Commit Graph

424 Commits

Author SHA1 Message Date
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Sam
80ec6ce4fd bump onebox 2018-02-21 10:06:17 +11:00
Arpit Jalan
9bb7c3dcf0 bump onebox version 2018-02-16 21:32:25 +05:30
Sam
e456ae1b6c Revert "Upgrade mail gem to drop dependency on mime-types."
This reverts commit 498cc15aa9.

Noticed a certain amount of extra allocations due to this upgrade,
reverting to confirm if this is the case
2018-02-16 07:04:22 +11:00
Guo Xiang Tan
498cc15aa9 Upgrade mail gem to drop dependency on mime-types.
Boot Memory Usage

```
Total allocated: 225695379 bytes (1990663 objects)
Total retained:  32795116 bytes (291607 objects)
```

```
Total allocated: 218342892 bytes (1897350 objects)
Total retained:  30123426 bytes (261198 objects)
```
2018-02-15 16:24:26 +08:00
Sam
94b2c70c0d PERF: remove oga gem
oga gem is automatically required by the aws gem
the oga gem retains about 1mb of memory, aws now uses nokogiri

This also removes the html normalize from the pretty text specs that was
a fair bit buggy as the polls test shows.
2018-02-15 14:36:40 +11:00
Rafael dos Santos Silva
c3606fdef6 Update onebox 2018-02-14 17:43:13 -02:00
Régis Hanol
508a8e29ab update email_reply_trimmer to latest version 2018-02-06 01:04:45 +01:00
Ori Pekelman
b2b85dc694 Lock down gem versions so bundle update can be run (#5531) 2018-01-29 18:13:39 +11:00
Gerhard Schlager
5d7a33cd6d Update email_reply_trimmer to improve performance 2018-01-17 12:04:56 +01:00
Arpit Jalan
a0f0ed576a bump onebox version 2018-01-11 23:15:25 +05:30
Arpit Jalan
afb18a5c41 bump onebox version 2018-01-11 14:30:35 +05:30
Régis Hanol
e3f8182125 FIX: Google Calendar oneboxes weren't working 2018-01-07 19:15:11 +01:00
Jano Suchal
05ec1be101 Drop the fork usage of fastimage (#5461)
Fork is not needed anymore since fastimage 2.1.1 has been released with the needed PR merged in.
2018-01-04 09:53:53 +01:00
Sam
030a0cd698 bump onebox for vimeo private link support 2017-12-29 09:38:25 +11:00
Arpit Jalan
b74e933cfb bump onebox version 2017-12-23 01:17:30 +05:30
Arpit Jalan
16076f9ab8 bump onebox version 2017-12-21 14:49:59 +05:30
Arpit Jalan
f9990eeb13 bump onebox version 2017-12-07 12:05:19 +05:30
Kyle Zhao
5f318a5241 FEATURE: Replace SimpleRSS with Ruby RSS module (#5311)
* SPEC: PollFeedJob parsing atom feed

* add FeedItemAccessor

It is to provide a consistent interface to access a feed item's tag
content.

* add FeedElementInstaller

to install non-standard and non-namespaced feed elements

* FEATURE: replace SimpleRSS with Ruby RSS module

* get FinalDestination and download with Excon

* support namespaced element with FeedElementInstaller
2017-12-06 10:45:09 +11:00
Arpit Jalan
7bbf137238 bump onebox version 2017-12-05 07:28:45 +05:30
Guo Xiang Tan
8491c5fba5 UX: Replace heuristic solution for extracting root domain. 2017-11-29 16:26:46 +08:00
Arpit Jalan
64cdb4f7e8 bump onebox version 2017-11-27 12:21:47 +05:30
Guo Xiang Tan
c8157f6b07 Update seed-fu with PG10 support.
https://meta.discourse.org/t/discourse-appears-to-be-broken-with-postgres-10/71723
2017-11-27 10:26:59 +08:00
Arpit Jalan
abbb2b28eb bump onebox version 2017-11-25 15:53:18 +05:30
Arpit Jalan
961a09ff14 bump onebox version 2017-11-23 17:45:08 +05:30
Arpit Jalan
211dac6f71 bump onebox version 2017-11-22 14:55:47 +05:30
Arpit Jalan
b8c9975429 bump onebox version 2017-11-21 11:10:44 +05:30
Guo Xiang Tan
89d9ffa884 EXPERIMENTAL: Allow logs to be shipped via different methods.
See https://github.com/dwbutler/logstash-logger#uri-configuration for
a list of available methods.
2017-11-15 09:11:33 +08:00
Sam
86e6732f78 FEATURE: update rails multisite
always allow /srv/status through even if host does not match
2017-11-09 15:40:56 +11:00
Sam
fc7dca58fe UX: oneboxes with avatars now display consistently
Onebox avatar size is reduced to 60px

Also fixes regression with some oneboxes not cooking after post
2017-11-08 11:50:01 +11:00
Arpit Jalan
253de41166 bump onebox gem version 2017-11-03 22:38:36 +05:30
Arpit Jalan
91438849d2 bump onebox version 2017-11-02 00:51:21 +05:30
Arpit Jalan
6b5bb9d664 bump onebox gem version 2017-11-01 15:50:23 +05:30
Guo Xiang Tan
d888d3c54c EXPERIMENTAL: Allow Logstash formatter to be enable for lograge logs. 2017-11-01 08:38:06 +08:00
Guo Xiang Tan
58bb3c14f6 Remove gem that is no longer used. 2017-10-31 14:13:54 +08:00
Guo Xiang Tan
d487be759c EXPERIMENTAL: Allow app to Logstash directly. 2017-10-27 22:56:32 +08:00
Guo Xiang Tan
90d6677d97 EXPERIMENTAL: Allow lograge to be selected as the logging library. 2017-10-27 17:54:45 +08:00
Sam
ac01885b60 FEATURE: rake tasks for uploading assets to S3
This opens the door to serving application.js and so on from s3.

Also updates s3 gem for some tagging support
2017-10-03 18:00:53 +11:00
Guo Xiang Tan
898ee93547 Upgrade to Rails 5. 2017-09-25 10:01:22 +08:00
Guo Xiang Tan
d58de2b484 Install Ruby-Prof. 2017-09-25 10:01:22 +08:00
Gerhard Schlager
0960e2dd67 bump onebox version 2017-09-18 14:25:56 +02:00
Gerhard Schlager
619864bc70 update email_reply_trimmer to latest 2017-09-14 17:20:55 +02:00
Guo Xiang Tan
531cbc77c6 Run lint in a parallel job on Travis. 2017-08-18 15:25:59 +09:00
Bianca Nenciu
1c079bec33 Remove Spork dependency. 2017-08-10 22:54:52 +01:00
Régis Hanol
9aa49e922c let's use the latest omniauth-github gem 2017-08-07 10:43:54 +02:00
Régis Hanol
ad20f59897 FIX: couldn't upload SVG with a DOCTYPE 2017-08-07 10:32:35 +02:00
Arpit Jalan
061cc17a65 fix the build 2017-08-03 21:30:05 +05:30
Arpit Jalan
2d909f7894 new phpBB PostgreSQL bulk import script 2017-08-03 21:21:58 +05:30
Guo Xiang Tan
54f09ca59d Install rubocop in development mode. 2017-08-01 10:51:44 +09:00
Erick Guan
f1eccd113c Replace rmmseg gem for cppjieba_rb since better dictionary (#5006)
* Rename locale to ts config in search module to make it clear

* Replace rmmese-cpp for cppjieba_rb
2017-07-31 15:28:48 -04:00