Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
48,301 Commits 215 Branches 500 Tags 859 MiB
Commit Graph

133 Commits

Author SHA1 Message Date
Régis Hanol b56b11d96a add qunit to autospec 2013-11-01 23:57:50 +01:00
Neil Lalonde b06f928568 Fix missing provider param message when using Persona 2013-09-23 09:46:25 -07:00
Emili Parreno ee96fabcba Allow CAS authentication 2013-08-28 14:34:51 +02:00
Sam 61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Sam c4a0152dc6 recover from bad CSRF tokens without requiring a hard refresh of the browser 2013-08-27 15:56:12 +10:00
Sam 213ce33af2 Fixed all broken specs 
Moved middleware config into authenticators
 2013-08-26 12:59:17 +10:00
Sam b52aba15e0 major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-26 12:59:17 +10:00
Michael Kirk 9e8d8870f5 fixed: record Oauth2 user email 2013-08-19 11:21:27 -07:00
Michael Kirk 4af8a9102e Authenticate with Discourse via OAuth2 
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
 2013-08-17 21:45:20 -07:00
Sam 803d023e23 Fixed GitHub auth, GitHub can provide us with a valid email - so automatically log in for those cases 2013-08-02 12:16:44 +10:00
Sam 160107a712 working plugin interface for custom openid auth, custom css and custom js 2013-08-01 16:02:43 +10:00
Sam aa6c92922d SECURITY: correct our CSRF implementation to be much more aggressive 2013-07-29 15:13:13 +10:00
Sam c7697bbae2 remove duplicate code 2013-07-16 15:44:38 +10:00
Andreas Haller 661f2057f7 Improve the omniauth controller specs. Fix the email provided by CAS. Get name from CAS attributes. 
* Make omniauth controller specs more robust by using shared examples for all authentication providers in controller spec. – Still passing. Yay!

* Return "casuser", instead of "casuser@" when no cas_domainname is configured.

* If no cas_domainname is configured, the CAS authentication would return "casuser@" for the users email field, because it tried to assume the email adress of the CAS user by it's username + cas_domainname.
  Now it just returns the username instead of adding an "@" if cas_domainname is not configured.
  This especially makes sense on CAS setups where the username equals the users email adress.
  The old behaviour, if cas_domainname is configured, was not changed.

* Fetch the email from CAS attributes if provided
  If the cas:authenticationSuccess (handled via omniauth-cas) response gives us an email use that.
  If not, behave as before (username or username@cas_domainname).

* Fetch the (full) name from CAS attributes if provided
  If the CAS response by omniauth provides a [:info][:name] field, prefer this over the uid, because we want the name to be a "Full Name", instead of just a "shortname"
 2013-07-04 12:01:39 +02:00
Dmitriy Budnik 2722029d38 stylistic refactorings 
w/ less syntactic sugar
 2013-06-25 18:23:23 +03:00
Juan de Dios Herrero 96d23ddd8d Refactored user_name suggestion methods into a module to reduce the complexity of User model 2013-06-06 16:40:10 +02:00
Chris Hunt acf147ef88 Disable OmniAuth account creation if 'invite only' 2013-06-05 11:11:02 -07:00
Sam 5e305eaf0a missing skip filter for omniauth 2013-06-05 10:30:51 +10:00
Erik Ordway 364a59d344 remove hardcoded value and replace with SiteSetting.cas_domainname 2013-05-29 15:47:49 -07:00
Erik Ordway 1575ce7b10 add cas support with a few tests 2013-05-23 13:40:50 -07:00
Mark Rushakoff 56acb5fcce Don't call to_sym on param 2013-04-08 22:55:39 -07:00
Robin Ward 738789f336 Admins can't lock themselves out of a site by setting approval. 2013-04-03 12:23:28 -04:00
Karan Misra 5dfb04e4b3 Convert a lot of :a => b to a: b and bring peace to the world 2013-03-25 05:07:36 +05:30
Sarah Vessels 54c7b1ab63 Use consistent new-style hashes in render calls *twitch* 2013-03-22 14:08:11 -04:00
Régis Hanol 239cbd2d58 enforce coding convention 
replaced every `and` by `&&` and every `or` by `||`
 2013-03-05 01:42:44 +01:00
Robin Ward 51f6ae69c9 Check when logging in whether a auth provider is enabled, including specs 2013-03-04 13:44:41 -05:00
Dan Callahan 23d812a4ab Use AJAX for submitting Persona credentials. 
Fixes issue with needing to unblock popups.
 2013-03-01 14:00:56 -06:00
Dan Callahan ef8cf2f734 Add basic Persona functionality 
1. No session integration yet, so automatic login/logout events are suppressed.

2. Popup blockers must be disabled: submits form to target="_blank"
 2013-03-01 14:00:56 -06:00
nverba b45f872c04 Added Github authentication option, disabled by default with enable options in settings. 2013-02-26 05:00:21 +00:00
Neil Lalonde 3ca2d92b2f Fix the missing {{provider}} value message 2013-02-19 16:28:12 -05:00
Jesse Pollak ad5a5b4866 This commit adds a callback route to handle omniauth failure and removes a few unneccessary entries in en.yml 2013-02-14 18:08:40 -08:00
Robin Ward f00006ee7d Fix broken Yahoo! signup. 2013-02-13 12:37:48 -05:00
xdite 9189d937f7 move all logic to omniauth 
implement omniauth-facebook / omniauth-twitter
 2013-02-13 15:08:38 +08:00