Commit Graph

25 Commits

Author SHA1 Message Date
Robin Ward 5771d2aee2 SECURITY: Support for confirm old as well as new email accounts 2016-03-08 14:52:22 -05:00
Sam 32c681c96b annotate models 2016-02-23 10:33:53 +11:00
Neil Lalonde c7df6783a9 FIX: only invalidate password reset links using javascript 2016-01-04 11:48:54 -05:00
Arpit Jalan 03665e8466 FIX: mark user as approved if an invite is already present 2015-06-26 01:57:29 +05:30
Godfrey Chan 7ddf1df3e0 FIX: honor `email_token_grace_period_hours` setting correctly
The documentation said that the unit for this setting is in *hours*, but the
code is treating it as *seconds*. Also, `Numeric#ago` has been deprecated since
Rails 4.1 (precisely to help prevent these kind of bugs) and will go away in
Rails 4.2.
2014-10-11 15:02:15 -07:00
Akshay 9524b514c6 Fix access specifiers with private_class_methods instead of removing directly 2014-10-04 09:20:41 +05:30
Sam 414c6d191f FIX: remove nullable dates post upgrade to Rails 4 2014-08-27 15:19:25 +10:00
Robin Ward ed125975a1 SECURITY: Prefix session key and validate token format. 2014-08-25 15:31:49 -04:00
Neil Lalonde 5454c1ed24 Updated model anotations 2014-08-22 13:01:44 -04:00
Neil Lalonde 01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Arpit Jalan b301391116 FEATURE: redeem Invite when user sign up 2014-07-04 02:03:04 +05:30
Sam 60d93a62f6 FIX: tighten up email token durations 2014-07-02 09:08:25 +10:00
Sam b1d5f4440b Annotate models 2014-05-28 12:30:57 +10:00
Sam 862a6696c0 Correct annotations
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol 6373de550f update annotations 2014-04-08 17:35:44 +02:00
Robin Ward aa3f7f764d You can only reuse email tokens within 24 hours. 2014-03-04 14:03:04 -05:00
Robin Ward 90a1cb5bec Change email token expiry to 24 hours instead of 1 week 2014-03-04 13:02:48 -05:00
Stephan Kaag 89b621d31a Refactor update_all statements in order to prevent deprecation warnings in Rails 4 2013-07-02 18:36:47 +02:00
Sam ca2dee52db moved comments to the bottom, they are way less intrusive there 2013-05-24 12:48:32 +10:00
Sam 2cd95bc649 lets try out annotations 2013-05-24 12:35:14 +10:00
Gosha Arinich 6e5399d544 minor cleanup, using AR querying DSL over raw SQL in some places 2013-02-28 21:54:12 +03:00
Neil Lalonde fc33c63585 EmailToken.active needs to check created_at too 2013-02-22 15:20:00 -05:00
Neil Lalonde ff3e012034 Add a link that allows you to send activation email again 2013-02-22 11:49:58 -05:00
Jakub Arnold 61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00