discourse

History

David Taylor 4c9ca24ccf FEATURE: Hash API keys in the database (#8438 ) API keys are now only visible when first created. After that, only the first four characters are stored in the database for identification, along with an sha256 hash of the full key. This makes key usage easier to audit, and ensures attackers would not have access to the live site in the event of a database leak. This makes the merge lower risk, because we have some time to revert if needed. Once the change is confirmed to be working, we will add a second commit to drop the `key` column.		2019-12-12 11:45:00 +00:00
..
auth_provider.rb	FEATURE: Use full page redirection for all external auth methods (#8092 )	2019-10-08 12:10:43 +01:00
authenticator.rb	SECURITY: Add confirmation screen when connecting associated accounts	2019-07-24 10:28:15 +01:00
current_user_provider.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00
default_current_user_provider.rb	FEATURE: Hash API keys in the database (#8438 )	2019-12-12 11:45:00 +00:00
discord_authenticator.rb	FEATURE: Login with Discord (#8053 )	2019-08-30 10:54:19 +01:00
facebook_authenticator.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00
github_authenticator.rb	DEV: Apply Rubocop redundant return style	2019-11-14 15:10:51 -05:00
google_oauth2_authenticator.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00
instagram_authenticator.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00
managed_authenticator.rb	DEV: Add missing parenthesis for `47ad2a4d`	2019-07-24 11:29:18 +01:00
oauth2_authenticator.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00
open_id_authenticator.rb	DEV: s/\$redis/Discourse\.redis (#8431 )	2019-12-03 10:05:53 +01:00
result.rb	FIX: Do not raise exception if the authenticator email is missing	2019-08-14 12:08:59 +01:00
twitter_authenticator.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00