a09b20f934
FIX: Google `HD` and `Prompt` settings should be checked at runtime
...
Previously a server restart was required after settings changes, and it did not work in multisite environments
2019-01-31 10:05:25 +00:00
d32900292d
FIX: Don't update `User#last_seen_at` when PG is in readonly take 3.
2019-01-22 18:07:48 +08:00
3c6a8a2bb1
Partially revert 4466fcf1bc.
2019-01-21 15:41:01 +08:00
4466fcf1bc
FIX: Don't update `User#last_seen_at` when PG is readonly take 2.
2019-01-21 13:49:08 +08:00
c732ae9ca9
FIX: Don't update `User#last_seen_at` when PG is in readonly.
2019-01-21 13:29:29 +08:00
9db829134c
FIX: Use database to persist metadata during social registration ( #6750 )
...
Previously was using the cookie_store, which is limited to 4kb. This caused issues for providers sending large volumes of metadata about a user.
2018-12-10 15:10:06 +00:00
502a0fe778
FIX: support connecting GitHub with existing accounts
2018-12-10 09:27:00 +11:00
160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator ( #6739 )
...
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00
86f8734bc0
FIX: Prioritize explicit 'connect' over matching by email
...
This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
2018-12-07 15:05:51 +00:00
3cad3f9df1
DEV: Add profile fetching support to `ManagedAuthenticator`
2018-12-07 15:05:51 +00:00
e117deb2ba
FIX: Improve avatar loading, and add tests
...
Follow-up from 4e2cc9c
2018-12-04 15:09:32 +00:00
4e2cc9caf0
FIX: Use safe navigation operator when looking for avatar URL
2018-12-03 17:28:21 +00:00
9125b5fbc4
DEV: Reformat single line method definition
...
Following comments on 71aaed272c
2018-12-03 15:03:00 +00:00
71aaed272c
DEV: Correct auth_provider deprecation warning
2018-11-30 22:22:26 +00:00
4e010382cc
REFACTOR: Initialize auth providers after `plugin.activate!`
...
Also added some helpful functionality for plugin developers:
- Raises RuntimeException if the auth provider has been registered too late
- Logs use of deprecated parameters
2018-11-30 16:58:18 +00:00
208005f9c9
REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
...
Changes to functionality
- Removed syncing of user metadata including gender, location etc.
These are no longer available to standard Facebook applications.
- Removed the remote 'revoke' functionality. No other providers have
it, and it does not appear to be standard practice in other apps.
- The 'facebook_no_email' event is no longer logged. The system can
cope fine with a missing email address.
Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
534e1b1b18
DEV: Introduce Auth::ManagedAuthenticator
...
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
2018-11-30 11:18:11 +00:00
f645cb9c14
FEATURE: Use translated name for 'your email has been authenticated by' ( #6649 )
2018-11-22 19:12:04 +00:00
182b34243d
FIX: opts is a hash in 'log_on_user'
...
cc @nbianca
2018-11-12 16:00:12 +01:00
5af9a69a3b
FIX: Do not check for suspicious login when impersonating. ( #6534 )
...
* FIX: Do not check for suspicious login when impersonating.
* DEV: Add 'impersonate' parameter to log_on_user.
2018-11-12 15:34:12 +01:00
5fc09a6467
DEV: Fix build.
2018-11-05 14:16:03 +02:00
a84b6b6b0c
SECURITY: Add CSRF protections to OpenID callback
2018-11-05 11:16:57 +00:00
d17c8df926
Only check for suspicious login for staff members
2018-10-26 00:29:28 +02:00
56e0f47bcd
FIX: Do not update `last_seen` for API access
...
This regressed in 2dc3a50
2018-10-25 13:38:57 +01:00
45f01e637b
FIX: when associating Github account disassociate others
...
There are some cases where an email floats from one GitHub account to another
if this happens just take over the Github mapping record
2018-10-10 15:46:50 +11:00
d8b543bb67
FIX: redirect to original URL after social signup
2018-09-05 01:44:23 +05:30
d1af89e3b3
DEV: Extract global admin api rate limiting into a dedicated method.
...
* We have a use case for overriding the rate limiting logic in a
plugin.
2018-09-04 16:37:54 +08:00
3b337bfc6b
Revert "FIX: Don't rate limit admin and staff constraints when matching routes."
...
This reverts commit 651b50b1a1
2018-09-04 14:27:21 +08:00
651b50b1a1
FIX: Don't rate limit admin and staff constraints when matching routes.
...
* When an error is raised when checking route constraints, we
can only return true/false which either lets the request
through or return a 404 error. Therefore, we just skip
rate limiting here and let the controller handle the
rate limiting.
2018-09-04 13:52:58 +08:00
272de95175
FIX: client duplicate registration should be cleaned up
...
If for any reason we are unable to correct client id on a user api key
invalidate old keys for client/user
2018-08-22 12:56:49 +10:00
860c1c3dcd
FEATURE: Automatically expire keys if not used for a configurable amount of time. ( #6264 )
2018-08-20 17:36:14 +02:00
6ddf7fcd1f
Fix warnings about already initialized constants
2018-08-09 17:29:02 +02:00
812add18bd
REFACTOR: Serve auth provider information in the site serializer.
...
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
6566b2f11a
FEATURE: Allow revoke and connect for Instagram logins
2018-07-30 14:38:53 +01:00
5f1fd0019b
FEATURE: Allow revoke and connect for GitHub logins
2018-07-27 17:18:53 +01:00
6296f63804
FEATURE: Revoke and connect for Yahoo logins
2018-07-27 16:20:47 +01:00
9c72c00206
FEATURE: Revoke and reconnect for Twitter logins
2018-07-27 12:28:51 +01:00
fa399ce1c5
FEATURE: Add revoke and reconnect functionality for google logins
2018-07-25 16:03:14 +01:00
776fd0de66
FIX: Filter open-id logins by identifier
2018-07-25 11:47:09 +01:00
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 ( #6099 )
...
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
2dc3a50dac
FIX: Do not update `last seen` time for suspended users
2018-07-18 16:04:57 +01:00
ad5082d969
Make rubocop happy again.
2018-06-07 13:28:18 +08:00
543b7cddfb
FIX: Extra comma resulted in Github auth email result being an array.
...
https://meta.discourse.org/t/github-2fa-flow-broken/88674
2018-05-30 12:15:12 +08:00
f6d412465b
FIX: apply automatic group rules when using social login providers
2018-05-23 02:26:07 +03:00
2cf6fb7359
FIX: always unstage users when they log in
2018-05-13 17:00:02 +02:00
3d6dc764be
needed to remove legacy from a few more spots
2018-05-04 11:12:01 +10:00
c7a0ced656
FIX: remove facebook_request_extra_profile_details
...
Since this no longer works
2018-04-26 14:14:35 +10:00
c5d26992d4
Prefer to use primary email for new user creation over other available emails
2018-03-19 17:10:35 +05:30
c75fd34328
Allow Discourse installs to name the token cookie
2018-03-13 16:48:40 -04:00
0134e41286
FEATURE: detect when client thinks user is logged on but is not
...
This cleans up an error condition where UI thinks a user is logged on
but the user is not. If this happens user will be prompted to refresh.
2018-03-06 16:49:31 +11:00
fb75f188ba
FEATURE: Disallow login via omniauth when user has 2FA enabled.
2018-03-01 15:47:07 +08:00
24d0a7a4c7
Take 2 on f74d6bb605.
...
New options are left out by default when not configured so that an
incorrect default configuration doesn't blow up google oauth for
everyone.
2018-02-23 07:53:01 +08:00
1c790ae6bc
Revert "Add prompt and HD settings to the Google OAuth2 plugin."
...
This reverts commit f74d6bb605
2018-02-22 19:17:02 +01:00
f74d6bb605
Add prompt and HD settings to the Google OAuth2 plugin.
2018-02-22 12:29:19 +08:00
a3c7ee09b6
FIX: ruby bench not working properly
...
- Remove thin which is no longer supported
- Bypass admin api rate limiting in profile environment
- Admin password was too short
- Run by default in concurrency 1 mode
- A skip bundle assets flag to speed up local testing
2018-02-19 11:37:16 +11:00
569e57f0a9
FIX: Delete the invalid auth cookie even if you hit the rate limit
2018-02-09 19:09:54 -05:00
8c04893a04
FIX: Don't throttle local lookups
2018-02-07 00:31:05 -05:00
e2d82b882e
FIX: redirect to original URL after social login
2018-01-26 18:52:27 +01:00
215c0d5569
FEATURE: allow system api to target users via external id or user id
...
usage ?api_key=XYZ&api_user_external_id=ABC
usage ?api_key=XYZ&api_user_id=123
2018-01-12 17:40:18 +11:00
988b13ac77
FIX: GitHub auth always asking to verify email for new users ( #5487 )
2018-01-12 15:17:29 +11:00
105cf61ed9
Implements https://meta.discourse.org/t/issue-user-changed-google-account-and-cant-connect-thru-his-profile/35028/18?u=supermathie
2017-12-20 17:59:36 -05:00
67aecff59c
FEATURE: store twitter supplied email for auditing
2017-12-14 15:54:32 +11:00
6ade508f39
FIX: Prevent 'rack.input' missing error.
2017-12-12 16:40:35 +08:00
68d3c2c74f
FEATURE: add global rate limiter for admin api 60 per minute
...
Also move configuration of admin and user api rate limiting into global
settings. This is not intended to be configurable per site
2017-12-11 11:07:22 +11:00
16407dfc11
Add a `failed_code` we can check for when using Auth::Result
2017-11-09 10:49:42 -05:00
804b4f32f8
better error message when API authentication fails
2017-10-20 20:05:34 +05:30
2db66072d7
SECURITY: signup without verified email using Google auth
2017-10-16 13:51:41 -04:00
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
5868508e98
GH#retrieve_avatar: simplify conditional and restructured testing
2017-08-22 23:46:50 -04:00
49f0119c12
FEATURE: import Github profile picture
2017-08-22 20:23:47 -04:00
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
fcfc895167
FIX: new sign-ups via google are added to groups
...
This fix ensures that users that are signing up via google oauth are
automatically added to any groups.
A similar fix will probably need to be added to other oauth providers.
2017-07-07 14:08:58 -06:00
8fd915a11a
Revert "FIX: add path to cookies so sessions on the same domain but different subfolders don't log each other out"
2017-06-21 16:18:24 -04:00
1716747810
FIX: add path to cookies so sessions on the same domain but different subfolders don't log each other out
2017-06-20 13:30:36 -04:00
8d80a5d97e
add some explicit scoping to help avoid erratic failure in test
2017-03-07 16:00:51 -05:00
99f4d5082b
FIX: Improve token rotation and increase logging
...
- avoid access denied on bad cookie, instead just nuke it
- avoid marking a token unseen for first minute post rotation
- log path in user auth token logs
2017-03-07 13:27:43 -05:00
3d347fb9c4
FIX: Don't mark user as `active` if verified email is different.
2017-03-02 14:24:30 +08:00
122fb8025d
FIX: last seen date erroneously updated when browser in background
...
In some cases user may be "last seen" even though browser tab is in
the background or computer is locked
2017-02-28 12:35:10 -05:00
ea1007e954
FEATURE: add support for same site cookies
...
Defaults to Lax, can be disabled or set to Strict.
Strict will only work if you require login and use SSO. Otherwise when clicking on links to your site you will appear logged out till you refresh the page.
2017-02-23 12:01:28 -05:00
ad435da377
fix typo
2017-02-23 10:58:53 -05:00
b7d2edc7dc
FIX: allow some auth token misses prior to clearing cookie
...
It appears that in some cases ios queues up requests up front
and "releases" them when tab gets focus, this allows for a certain
number of cookie misses for this case. Otherwise you get logged off.
2017-02-22 12:37:11 -05:00
7a85469c4c
SECURITY: inactive/suspended accounts should be banned from api
...
Also fixes edge cases around users presenting multiple credentials
2017-02-17 11:03:09 -05:00
0ab96a7691
FEATURE: add hidden setting for verbose auth token logging
...
This is only needed to debug auth token issues, will result in lots
of logging
2017-02-13 14:01:09 -05:00
ff49f72ad9
FEATURE: per client user tokens
...
Revamped system for managing authentication tokens.
- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes
New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.
Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
6ff309aa80
SECURITY: don't grant same privileges to user_api and api access
...
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
2ddabc3928
FIX: protect against future regressions of google omniauth
2016-11-07 12:48:00 +11:00
923db2e559
FIX: download avatar from facebook/twitter in a job in order to prevent hangs when avatars are huge
2016-10-24 17:15:13 +02:00
0862ad406d
FIX: pull twitter's avatar & profile when signing up
2016-10-17 15:43:40 +02:00
b246f1a694
FEATURE: set secure flag on _t cookie if https is forced
2016-10-17 12:11:49 +11:00
f4f5524190
FEATURE: user API now contains scopes so permission is granular
...
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
9dd1f7b5b6
pull avatar, bio & location from Twitter
2016-10-13 10:49:51 +02:00
aaec05e36a
FIX: stop asking for bio from facebook, it is deprecated
2016-10-11 10:56:07 +11:00
5bdaaca848
Make it square!
2016-09-28 12:49:22 -03:00
f5746f490f
Uses higher resolution pictures when importing avatars from Facebook
2016-09-28 01:38:41 -03:00
2ae7c47a3c
Add support for email whitelist/blacklist to GitHub auth
...
If a site is configured for GitHub logins, _**and**_ has an email domain
whitelist, it's possible to get in a state where a new user is locked to
a non-whitelist email (their GitHub primary) even though they have an
alternate email that's on the whitelist. In all cases, the GitHub
primary email is attempted first so that previously existing behavior
will be the default.
- Add whitelist/blacklist support to GithubAuthenticator (via
EmailValidator)
- Add multiple email support GithubAuthenticator
- Add test specs for GithubAuthenticator
- Add authenticator-agnostic "none of your email addresses are allowed"
error message.
2016-09-22 11:31:10 -07:00
8dc4329094
FEATURE: optionally get extra profile info from facebook
...
This feature requires the application be approved by facebook, so it is
default off
2016-09-19 16:14:11 +10:00
5b3cd3fac9
FEATURE: Import facebook avatars when logging in via facebook
...
FIX: warning about popup dimensions when using facebook login
Rules are:
- On account creation we always import
- If you already have an avatar uploaded, nothing is changed
- If you have no avatar uploaded, we upload from facebook on login
- If you have no avatar uploaded, we select facebook unless gravatar already selected
This also fixes SSO issues where on account creation accounts had missing avatar uploads
2016-09-19 15:10:23 +10:00
9609a47016
Ability to skip email validation via a plugin
2016-09-07 14:05:46 -04:00
610dd933a3
FEATURE: Support importing email from Twitter
2016-09-06 12:18:13 -04:00
be0fd5b4cc
FEATURE: allow user api key revocation for read only keys
2016-09-02 17:04:00 +10:00
c4bf138d2c
FIX: incorrect error being raised
2016-08-26 10:39:13 +10:00
b09922b58a
we have to allow message bus for read clients
2016-08-19 15:22:52 +10:00
3ea68f8f6c
tweak headers so they can be consumed
2016-08-18 14:38:33 +10:00
416e7e0d1e
FEATURE: basic UI to view user api keys
2016-08-16 17:06:52 +10:00
fc095acaaa
Feature: User API key support (server side implementation)
...
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
5cc8bb535b
SECURITY: do cookie auth rate limiting earlier
2016-08-09 10:02:18 +10:00
16a383ea1e
SECURITY: limit bad cookie auth attempts
...
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
b5fbff947b
FIX: don't expire old sessions when logging in
2016-07-26 11:37:41 +10:00
c1f62d8657
Revert "make upgrade a bit more seamless"
...
This reverts commit 78b88a1633
2016-07-25 12:49:33 +10:00
78b88a1633
make upgrade a bit more seamless
2016-07-25 12:30:52 +10:00
df535c6346
FEATURE: refresh session cookie at most once an hour
...
This feature ensures session cookie lifespan is extended
when user is online.
Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
a9207dafa7
FEATURE: configure session time via site setting for all the users ( #4343 )
2016-07-23 02:57:30 +05:30
22ade1f811
FEATURE: Add event trigger when a user is logged out.
2016-07-04 17:20:30 +08:00
f88cf4e2f0
Merge pull request #4226 from xfalcox/non-persistent-session
...
FEATURE: add setting permanent_session_cookie to configure session st…
2016-06-29 16:47:31 +10:00
9704603fab
FEATURE: sendgrid webhooks
2016-06-01 21:48:06 +02:00
52c3b0b0ce
clear mini profiler cookie when admin logs off
2016-05-18 17:27:54 +10:00
09ef5f613e
FEATURE: add setting permanent_session_cookie to configure session stickiness
...
Now admins can turn make the login cookie die after the browser is closed, so the user needs to log in everytime.
2016-05-17 01:12:09 -03:00
74b3807f60
FEATURE: new bootstrap mode settings for brand new Discourse community ( #4193 )
...
* FEATURE: new bootstrap mode settings for brand new Discourse community
* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
70b287a053
Update instagram_authenticator.rb
2016-02-26 11:37:48 +10:00
5c603bf8ec
Added Instagram login method
2016-02-25 12:13:59 +10:00
0ef141b2c3
FIX: skip jwt encoding for auth
2016-02-05 08:48:16 +11:00
0b4c9005f9
FIX: Don't include `name` in hash when names are disabled.
...
This could break some SSO implementations due to honeypot
not being triggered.
2015-10-29 12:19:45 -04:00
7dbc2590a5
Support for auth plugins to freeze the username
2015-06-26 15:55:33 -04:00
b4960d48b4
Better support for passing up errors when OmniAuth fails after auth
2015-06-24 12:12:43 -04:00
803feefd54
MessageBus handles readonly redis now, no need to wrap it
2015-05-04 12:21:00 +10:00
5b3f99aa50
Don't blow up if Redis switches to READONLY
2015-04-24 14:37:16 -04:00
7c14db44cc
UX: improve message when admin login is blocked because of admin ip address whitelisting
2015-03-02 12:13:22 -05:00
3483c8318f
FEATURE: logging out logs you out everywhere
...
can be disabled by changing the setting "log_out_strict" to false
2015-01-28 12:56:41 +11:00
7412ff4da7
FIX: suspended users are logged out when they are suspended. Show a reason for suspension when they try to log in.
2015-01-19 12:37:02 -05:00
e979382ab4
Facebook auth without an email should allow user to enter email
...
In some cases Facebook doesn't send back a user's email. In this
case, allow the user to enter their email address.
See
https://meta.discourse.org/t/facebook-initial-login-create-account-dialog-leaves-email-field-blank/13815/15
2014-12-08 12:43:06 +02:00
a9cda0f947
FEATURE: allow restricting API keys to a particular range
2014-11-20 15:21:49 +11:00
aa9b3bb35a
FEATURE: allow long polling to go to a different url
...
Added the site setting long_polling_base_url , this allows you
to farm long polling to a different server.
This setting is very important if a CDN is serving dynamic content.
2014-10-24 13:38:38 +11:00
ca5f361d0a
FEATURE: restrict admin access based on IP address
2014-09-05 12:06:01 -04:00
fdc89b1735
SECURITY: GitHub authenticator returning unverified emails
2014-09-03 12:53:22 +10:00
7c65adfd6f
FEATURE: raise an exception when the email is missing in the OpenId callback
2014-08-07 19:28:50 +02:00
030c748adb
Revert "FIX: google oauth2 for sites using https. Need to specify the redirect_uri during setup in this case."
...
This reverts commit fe6235b40e
2014-07-31 16:56:08 -04:00
fe6235b40e
FIX: google oauth2 for sites using https. Need to specify the redirect_uri during setup in this case.
2014-07-31 14:50:46 -04:00
12cb682548
Start passing more context to Discourse.handle_exception
2014-07-17 14:11:56 -07:00
01a68f8cc7
Emails are case insensitive
2014-07-16 10:22:01 -04:00
67db561429
BUGFIX: missed a key rename
...
BUGFIX: API spec not enabling CSRF
2014-05-23 08:43:19 +10:00
cf254000cf
Revert "Revert "BUGFIX: improve error messages for invalid API keys""
...
This reverts commit e9afe28586
2014-05-23 08:43:19 +10:00
e9afe28586
Revert "BUGFIX: improve error messages for invalid API keys"
2014-05-22 14:55:36 -04:00
eeef775f21
BUGFIX: improve error messages for invalid API keys
...
BUGFIX: don't track last seen for message bus
2014-05-22 09:01:29 +10:00
742841ddce
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites.
2014-05-21 18:35:10 -04:00
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
1da59e7e2e
FIX: deactivated users shouldn't be able to log in
2014-04-28 13:46:28 -04:00
5897d3419c
BUGFIX: identity_url was not fished out correctly
...
If I user logged in with Google and then changed email,
they would no longer be able to log in with google
2014-03-26 14:52:50 +11:00
35ee341122
SECURITY: GitHub returns unvalidated emails
2014-03-26 10:55:36 +11:00
7e7c4efcc0
FEATURE: on initial boot hint users on how to get admin
2014-03-24 18:03:39 +11:00
a74764c833
Log when facebook doesn't provide an email address
2014-03-19 13:31:17 -04:00
David Taylor
Guo Xiang Tan
Sam
Régis Hanol
Bianca Nenciu
Bianca Nenciu
Vinoth Kannan
Gerhard Schlager
OsamaSayegh
Robin Ward
Joffrey JAFFEUX
Geoffrey Challen
Michael Brown
Arpit Jalan
Neil Lalonde
Kyle Zhao
Guo Xiang Tan
Blake Erickson
Rafael dos Santos Silva
Jared Reisinger
Mark Biegel
Ubuntu
Greg Kempe
riking
Louis Rose