Commit Graph

22 Commits

Author SHA1 Message Date
David Taylor 6417173082
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
David Taylor c3a54eb30f DEV: Use strings for :user_email job type argument
Job arguments go via JSON, and so symbols will appear as strings in the Job's `#execute` method. The latest version of Sidekiq has started warning about this to reduce developer confusion.
2022-02-04 18:28:18 +00:00
Dan Ungureanu f0c1a4fab8
FIX: Create email token with correct scope ()
`account_created` email contains a URL to `/u/password-reset/TOKEN`
which means that the correct scope for the email token is
`password_reset`, not `signup`.
2022-01-20 16:38:56 +02:00
Dan Ungureanu fa8cd629f1
DEV: Hash tokens stored from email_tokens ()
This commit adds token_hash and scopes columns to email_tokens table.
token_hash is a replacement for the token column to avoid storing email
tokens in plaintext as it can pose a security risk. The new scope column
ensures that email tokens cannot be used to perform a different action
than the one intended.

To sum up, this commit:

* Adds token_hash and scope to email_tokens

* Reuses code that schedules critical_user_email

* Refactors EmailToken.confirm and EmailToken.atomic_confirm methods

* Periodically cleans old, unconfirmed or expired email tokens
2021-11-25 09:34:39 +02:00
Josh Soref 59097b207f
DEV: Correct typos and spelling mistakes ()
Over the years we accrued many spelling mistakes in the code base. 

This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change 

- comments
- test descriptions
- other low risk areas
2021-05-21 11:43:47 +10:00
Gerhard Schlager 5c662128d3
DEV: Rake task for creating admin should ask for full name if required () 2020-11-02 11:12:42 +01:00
Sam Saffron a14313e9d0
FIX: RANDOM_PASSWORD not working rake admin:create
We regressed behavior of this env var which enable admin account
creation with a random password
2020-03-15 17:24:11 +11:00
Hector Bustillos 42758379b9 FEATURE: Adds a message when the passwords doesn't match in rake admin:create () 2019-12-13 11:40:33 +11:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam Saffron abbbcb2622 DEV: allow creating users with random passwords via rake
Use: `RANDOM_PASSWORD=1 bin/rake admin:create`

Handy in conjunction with dev mode /session/username/become.
2018-12-18 11:43:16 +08:00
Arpit Jalan cd66dd1404 fix admin rake task 2018-04-07 16:57:17 +05:30
Sam 0d6cfe45bf tl1 should be enough for grant admin. tl4 is hard to revert 2018-04-05 10:53:11 +10:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. () 2017-07-28 10:20:09 +09:00
Neil Lalonde 0a9e284277 FIX: rake admin:invite sends an email that makes it clear that an account was created for the recipient 2014-09-11 12:49:01 -04:00
Sam f9ae7472b4 FEATURE: rake admin:invite task 2014-09-09 09:04:01 +10:00
Sam 950e5c9965 fix task 2014-09-05 17:49:51 +10:00
Sam a2a78fbad1 FIX: rake admin:create suggests better name
FIX: rake admin:create ensures account active
2014-07-16 17:55:08 +10:00
Arpit Jalan 48940b9bbe Refactor admin create task 2014-07-07 16:58:23 +05:30
Arpit Jalan 7cb67b028d Update admin create task 2014-07-02 13:30:38 +05:30
Arpit Jalan cd07bf5611 Update admin rake task 2014-07-02 02:03:02 +05:30
Sam Saffron e91f944851 BUGFIX: rake task for creating an admin was not activating the account 2014-05-27 12:39:15 +10:00
Pavel Penkov cb3b79407d Added admin:create rake task 2013-06-10 05:56:51 +04:00