Commit Graph

2376 Commits

Author SHA1 Message Date
Dominik M. Kwiatek 55823779f4
Merge pull request #152 from Retrospring/feature/totp-recovery-codes
TOTP Recovery Keys
2020-11-16 11:42:36 +01:00
Dominik Kwiatek 277799ff4b Remove `TotpRecoveryCode.remove_all_for(user)` method 2020-11-15 22:09:27 +01:00
Dominik Kwiatek 2e6f49819a Address @nilsding's review comments 2020-11-15 22:08:18 +01:00
Dominik Kwiatek f031143b45 Fix linter errors 2020-11-15 21:35:50 +01:00
Dominik Kwiatek b4358772e1 Fix test for expired OTP 2020-11-15 21:27:38 +01:00
Dominik Kwiatek 4dc00a0114 Fix test for activating with expired code 2020-11-15 10:29:09 +01:00
Dominik Kwiatek aeb1396422 Add tests for recovery codes 2020-11-15 10:21:06 +01:00
Dominik Kwiatek d7cac67c22 Create print view for recovery codes 2020-11-15 10:20:55 +01:00
Dominik Kwiatek f12d56ff7d Remove unused spec file for TotpRecoveryCode model 2020-11-01 19:25:49 +01:00
Dominik Kwiatek c7463df4d4 Fix lint errors 2020-11-01 19:10:59 +01:00
Dominik Kwiatek 9b69ae8fc2 Remove SecureRandom#base36 extension method 2020-11-01 19:10:41 +01:00
Dominik Kwiatek e16896fac1 Provide the user a way to generate new codes. 2020-11-01 18:52:42 +01:00
Dominik Kwiatek 61d82bdbec Display count of remaining recovery codes 2020-11-01 18:41:37 +01:00
Dominik Kwiatek 5eb4f32660 Clean up after TOTP is disabled. 2020-11-01 18:31:20 +01:00
Dominik Kwiatek 5dd920eba2 Allow recovery codes to be used to sign in in place of a OTP 2020-11-01 18:29:11 +01:00
Dominik Kwiatek b4f479a00f Generate recovery keys on TOTP setup 2020-11-01 17:55:31 +01:00
Dominik M. Kwiatek ab03fadaef
Merge pull request #147 from Retrospring/feature/2fa
Implement Two Factor Authentication
2020-10-24 00:30:13 +02:00
Dominik Kwiatek d20f527d8c Add drift period 2020-10-24 00:24:04 +02:00
Dominik Kwiatek ee4b7e2cb1 Auto focus OTP validation field on setup page 2020-10-24 00:13:26 +02:00
Dominik Kwiatek 37d2b43023 Apply styling to OTP attempt field 2020-10-24 00:13:14 +02:00
Dominik Kwiatek 7f4d6cdc0f Remove #two_factor_entry test 2020-10-23 21:05:04 +02:00
Dominik Kwiatek 75c782705a Add string for views.auth.2fa.errors.invalid_code 2020-10-23 21:02:13 +02:00
Dominik Kwiatek 0f80bcef14 Remove I18n. prefix 2020-10-23 21:01:00 +02:00
Dominik Kwiatek 702156258c Remove user/sessions#two_factor_entry 2020-10-23 21:00:06 +02:00
Dominik Kwiatek 66cccbb5d6 Use the same string for 2FA failures 2020-10-23 20:58:42 +02:00
Dominik Kwiatek d7a1750694 Implement @nilsding's review changes 2020-10-23 20:45:06 +02:00
Dominik Kwiatek 0f98d7bad8 Fix list styling on Comment Smiles modal 2020-10-21 20:43:58 +02:00
Dominik Kwiatek 482b7992a9 Add test for #destroy_2fa endpoint 2020-10-21 16:52:59 +02:00
Dominik Kwiatek 55de0e45d2 Add test for #update_2fa endpoint 2020-10-21 16:47:07 +02:00
Dominik Kwiatek d89d7a0e7f Add trailing new line to settings partials 2020-10-21 13:59:13 +02:00
Dominik Kwiatek 68b1bbb908 Fix bad refactor 2020-10-21 13:55:55 +02:00
Dominik Kwiatek d3cc421225 Rename settings partials to match naming conventions 2020-10-21 13:49:12 +02:00
Dominik Kwiatek 556050aa66 Add tests for security settings page 2020-10-21 13:44:00 +02:00
Dominik Kwiatek be35546667 Add debugger to Docker image 2020-10-20 13:24:10 +02:00
Dominik Kwiatek febcf347ee Add basic login form tests 2020-10-20 11:44:20 +02:00
Dominik Kwiatek 3211f8f59b Make OTP secret longer 2020-10-19 20:25:18 +02:00
Dominik Kwiatek ea99805da1 Fix remaining lint warnings 2020-10-19 15:55:00 +02:00
Dominik Kwiatek dc88ac3f06 haml-lint fixes 2020-10-19 15:02:04 +02:00
Dominik Kwiatek 70b8053d15 Add F-Droid & GitHub links for Android TOTP App 2020-10-19 14:56:30 +02:00
Dominik Kwiatek 433f1d45e5 Use controller for setting up QR Code 2020-10-19 14:56:13 +02:00
Dominik Kwiatek 00da21a13d Redirect away from two factor entry page if no target user is set in session 2020-10-19 12:20:44 +02:00
Dominik Kwiatek 5447e905c0 Shorten 2FA setup OTP validation field 2020-10-18 20:49:30 +02:00
Dominik Kwiatek d550e6d4c7 Add help text and confirmation for disabling 2FA 2020-10-18 20:49:11 +02:00
Dominik Kwiatek 4ce5dfc92a Fix detaching, improve UI for attaching 2FA 2020-10-18 19:48:12 +02:00
Dominik Kwiatek 25410e111d Fix OTP auth triggering for users who haven't set it up
I thought I could be clever by using a null secret key as an indicator of it being disabled
2020-10-18 11:39:28 +02:00
Dominik Kwiatek 141ff59f63 Implement Two Factor Authentication 2020-10-18 10:39:46 +02:00
Dominik Kwiatek d9cc9daf4b Use available threads for bundle install 2020-10-03 12:56:36 +02:00
Dominik Kwiatek 3efde50028 Store Postgres data in volume 2020-10-03 12:56:36 +02:00
Georg Gadinger 1d1ed3a124
Merge pull request #145 from Retrospring/dependabot/bundler/pghero-2.7.0
Bump pghero from 2.4.2 to 2.7.0
2020-08-05 18:46:16 +02:00
dependabot[bot] bfbc41668a
Bump pghero from 2.4.2 to 2.7.0
Bumps [pghero](https://github.com/ankane/pghero) from 2.4.2 to 2.7.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.4.2...v2.7.0)

Signed-off-by: dependabot[bot] <support@github.com>
2020-08-05 15:23:03 +00:00