Neil Lalonde
6fe364e7ae
SECURITY: rate limit change email requests
2014-09-18 10:49:43 -04:00
Robin Ward
e4287d9de9
FIX: Resend activation email was busted
2014-09-16 10:24:02 -04:00
riking
3d3313d5ee
SECURITY: Limit passwords to 200 characters
...
Prevents layer 8 attack.
2014-09-12 12:21:06 -04:00
Robin Ward
ed125975a1
SECURITY: Prefix session key and validate token format.
2014-08-25 15:31:49 -04:00
Arpit Jalan
4cd8abc905
FEATURE: dynamically load invites
2014-08-05 22:20:23 +05:30
Neil Lalonde
939e8505a9
Remove hub username integration
2014-07-16 12:25:24 -04:00
Neil Lalonde
01a68f8cc7
Emails are case insensitive
2014-07-16 10:22:01 -04:00
Robin Ward
4f416bf6ce
Check honeypot/challenge value on activation too
2014-07-15 14:07:35 -04:00
riking
915f60b0fc
Don't redirect to login when activating account...
2014-07-15 10:50:28 -07:00
Neil Lalonde
766196af87
FEATURE: add site setting allow_new_registrations which can be used to block all new account registrations
2014-07-14 15:42:22 -04:00
Robin Ward
cce7cf8c85
FEATURE: Require Javascript to activate an account via email link
2014-07-14 12:26:10 -04:00
Sam
4a2cc269ab
FIX: allow selection of no title
2014-07-14 18:07:07 +10:00
Sam
833c50c460
FEATURE: Read Faq badge
2014-07-11 17:32:29 +10:00
Sam
9a9ad9bda8
FEATURE: Badge progress
...
- Refactor model so it stores backfill query
- Implement autobiographer
- Remove sample badge
- Correct featured badges to only include a badge once
2014-07-03 17:29:44 +10:00
Sam
5a0aed2bfa
FIX: regression, forgot password broken
...
also... mocks were invented by the devil
2014-07-02 13:06:55 +10:00
Robin Ward
9000c358d1
REFACTOR: Use common path for RESTful DELETE
action from upload image
...
component
2014-06-30 14:13:59 -04:00
Robin Ward
4088fba4f2
REFACTOR: Convert profile background uploader to be an ember component
2014-06-30 14:13:59 -04:00
Andrew Bezzub
386d1e231a
move profile_background from User to UserProfile
2014-06-26 12:30:07 -04:00
riking
6e698315d6
Allow all /my URLs
...
Previously, URLs like /my/activity/posts were denied. This change allows those URLs.
2014-06-14 10:58:20 -07:00
Sam
91b6459f2b
BUGFIX: allow users to pick no avatar
2014-05-30 14:45:55 +10:00
Sam
5adc486cef
BUGFIX: missing avatars in topic map
...
Cleanup uneeded column
2014-05-29 14:59:14 +10:00
Sam
504cfcff96
Fix specs for avatars
...
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam
6c1c8be794
Work in progress, keeping avatars locally
...
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)
user can then pick which they want.
2014-05-27 10:08:03 +10:00
Neil Lalonde
6e0eb89697
Don't show suspended users in autocomplete fields unless you are staff
2014-05-13 11:44:15 -04:00
Louis Rose
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Neil Lalonde
f61f29439e
Track the ip address where user was registered
2014-04-29 14:37:56 -04:00
Vikhyat Korrapati
b4e037dfb2
Allow badges to be marked as "titleable".
2014-04-28 10:30:38 +05:30
Régis Hanol
64b8f2f759
TRIVIAL: remove puts statement (cc. @eviltrout)
2014-04-21 23:00:13 +02:00
Robin Ward
b9ca124756
Support for /my/preferences to automatically redirect to the logged in
...
user.
2014-04-21 11:52:11 -04:00
Vikhyat Korrapati
8113e8d897
Basic UI for selecting gold/silver badges as titles.
2014-04-18 09:20:51 +05:30
Régis Hanol
2505d18aa9
FEATURE: support email attachments
2014-04-14 22:55:57 +02:00
Sam
be06156629
SECURITY: when enabled_local_logins is false users could log in via API
...
thanks @Nicholas Blanco
2014-03-26 15:39:44 +11:00
Robin Ward
539890afdf
Let's not show tons of extra information about invites unless you're the
...
person who invited them.
2014-03-21 14:16:11 -04:00
Sam
619fa50d4b
BUGFIX: twitter auth asking for a password
2014-03-20 14:49:25 +11:00
Neil Lalonde
9ca516e58d
Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.)
2014-03-12 12:39:36 -04:00
Johan Jatko
98c479c3c4
FEATURE: Profile Backgrounds
...
Shares a modified codebase with avatars called "user_image"
2014-03-05 15:10:44 +01:00
Neil Lalonde
8711762143
Users who have made no more than one post can delete their own accounts from their user preferences page.
2014-02-13 13:52:06 -05:00
Leonard Teo
c13aa8852b
Whitelist :active param so that we can automatically create users that are active via API
2014-02-04 15:40:30 -05:00
Neil Lalonde
da825451d0
Invite link can't be used to log in after you set a password or sign in with 3rd party
2014-01-21 16:56:41 -05:00
Benjamin Kampmann
c743a985a4
Allow groups to be used as aliases for user mention
...
when configured by the admin a group can be found through the @mentions
feature in both the compose/reply and the private message user-selectors
and once selected the mention will be replaced by the list of users in
the group
2014-01-08 02:36:24 +11:00
Neil Lalonde
854d9c8fc6
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length.
2013-12-19 16:15:47 -05:00
Sam
05a3c8090f
Merge pull request #1658 from salbertson/sa-refactor-users-controller-create
...
Refactor UsersController#create
2013-12-12 22:16:50 -08:00
Neil Lalonde
561961eff6
FIX: can grant titles to regular users. Guardian initializer needs current_user, not the target user.
2013-12-10 12:46:35 -05:00
Scott Albertson
51eff92170
Refactor UsersController#create
...
* Simplify controller action
* Extract service classes
2013-12-05 10:11:16 -08:00
Neil Lalonde
981d8f6aea
Signup form: prefill username if Discourse Hub has a match for the email address. Also, fix some bad specs in username_checker_service_spec that were passing...
2013-11-19 14:15:28 -05:00
Robin Ward
32a3da86da
Merge pull request #1640 from salbertson/sa-refactor-users-controller-invites
...
Refactor UsersController#invited
2013-11-12 08:18:52 -08:00
Scott Albertson
77b59b54ce
Refactor UsersController#invited
...
* Add test coverage
* Simplify controller action
* Move finder code to Invite class
2013-11-11 13:23:49 -08:00
railsaholic
58f78e9001
Refactor Users#upload_avatar method
...
Moved avatar file upload to ```AvatarUploadService``` class and
```AvatarUploadPolicy```
Address review comments + require missing file in spec
2013-11-11 23:21:14 +05:30
Sam
3473734af0
FIX: bust broken password
2013-11-11 22:28:26 +11:00
sirMackk
af67284995
User ctrl refactor - breaks up large methods, moves some logic into model
...
Includes missing methods from backup for travis to pass
fix missing code, failing specs
keep params handling in the controller.
2013-11-09 18:44:13 +05:30