Commit Graph

26691 Commits

Author SHA1 Message Date
Guo Xiang Tan 8964e75ad6
Merge pull request #5612 from discourse/featheredtoast-two-factor-login
Featheredtoast two factor login
2018-02-21 15:00:10 +08:00
Guo Xiang Tan 14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Arpit Jalan 94fb8094c6 further optimize spec
thanks @tgxworld for the review.
2018-02-21 11:32:40 +05:30
Sam 26450f7587 allow for no lograge
(fixes tests)
2018-02-21 15:40:37 +11:00
Sam ca1a3f37e3 FEATURE: add instrumentation for all external net calls 2018-02-21 15:20:29 +11:00
Robin Ward 5c40ae9e63 FIX: Links in quotes should be counted for rate limits 2018-02-20 20:42:01 -05:00
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Guo Xiang Tan b6e82815bd Fix rspec description. 2018-02-21 09:02:42 +08:00
Robin Ward 3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Sam 80ec6ce4fd bump onebox 2018-02-21 10:06:17 +11:00
Kris ce97bdb472 Flag badge too wide in header panels 2018-02-20 17:31:02 -05:00
Régis Hanol 0799831dbe FIX: use the avatar of the post rather than the topic in local oneboxes 2018-02-20 19:49:39 +01:00
Arpit Jalan a4bc54a686 FIX: strip zero width spaces from topic title 2018-02-21 00:12:39 +05:30
Kris 677e126fbf UX: Implementing a box-shadow system, cleaning up existing shadows 2018-02-20 12:18:20 -05:00
Arpit Jalan ed422285f0 optimize spec 2018-02-20 22:03:13 +05:30
Sam de5418a905 correct search in topic list 2018-02-20 20:47:44 +11:00
Jeff Atwood 6c29908ba2 very minor copyedits 2018-02-20 00:44:56 -08:00
Guo Xiang Tan 226ace1643 Update annotations. 2018-02-20 14:28:58 +08:00
Sam 86d12bd44b FEATURE: search within title using in:title
Also

- Significantly improved search ranking, title is treated most strongly
- Adds tag names to the index
- Run search re-indexer more aggressively
- Re-index topic and all posts on category change
2018-02-20 14:41:21 +11:00
Sam 73a492f721 minor changes to discourse bench
Ruby master is not compatible with bootsnap atm
2018-02-20 14:41:21 +11:00
Guo Xiang Tan e5cec28eae FIX: `Stylesheet::Manager.stylesheet_link_tag` cache should account for `Discourse.current_hostname`. 2018-02-20 09:53:15 +08:00
Régis Hanol 6b67192d99 fix the build 2018-02-19 22:52:54 +01:00
Régis Hanol 60ec483caa FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
Arpit Jalan 614b1c8e68 FIX: admin was not able to unblock screened IP address 2018-02-20 00:36:13 +05:30
Arpit Jalan 9b24c652de
Merge pull request #5604 from techAPJ/topic-emoji-limit
FEATURE: new site setting 'max_emojis_in_title'
2018-02-19 18:39:47 +04:00
Arpit Jalan c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
Gerhard Schlager b6277e208b FIX: Cookies header didn't have the right format 2018-02-19 12:46:57 +01:00
OsamaSayegh f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Zach Whitehead afa2b36842 Add class to category link for easy styling (#5606) 2018-02-19 10:22:27 +01:00
Leo McArdle 5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
Joffrey JAFFEUX b3b6373f77
FIX: do not show mail-forward icon if not needed 2018-02-19 09:52:35 +01:00
Sam a3c7ee09b6 FIX: ruby bench not working properly
- Remove thin which is no longer supported
- Bypass admin api rate limiting in profile environment
- Admin password was too short
- Run by default in concurrency 1 mode
- A skip bundle assets flag to speed up local testing
2018-02-19 11:37:16 +11:00
Sam 107eb5d830 FIX: binding_of_caller not working on Ruby 2.5 2018-02-19 11:37:16 +11:00
Sam 9d8df812dd PERF: upgrade Oj gem 2018-02-19 11:37:16 +11:00
Guo Xiang Tan d601a6b23c FIX: Support old Service Worker source file path to avoid routing errors. 2018-02-19 08:04:45 +08:00
Arpit Jalan 33df2d6a02 FIX: data export should fill missing dates with zero value 2018-02-18 23:52:09 +05:30
Jeff Atwood c8cf034092
Merge pull request #5602 from pfaffman/patch-1
Update INSTALL-cloud.md to reflect new options
2018-02-16 16:29:01 -08:00
Jay Pfaffman 87c0cc2b1a
Update INSTALL-cloud.md
Add note about being able to enable Let's Encrypt when you run `./discourse-setup`.
2018-02-16 16:25:37 -08:00
Robin Ward 02093ecbdd Extensibility: Allow plugins to munge user params 2018-02-16 19:12:02 -05:00
Kris a2327b4897 login button alignment fix 2018-02-16 17:13:10 -05:00
Kris 35a49a240a UX: Improving header scalability for large font themes 2018-02-16 15:58:10 -05:00
Régis Hanol 61930e092a FIX: support incoming emails with just an attachment 2018-02-16 18:14:56 +01:00
Arpit Jalan 9bb7c3dcf0 bump onebox version 2018-02-16 21:32:25 +05:30
Régis Hanol 93b1829f04 tiny refactor 2018-02-16 11:21:11 +01:00
SidV 790c5facc9 Mailgun typo (#5593)
mailgun = Mailgun
2018-02-16 01:35:37 -05:00
Blake Erickson 49ad983050 fix extra blank line 2018-02-15 16:54:22 -07:00
Blake Erickson 925d1a7869 FEATURE: add rake task for import/export of site settings 2018-02-15 16:23:42 -07:00
Neil Lalonde 322aa9ed85 Version bump to v2.0.0.beta3 2018-02-15 17:48:34 -05:00
Sam cda3f72ab8 SECURITY: don't onebox whispers 2018-02-16 08:57:20 +11:00
Neil Lalonde 32ad98161f Update translations 2018-02-15 16:36:03 -05:00