003b7b1
FIX: Group can't be deleted if certain users are demoted.
2018-04-10 14:19:35 +08:00
Sam
fe37ce165d
correct issue where groups was never being blanked
2018-04-10 15:30:18 +10:00
Sam
afaeb20f27
FEATURE: Add option to have sso synchronize group membership
...
In some cases add_groups and remove_groups is too much work, some sites
may wish to simply synchronize group membership based on a list.
When sso_overrides_groups is on all not automatic group membership is
sourced from SSO. Note if you omit to specify groups, they will be cleared
out.
2018-04-10 13:17:23 +10:00
Guo Xiang Tan
c82b2dcc24
Remove admin group management pages.
2018-04-09 15:14:50 +08:00
osamasayegh
ce1a6f2fd8
FEATURE: Theme settings in handlerbars templates
2018-04-09 16:47:28 +10:00
Neil Lalonde
e33aef729f
FIX: unable to save groups with mixed case names
2018-04-06 16:12:35 -04:00
Gerhard Schlager
cd6a99a027
FEATURE: Send a different PM when a post has been hidden more than once
2018-04-05 14:03:21 +02:00
Gerhard Schlager
f2d00e5eff
FEATURE: Use Message-ID for detecting email replies to group
...
Ignores the site setting "find_related_post_with_key" and always tries to honor the `In-Reply-To` and `References` header for emails sent to a group.
The senders email address must be included in the `To` or `CC` header of a previous email sent to the group and the `Message-ID` of that email must be included in the current email's `In-Reply-To` or `References` header.
2018-04-05 11:00:38 +02:00
Sam
f8637ed616
FIX: if a message is *partially* archived consider it not archived
2018-04-05 17:17:47 +10:00
Vinoth Kannan
434cbc649f
FEATURE: Webhook for tag events
2018-04-04 17:49:20 +05:30
Arpit Jalan
c36e201eb3
FIX: update categories topic_count when converting topic to a PM and vice versa
2018-04-04 12:01:56 +05:30
Guo Xiang Tan
00d879ec63
Fix the build.
2018-04-03 00:44:12 +08:00
Guo Xiang Tan
2498403bc3
Revert "FIX: Username uniqueness check should not happen to current user_id"
...
This reverts commit f71a18facd
.
2018-04-03 00:44:04 +08:00
Vinoth Kannan
f71a18facd
FIX: Username uniqueness check should not happen to current user_id
2018-04-02 21:59:11 +05:30
Guo Xiang Tan
221503cd10
FIX: Add server side uniqueness validations for `Group#name` and `User#username`.
...
https://meta.discourse.org/t/groups-can-be-given-same-name-as-existing-username/74010
2018-04-02 18:19:18 +08:00
Guo Xiang Tan
d2a8f40fb0
Merge pull request #5711 from Supermathie/learn_cdn_url_hostname
...
FIX: CDN_URL hostname should be in GlobalSetting.hostnames
2018-04-02 16:39:24 +08:00
Guo Xiang Tan
142571bba0
Remove use of `rescue nil`.
...
* `rescue nil` is a really bad pattern to use in our code base.
We should rescue errors that we expect the code to throw and
not rescue everything because we're unsure of what errors the
code would throw. This would reduce the amount of pain we face
when debugging why something isn't working as expexted. I've
been bitten countless of times by errors being swallowed as a
result during debugging sessions.
2018-04-02 13:52:51 +08:00
Vinoth Kannan
efb19dbdaf
Merge pull request #5705 from discourse/new_webhooks
...
FEATURE: Webhook for group and category events
2018-04-02 10:53:21 +05:30
Robin Ward
eab64710ff
FIX: Shared draft performance fix + missing avatars
2018-03-28 16:11:43 -04:00
Robin Ward
4b5977aa6a
Revert "PERF: Don't join on shared drafts unless you have to"
...
This reverts commit efedd9745f
.
2018-03-28 15:35:13 -04:00
Robin Ward
efedd9745f
PERF: Don't join on shared drafts unless you have to
2018-03-28 13:57:39 -04:00
Robin Ward
31d0998506
FIX: Don't allow links with no href
2018-03-28 12:32:16 -04:00
Michael Brown
976d6b290c
FIX: CDN_URL hostname should be in GlobalSetting.hostnames
2018-03-27 15:20:22 -04:00
Neil Lalonde
eb714d8ae3
FIX: application request count keys not expiring in redis
2018-03-27 15:12:39 -04:00
Neil Lalonde
2bd44bbf13
WebCrawlerRequest.clear_cache needs to clear user agent list too
2018-03-27 15:11:48 -04:00
Neil Lalonde
7311023a52
Merge pull request #5700 from discourse/crawl-block
...
FEATURE: control web crawlers access with white/blacklist
2018-03-27 15:06:03 -04:00
Neil Lalonde
4d12ff2e8a
when writing cache, remove elements from the user agents list. also return a message and content type when blocking a crawler.
2018-03-27 13:44:14 -04:00
Arpit Jalan
518f7ba91b
FIX: show private message topic count on admin dashboard reports
2018-03-27 17:10:33 +05:30
Vinoth Kannan
e7407d0adc
FEATURE: Webhook for group and category events
2018-03-27 11:53:35 +05:30
Neil Lalonde
f2c060bdf2
FEATURE: option for tags in a tag group to be visible only to staff
2018-03-26 17:05:09 -04:00
Guo Xiang Tan
35745166b5
UX: New group membership management workflow.
...
https://meta.discourse.org/t/adding-owners-members-ux-is-inconsistent-and-misleading/58084
2018-03-26 16:15:02 +08:00
Guo Xiang Tan
3d18cd1d9d
Raise error when timestamp is invalid when creating topic timers.
...
https://meta.discourse.org/t/topic-timer-doesnt-work-for-fa-ir-locale/83702
2018-03-26 11:33:52 +08:00
Neil Lalonde
ced7e9a691
FEATURE: control which web crawlers can access using a whitelist or blacklist
2018-03-22 15:41:02 -04:00
Guo Xiang Tan
fa95699fde
Fix the build.
2018-03-22 14:20:27 +08:00
Guo Xiang Tan
f3b402ffd5
UX: Allow users to filter members on group page.
...
* Only admins are allowed to filter users by email.
2018-03-22 14:02:41 +08:00
Guo Xiang Tan
bfe38b2118
FIX: `limit` wasn't correctly applied to `Upload.migrate_to_new_scheme`.
2018-03-22 10:56:06 +08:00
Arpit Jalan
d96c1058a2
FEATURE: add staff action log for 'restore topic'
2018-03-21 18:04:13 +05:30
Robin Ward
b9abd7dc9e
FEATURE: Shared Drafts
...
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.
* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.
* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.
* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.
* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Robin Ward
b39fbf7187
A staff member can hide another staff's member's post by flagging
2018-03-20 09:38:23 -04:00
Guo Xiang Tan
d0e7898fa0
Build `primary_email` association directly in `DiscourseSingleSignOn`.
2018-03-20 19:36:35 +08:00
Guo Xiang Tan
15bcfcd182
UX: Allow users to filter by different group types on groups page.
2018-03-20 17:38:11 +08:00
Guo Xiang Tan
69a53210d3
Improve `UserEmail#email` validation to use the index.
2018-03-20 10:22:06 +08:00
Neil Lalonde
4d44024c82
FIX: error when trying to block an IP address. Return a message when IP address matches an existing screened IP address, including ranges.
2018-03-19 14:34:43 -04:00
Guo Xiang Tan
0522aabaab
UX: Allow user_count on groups page to be sortable.
2018-03-19 16:15:13 +08:00
Guo Xiang Tan
9e8d10f711
Fix the build.
2018-03-19 12:34:21 +08:00
Guo Xiang Tan
52b9af10a1
PERF: PG queries for the `UserEmail#email` column was not using the index.
2018-03-19 11:31:14 +08:00
Arpit Jalan
f053e4cf37
Merge pull request #5682 from techAPJ/allowed-tags-page
...
FIX: show only allowed tags on PM tags page and display correct count
2018-03-17 08:29:00 +05:30
Gerhard Schlager
864bdbd9b6
Fix the build
2018-03-16 22:55:42 +01:00
Gerhard Schlager
6c736a1fa4
FIX: Translation overrides for flag types didn't expire cache
2018-03-16 22:10:19 +01:00
Arpit Jalan
e9bc763440
FIX: show only allowed tags on PM tags page and display correct count
...
FIX: tags page should link to user profile we are browsing
2018-03-17 00:17:48 +05:30
Guo Xiang Tan
c85e1fdb50
Revert "PERF: Query for email was not using index."
...
This reverts commit 65eb046e69
.
2018-03-16 15:31:39 +08:00
Guo Xiang Tan
65eb046e69
PERF: Query for email was not using index.
2018-03-16 15:19:35 +08:00
Guo Xiang Tan
fe96ef6ed2
UX: Use topic list for displaying group messages on group page.
...
https://meta.discourse.org/t/group-inbox-on-a-groups-page-mockup/71319
2018-03-16 11:56:40 +08:00
Guo Xiang Tan
937372df02
Merge pull request #5677 from jjaffeux/fix-ruby-warning-keyword
...
FIX: prevents ruby warning with circular reference
2018-03-16 09:31:54 +08:00
Sam
5474635361
add more safety
2018-03-16 11:19:06 +11:00
Joffrey JAFFEUX
c0a986c181
FIX: prevents ruby warning with circular reference
2018-03-15 15:48:40 +01:00
Sam
c589564f6a
FIX: color schemes not updating when remote saves
2018-03-15 18:26:54 +11:00
Neil Lalonde
5ce8177662
FIX: unable to delete user belonging to a group that grants a trust level
2018-03-14 15:12:11 -04:00
Michael Brown
1b5549df58
FIX: my sso_overrides_username assumed username was passed
2018-03-13 18:29:11 -04:00
Arpit Jalan
7d375690c1
Merge pull request #5667 from techAPJ/pm-tags-page
...
FEATURE: replace PM tags dropdown with a dedicated tags page
2018-03-13 13:08:21 +05:30
Arpit Jalan
24338fbbe8
FEATURE: replace PM tags dropdown with a dedicated tags page
2018-03-13 13:06:58 +05:30
Guo Xiang Tan
d5c828213f
FIX: Circular references warning in `TopicTrackingState`.
2018-03-13 08:35:15 +08:00
Robin Ward
65ac80b014
FEATURE: Log Staff edits in Staff Action Logs
...
Why? Some edits by staff are not tracked. For example, during the grace
period, or via the flags/silence dialog.
If a staff member is editing someone else's post, it now goes into the
Staff Action Logs so it can be audited by other staff members.
2018-03-12 13:51:40 -04:00
Arpit Jalan
82143a421c
FIX: `max topic invitations per day` should apply on PM invites as well
...
FIX: do not apply `max topic invitations per day` on email invites
2018-03-12 23:17:58 +05:30
Sam
758b9a7dda
FEATURE: prototype of local theme directory watcher
...
(note this will be documented a bit late)
2018-03-12 18:36:06 +11:00
Arpit Jalan
12706c4b29
FEATURE: support markdown rendering for embedded posts
2018-03-11 08:00:48 +05:30
Michael Brown
3c3d205180
FIX: sso_overrides_username may inappropriately change the username if the case changed
2018-03-09 16:06:55 -05:00
Guo Xiang Tan
0e1b896821
Explicitly assign primary_email record when creating a user
...
* This looks like we're doing the same thing but
we're debugging a race condition where a user
can be created without an email record. Therefore,
we prefer the more obvious method of assigning an
association.
2018-03-09 15:59:46 +08:00
Sam
39e679d3cb
FEATURE: allow themes to live in private git repos
...
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
Guo Xiang Tan
a89f3160a5
Add new config to ensure backup/restore connects to PG directly.
...
* In `pg_dump` 10.3+ and 9.5.12+, in
it does a `SELECT pg_catalog.set_config('search_path', '', false)`
which changes the state of the current connection. This is known
to be problematic with Pgbouncer which reuses connections. As such,
we'll always try to connect directly to PG directly during
the backup/restore process.
2018-03-09 10:28:03 +08:00
Arpit Jalan
4b23634092
FIX: converting topic to message for a second time was broken
2018-03-08 17:59:04 +05:30
Arpit Jalan
0c2be8b775
Merge pull request #5655 from techAPJ/pm-tags-dropdown
...
FEATURE: filter personal messages by tags
2018-03-08 16:30:38 +05:30
Arpit Jalan
a8149f8969
FIX: user should not be able to invite to PM if trust level requirment not met
...
FIX: when personal messages are disabled let user invite to a public topic
2018-03-08 14:59:04 +05:30
Arpit Jalan
c29660c8f1
FEATURE: filter personal messages by tags
2018-03-08 14:42:07 +05:30
Neil Lalonde
1093dacc03
FIX: bulk importers need to create category description topics
2018-03-07 12:10:22 -05:00
Guo Xiang Tan
3045c589f6
FIX: Publish live messages to both team inbox and archive on update.
2018-03-07 14:01:20 +08:00
Guo Xiang Tan
5169be6080
FIX: User archiving message should also publish to sent section.
2018-03-07 11:39:23 +08:00
Guo Xiang Tan
bef35f7be5
FIX: User archive messages should only publish to the user.
2018-03-07 11:28:29 +08:00
Robin Ward
c74d10cf34
FIX: Consider live links in `<code>` as links when counting
2018-03-06 11:46:12 -05:00
Guo Xiang Tan
1365bab0d7
FEATURE: Live updates for user's messages page.
...
https://meta.discourse.org/t/group-inbox-messages-not-updated-for-new-posts/38189
2018-03-06 18:15:21 +08:00
Guo Xiang Tan
13764b31ec
Remove unnecessary attribute in topic tracking payload.
2018-03-06 17:37:53 +08:00
Guo Xiang Tan
d576056cff
REFACTOR: Add basic tests for `TopicTrackingState#publish_*`.
...
* Ensure we don't publish events for PMs.
2018-03-06 17:37:53 +08:00
Gerhard Schlager
8e48b339fa
Drop unused tables ( #5630 )
2018-03-05 17:27:30 -05:00
Guo Xiang Tan
2f65393706
REFACTOR: Use `Topic#private_message?` to reduce duplication.
2018-03-05 15:39:22 +08:00
Guo Xiang Tan
07f1d90b88
FIX: Inviting a group that I am part of creates a notification.
...
https://meta.discourse.org/t/inviting-a-group-to-a-message-does-not-trigger-a-notification-mail/50509/10?u=tgxworld
2018-03-05 13:51:32 +08:00
Guo Xiang Tan
42e0aaed61
FIX: Set first visit PM notification level to group default notification level.
...
https://meta.discourse.org/t/notifications-not-received-for-private-messages-im-invited-to/71577/21?u=tgxworld
2018-03-05 13:39:00 +08:00
Sam
9331b4849d
FEATURE: we need access to settings in theme js
2018-03-05 15:35:41 +11:00
Sam
2c25b9ae12
annotate
2018-03-05 11:06:45 +11:00
OsamaSayegh
282f53f0cd
FEATURE: Theme settings (2) ( #5611 )
...
Allows theme authors to specify custom theme settings for the theme.
Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
Robin Ward
31e3bf6d8d
FEATURE: New "Categories and Top" homepage style
...
Select this option if you want to show top topics on the homepage
instead of latest topics.
2018-03-03 14:26:57 -05:00
Robin Ward
730201d423
New interface to upsert custom fields
2018-03-02 12:45:52 -05:00
Arpit Jalan
334ed74346
Merge pull request #5635 from techAPJ/invite-muted
...
FIX: do not allow invite notifications from muted user/topic
2018-03-02 18:10:17 +04:00
Guo Xiang Tan
6b59a2827d
Add more information to SSO user creation logging.
2018-03-02 18:27:15 +08:00
Guo Xiang Tan
642c60c310
Rename variable so that it is clearer which variable is being referred.
2018-03-02 16:41:02 +08:00
Arpit Jalan
2e202495a3
FIX: do not allow invite notifications from muted user/topic
2018-03-02 12:24:51 +05:30
Guo Xiang Tan
939180efa8
FIX: Missing 2FA guards when sso is enabled or when local login is disabled.
2018-03-02 10:39:10 +08:00
Gerhard Schlager
fffd1a6602
FIX: Associated Instagram account was missing at some places
2018-03-01 12:26:40 +01:00
Guo Xiang Tan
947b6fdf46
FIX: Incorrect rate limit applied to topics invitation flow.
2018-03-01 12:50:00 +08:00
Robin Ward
b283bb2ba7
FIX: Don't include unlisted topic in groups/posts
2018-02-28 14:40:18 -05:00
Guo Xiang Tan
e7a7356986
Remove ancient votes code that is no longer used.
2018-02-28 14:37:22 +08:00
Guo Xiang Tan
902c5d11cf
FIX: Don't allow other flag actions after `notify_moderator` has happened.
...
https://meta.discourse.org/t/receiving-sorry-an-error-has-occurred-during-flagging-step-of-discobot-tutorial/77233/5
2018-02-28 11:27:56 +08:00
Gerhard Schlager
c22e56499a
FIX: Allow changing post owner even when validations fail
2018-02-27 15:46:20 +01:00
Guo Xiang Tan
66d620f7b1
FEATURE: Trigger topic webhook when topic status is updated.
2018-02-27 11:07:37 +08:00
Robin Ward
c7a37f391a
New event when a flag is handled
2018-02-26 18:51:51 -05:00
Gerhard Schlager
5ca5817902
FIX: Only likes should change the given daily likes
2018-02-26 22:27:18 +01:00
Guo Xiang Tan
c1f53e1ece
UX: Invited users should watch PM topic once topic has been visited.
...
https://meta.discourse.org/t/notifications-not-received-for-private-messages-im-invited-to/71577/11
2018-02-26 17:58:58 +08:00
Guo Xiang Tan
982e5bae3a
Update annotations.
2018-02-26 15:32:04 +08:00
Guo Xiang Tan
6a88f7db61
Notification created for wrong user after invite.
...
Introduced in c64f09b6b7
2018-02-26 13:21:19 +08:00
Guo Xiang Tan
31242335a6
Revert "Fix the build."
...
This reverts commit 07f928e05e
.
2018-02-26 13:08:10 +08:00
Guo Xiang Tan
07f928e05e
Fix the build.
2018-02-26 12:42:55 +08:00
Guo Xiang Tan
c64f09b6b7
REFACTOR: Simplify and DRY `Group#invite`.
2018-02-26 11:59:07 +08:00
Arpit Jalan
709f201bd4
FIX: update group user count when bulk adding users
2018-02-23 14:29:56 +05:30
Sam
6f076963f2
FIX: incorrect caching of theme keys
2018-02-23 17:58:13 +11:00
Guo Xiang Tan
dd26bbe868
Merge pull request #5610 from discourse/pm-tags
...
FEATURE: Allow staffs to tag PMs
2018-02-23 07:07:41 +08:00
Vinoth Kannan
7cbda949f1
REFACTOR: New spec tests and code improvement
2018-02-22 20:27:02 +05:30
Guo Xiang Tan
bbb30bedf3
Improve output of SSO verbose logging.
2018-02-22 11:26:13 +08:00
Sam
720e1965e3
FEATURE: add category suppress from latest
...
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.
New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
Vinoth Kannan
2b509eaa91
Merge branch 'master' into pm-tags
2018-02-21 23:55:59 +05:30
Neil Lalonde
81e873138f
FIX: error when deleting a tag associated with a deleted topic
2018-02-21 12:35:53 -05:00
Vinoth Kannan
84ce1acfef
FEATURE: Allow staffs to tag PMs
2018-02-21 20:11:46 +05:30
Guo Xiang Tan
8964e75ad6
Merge pull request #5612 from discourse/featheredtoast-two-factor-login
...
Featheredtoast two factor login
2018-02-21 15:00:10 +08:00
Guo Xiang Tan
14f3594f9f
Review Changes for f4f8a293e7
.
2018-02-21 14:55:49 +08:00
Robin Ward
5c40ae9e63
FIX: Links in quotes should be counted for rate limits
2018-02-20 20:42:01 -05:00
Jeff Wong
f4f8a293e7
FEATURE: Implement 2factor login TOTP
...
implemented review items.
Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator
add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests
add qunit tests - password reset, preferences
fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.
Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP
add two factor to email signin link
rate limit if second factor token present
add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00