Commit Graph

12 Commits

Author SHA1 Message Date
David Taylor
9cfe3f9948 SECURITY: Add confirmation screen when connecting associated accounts 2019-07-24 13:29:59 +01:00
David Taylor
5e61893cb2 FIX: Display generic descriptor for associated account with no info 2019-06-03 12:14:02 +01:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
David Taylor
fc0cf3ecd1
FEATURE: Fetch email from auth provider if current user email is invalid (#7163)
If the existing email address for a user ends in `.invalid`, we should take the email address from an authentication payload, and replace the invalid address. This typically happens when we import users from a system without email addresses.

This commit also adds some extensibility so that plugin authenticators can define `always_update_user_email?`
2019-03-14 11:33:30 +00:00
David Taylor
fc7938f7e0
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120)
https://meta.discourse.org/t/future-social-authentication-improvements/94691/3
2019-03-07 11:31:04 +00:00
David Taylor
b907924c93 FIX: ManagedAuthenticator should automatically update last_used time 2019-02-27 15:29:26 +00:00
David Taylor
9db829134c
FIX: Use database to persist metadata during social registration (#6750)
Previously was using the cookie_store, which is limited to 4kb. This caused issues for providers sending large volumes of metadata about a user.
2018-12-10 15:10:06 +00:00
David Taylor
86f8734bc0 FIX: Prioritize explicit 'connect' over matching by email
This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
2018-12-07 15:05:51 +00:00
David Taylor
3cad3f9df1 DEV: Add profile fetching support to ManagedAuthenticator 2018-12-07 15:05:51 +00:00
David Taylor
e117deb2ba FIX: Improve avatar loading, and add tests
Follow-up from 4e2cc9c
2018-12-04 15:09:32 +00:00
David Taylor
4e2cc9caf0 FIX: Use safe navigation operator when looking for avatar URL 2018-12-03 17:28:21 +00:00
David Taylor
534e1b1b18 DEV: Introduce Auth::ManagedAuthenticator
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
2018-11-30 11:18:11 +00:00