Commit Graph

112 Commits

Author SHA1 Message Date
Dan Singerman
7056db26e6 Respect cookie[:destination_url] in Single Sign On
When the login_required setting is true, the destination URL is dropped. This change means it will be
respected at login time
2015-08-11 16:31:28 +01:00
Sam
fc2a08731a FIX: sso_not_approved_url not working correctly 2015-05-30 13:19:07 +10:00
Sam
02fa7448ca FEATURE: custom url to redirect to on account pending approval for sso 2015-05-27 14:06:45 +10:00
Sam
918034aa7b remove less useful error reporting 2015-05-27 11:17:28 +10:00
Sam
e5888cf090 PERF: avoid preloading json in cases where it is not needed
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Sam
14ab9c45b6 Merge pull request #3470 from ahuling13/expired-nonce-return-status
In the case of an expired nonce, return a 400 status code instead of 500
2015-05-20 12:08:17 +10:00
Andrew Huling
e44ddff9bb Change the expired nonce return status code from 400 to 419. 2015-05-19 13:13:14 -04:00
Paul Kaplan
b8a43e153c Use session controller to prevent inactive SSO users 2015-05-15 12:15:06 -05:00
Andrew Huling
e1d2ecef10 In the case of an expired nonce, return a 400 status code instead of a 500.
500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.
2015-05-14 16:03:02 -04:00
Harm Geerts
d9a3e82516 Stop sso login processing after rendering error
This prevents a DoubleRenderError triggered on the redirect_to.
2015-05-11 14:17:32 +02:00
Sam
f5af4768eb FEATURE: add clean support for running Discourse in a subfolder
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
Neil Lalonde
7c14db44cc UX: improve message when admin login is blocked because of admin ip address whitelisting 2015-03-02 12:13:22 -05:00
Robin Ward
3e2ba5b30b FIX: If an IP is blocked, don't allow people to login using it 2015-02-25 16:02:40 -05:00
Robin Ward
ca5730018a FIX: SSO code should respect IP address filters 2015-02-23 16:01:46 -05:00
riking
5657006aca Rename handle_exception to handle_job_exception 2015-02-09 12:47:46 -08:00
Robin Ward
b3a2c0c45b SECURITY: The SSO return_path was an open redirect
This security fix needs SSO to be configured, and the user has to go
through the entire auth process before being redirected to the wrong host so
it is probably lower priority for most installs.
2015-01-22 12:20:17 -05:00
Robin Ward
9bb2ab6265 Merge pull request #3034 from fantasticfears/filter_system_user
disable sending email or show presence when forgot system user password
2014-12-19 16:52:01 -05:00
Erick Guan
ceca85c9eb use system user helper and constant when it's referred 2014-12-18 18:21:14 +08:00
Erick Guan
9937af7ac4 disable sending email or show presence when forgot system user password 2014-12-10 14:17:56 +08:00
Sam
800ae5265f Add admin and moderator state to sso provider 2014-11-27 12:24:37 +11:00
Sam
c10e3df012 FEATURE: implement SSO provider on Discourse so Auth can be farmed to it
FEATURE: pass return_sso_url to SSO endpoints, for easier return
2014-11-26 17:26:27 +11:00
Sam
9e1e3df6c9 FEATURE: Localize SSO error messages 2014-11-24 12:16:23 +11:00
Sam
d3b24b625b Add more SSO logging for failure conditions 2014-11-24 10:02:22 +11:00
Robin Ward
1252e7324f Added easy impersonate route while in development mode 2014-10-07 12:25:50 -04:00
Sam
d53e01619f SECURITY: rate limit user/password login 2014-09-25 10:06:44 +10:00
riking
2c6d03f87f SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Sam
45e8337a29 FEATURE: renames forgot_password_verbose, forgot_password_strict 2014-09-11 15:53:29 +10:00
Sam
61bcde6284 FEATURE: inform users if forgot password works or not
FIX: flash dialog in forgot password often had wrong color

(this can be disabled by setting forgot_password_verbose to false)
2014-09-11 12:04:44 +10:00
Neil Lalonde
ca5f361d0a FEATURE: restrict admin access based on IP address 2014-09-05 12:06:01 -04:00
Sam
e0a82d3088 FIX: rate limit password reset email 2014-08-18 10:55:30 +10:00
Neil Lalonde
1da59e7e2e FIX: deactivated users shouldn't be able to log in 2014-04-28 13:46:28 -04:00
Sam
be06156629 SECURITY: when enabled_local_logins is false users could log in via API
thanks @Nicholas Blanco
2014-03-26 15:39:44 +11:00
Sam
74a1145a0b BUGFIX: sso to respect must_approve_users 2014-02-26 10:27:39 +11:00
Sam
440435f023 FEATURE: SSO to handle return_path automatically 2014-02-26 09:58:30 +11:00
Sam
6f31d3f0e5 FEATURE: single sign on support
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00
Robin Ward
1dac3cfd64 API endpoint for retrieving the current user 2014-02-05 13:46:24 -05:00
Neil Lalonde
da825451d0 Invite link can't be used to log in after you set a password or sign in with 3rd party 2014-01-21 16:56:41 -05:00
Sam
79087f4e6f fix exception in logs 2013-11-28 12:39:59 +11:00
railsaholic
34bba737ff Refactor SessionController#create, reduce complexity.
Don't compromise readablity
2013-11-15 22:09:03 +05:30
Neil Lalonde
0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde
92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Manoj
96ae3cdacc Utilize already existing method 'find_by_username_or_email'
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Sam
7993845bfa add current_user_provider so people can override current_user bevior cleanly, see
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Sam
c4a0152dc6 recover from bad CSRF tokens without requiring a hard refresh of the browser 2013-08-27 15:56:12 +10:00
Neil Lalonde
c74da0d262 Admins who haven't been approved can log in when must_approve_users is enabled 2013-08-06 16:51:29 -04:00
Sam
aa6c92922d SECURITY: correct our CSRF implementation to be much more aggressive 2013-07-29 15:13:13 +10:00
Michael Campagnaro
25f8692a79 Strip leading/trailing spaces from login 2013-07-23 23:03:38 -04:00
Neil Lalonde
c1a39b5a30 Show date with year in message to banned users who try to log in 2013-06-30 12:49:34 -04:00
Neil Lalonde
5d6ad8f39c Show a useful message when a banned user tries to log in 2013-06-27 15:14:42 -04:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
2dfba8d6de we need to be able to do username checks for registration to work 2013-06-05 12:50:42 +10:00
Chris Hunt
92a4828f72 Redirect all controllers to login if required
We want to skip the filter for sessions controller so that we can login
and we want to skip the filter for static pages because those should be
visible to visitors.
2013-06-04 16:10:10 -07:00
Sam
42494b5bb1 we can't trust CSRF for anon the way it is designed.
The page they have loaded may be cached we need a different way of delivering the CSRF potentially
2013-05-03 16:43:11 +10:00
Neil Lalonde
cbe0168922 Fix a problem where you might see missing {{sentTo}} value after a failed login 2013-04-18 16:44:56 -04:00
Régis Hanol
b24c1a1ad9 better consistency around email case sensitivity 2013-04-15 02:20:33 +02:00
Sarah Vessels
54c7b1ab63 Use consistent new-style hashes in render calls *twitch* 2013-03-22 14:08:11 -04:00
Neil Lalonde
213d3e5c10 Remove unused code and routes that don't exist in session_controller 2013-03-13 15:21:45 -04:00
Régis Hanol
239cbd2d58 enforce coding convention
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Neil Lalonde
ff3e012034 Add a link that allows you to send activation email again 2013-02-22 11:49:58 -05:00
Neil Lalonde
c18b85873f Prevent login until email is confirmed 2013-02-11 11:18:37 -05:00
Jakub Arnold
61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00