Commit Graph

2020 Commits

Author SHA1 Message Date
Dominik Kwiatek aeb1396422 Add tests for recovery codes 2020-11-15 10:21:06 +01:00
Dominik Kwiatek d7cac67c22 Create print view for recovery codes 2020-11-15 10:20:55 +01:00
Dominik Kwiatek f12d56ff7d Remove unused spec file for TotpRecoveryCode model 2020-11-01 19:25:49 +01:00
Dominik Kwiatek c7463df4d4 Fix lint errors 2020-11-01 19:10:59 +01:00
Dominik Kwiatek 9b69ae8fc2 Remove SecureRandom#base36 extension method 2020-11-01 19:10:41 +01:00
Dominik Kwiatek e16896fac1 Provide the user a way to generate new codes. 2020-11-01 18:52:42 +01:00
Dominik Kwiatek 61d82bdbec Display count of remaining recovery codes 2020-11-01 18:41:37 +01:00
Dominik Kwiatek 5eb4f32660 Clean up after TOTP is disabled. 2020-11-01 18:31:20 +01:00
Dominik Kwiatek 5dd920eba2 Allow recovery codes to be used to sign in in place of a OTP 2020-11-01 18:29:11 +01:00
Dominik Kwiatek b4f479a00f Generate recovery keys on TOTP setup 2020-11-01 17:55:31 +01:00
Dominik M. Kwiatek ab03fadaef
Merge pull request #147 from Retrospring/feature/2fa
Implement Two Factor Authentication
2020-10-24 00:30:13 +02:00
Dominik Kwiatek d20f527d8c Add drift period 2020-10-24 00:24:04 +02:00
Dominik Kwiatek ee4b7e2cb1 Auto focus OTP validation field on setup page 2020-10-24 00:13:26 +02:00
Dominik Kwiatek 37d2b43023 Apply styling to OTP attempt field 2020-10-24 00:13:14 +02:00
Dominik Kwiatek 7f4d6cdc0f Remove #two_factor_entry test 2020-10-23 21:05:04 +02:00
Dominik Kwiatek 75c782705a Add string for views.auth.2fa.errors.invalid_code 2020-10-23 21:02:13 +02:00
Dominik Kwiatek 0f80bcef14 Remove I18n. prefix 2020-10-23 21:01:00 +02:00
Dominik Kwiatek 702156258c Remove user/sessions#two_factor_entry 2020-10-23 21:00:06 +02:00
Dominik Kwiatek 66cccbb5d6 Use the same string for 2FA failures 2020-10-23 20:58:42 +02:00
Dominik Kwiatek d7a1750694 Implement @nilsding's review changes 2020-10-23 20:45:06 +02:00
Dominik Kwiatek 0f98d7bad8 Fix list styling on Comment Smiles modal 2020-10-21 20:43:58 +02:00
Dominik Kwiatek 482b7992a9 Add test for #destroy_2fa endpoint 2020-10-21 16:52:59 +02:00
Dominik Kwiatek 55de0e45d2 Add test for #update_2fa endpoint 2020-10-21 16:47:07 +02:00
Dominik Kwiatek d89d7a0e7f Add trailing new line to settings partials 2020-10-21 13:59:13 +02:00
Dominik Kwiatek 68b1bbb908 Fix bad refactor 2020-10-21 13:55:55 +02:00
Dominik Kwiatek d3cc421225 Rename settings partials to match naming conventions 2020-10-21 13:49:12 +02:00
Dominik Kwiatek 556050aa66 Add tests for security settings page 2020-10-21 13:44:00 +02:00
Dominik Kwiatek be35546667 Add debugger to Docker image 2020-10-20 13:24:10 +02:00
Dominik Kwiatek febcf347ee Add basic login form tests 2020-10-20 11:44:20 +02:00
Dominik Kwiatek 3211f8f59b Make OTP secret longer 2020-10-19 20:25:18 +02:00
Dominik Kwiatek ea99805da1 Fix remaining lint warnings 2020-10-19 15:55:00 +02:00
Dominik Kwiatek dc88ac3f06 haml-lint fixes 2020-10-19 15:02:04 +02:00
Dominik Kwiatek 70b8053d15 Add F-Droid & GitHub links for Android TOTP App 2020-10-19 14:56:30 +02:00
Dominik Kwiatek 433f1d45e5 Use controller for setting up QR Code 2020-10-19 14:56:13 +02:00
Dominik Kwiatek 00da21a13d Redirect away from two factor entry page if no target user is set in session 2020-10-19 12:20:44 +02:00
Dominik Kwiatek 5447e905c0 Shorten 2FA setup OTP validation field 2020-10-18 20:49:30 +02:00
Dominik Kwiatek d550e6d4c7 Add help text and confirmation for disabling 2FA 2020-10-18 20:49:11 +02:00
Dominik Kwiatek 4ce5dfc92a Fix detaching, improve UI for attaching 2FA 2020-10-18 19:48:12 +02:00
Dominik Kwiatek 25410e111d Fix OTP auth triggering for users who haven't set it up
I thought I could be clever by using a null secret key as an indicator of it being disabled
2020-10-18 11:39:28 +02:00
Dominik Kwiatek 141ff59f63 Implement Two Factor Authentication 2020-10-18 10:39:46 +02:00
Dominik Kwiatek d9cc9daf4b Use available threads for bundle install 2020-10-03 12:56:36 +02:00
Dominik Kwiatek 3efde50028 Store Postgres data in volume 2020-10-03 12:56:36 +02:00
Georg Gadinger 1d1ed3a124
Merge pull request #145 from Retrospring/dependabot/bundler/pghero-2.7.0
Bump pghero from 2.4.2 to 2.7.0
2020-08-05 18:46:16 +02:00
dependabot[bot] bfbc41668a
Bump pghero from 2.4.2 to 2.7.0
Bumps [pghero](https://github.com/ankane/pghero) from 2.4.2 to 2.7.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.4.2...v2.7.0)

Signed-off-by: dependabot[bot] <support@github.com>
2020-08-05 15:23:03 +00:00
Georg Gadinger 75fa27a165
Merge pull request #143 from Retrospring/waspflakes
Cornflakes!
2020-07-04 20:54:31 +02:00
Georg Gadinger efec568d43 Use timestamp-based IDs
This change introduces timestamp-based (Snowflake/Cornflake/Waspflake)
identifier.
2020-07-04 20:46:50 +02:00
Georg Gadinger d627c4c261 Update rack 2020-07-04 20:36:53 +02:00
Georg Gadinger 74c4a349d6
Merge pull request #142 from Retrospring/dependabot/bundler/sanitize-5.2.1
Bump sanitize from 5.1.0 to 5.2.1
2020-06-17 07:13:05 +02:00
dependabot[bot] b4868af61b
Bump sanitize from 5.1.0 to 5.2.1
Bumps [sanitize](https://github.com/rgrove/sanitize) from 5.1.0 to 5.2.1.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v5.1.0...v5.2.1)

Signed-off-by: dependabot[bot] <support@github.com>
2020-06-16 22:30:45 +00:00
Georg Gadinger 5ae5ed6c8d
Merge pull request #138 from Retrospring/fix-hcaptcha
Use own hCaptcha fork to fix signups
2020-06-06 11:35:52 +02:00