Sam
ff49f72ad9
FEATURE: per client user tokens
...
Revamped system for managing authentication tokens.
- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes
New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.
Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Neil Lalonde
c4e10f2a9d
FEATURE: redesign the change password page to use javascript and validations
2017-02-03 16:09:24 -05:00
Guo Xiang Tan
43671b1fda
UX: Display group fullname in mention autocomplete.
2017-01-04 11:40:14 +08:00
Sam
e0ff57ca75
SECURITY: prevent reuse of password reset
2016-12-19 18:00:22 +11:00
Sam
c04d4171ff
FIX: whisper no longer experimental
...
- Regular users are not notified of whispers
- Regular users no longer have "stuck" topics in unread
- Additional tracking for staff highest post number
- Remove a bunch of unused columns in topics table
2016-12-02 17:03:31 +11:00
Guo Xiang Tan
f824afb4d3
FEATURE: Allow date_of_field column to be updated.
2016-11-17 15:16:58 +08:00
cpradio
c3d4c949f1
Add comments to relevant sections denoting "create new topic" scenario is not supported for cannot-see-mention (per @coding-horror instruction)
2016-11-16 06:26:36 -05:00
cpradio
824c235760
FEATURE: Notify user when mention can't see the reply they were mentioned in
...
FIX: Group Mention Notifications
2016-11-14 22:03:16 -05:00
Robin Ward
c03d25f170
FEATURE: Configure Admin Account
...
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.
Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Robin Ward
f62d01ff1b
FIX: Clear the session after a reset token was used
2016-09-30 12:20:23 -04:00
Guo Xiang Tan
4e663998af
PERF: N+1 query on user summary page.
2016-09-23 12:44:08 +08:00
Sam
afaba56de3
FEATURE: missing API endpoint for topic tracking states
2016-08-12 17:10:35 +10:00
Robin Ward
429f27ec96
SECURITY: Avoid mass assignment on user create
2016-08-05 11:57:13 -04:00
Sam
4161ee210a
FEATURE: improved tag and category watching and tracking
...
- present tags watched on the user prefs page
- automatically watch or unwatch old topics based on watch status
New watching and tracking logic takes care of handling old topics
(either with or without read state)
When you watch a topic you now watch historically
Also removes confusing warnings from user.
2016-07-08 12:58:30 +10:00
Sam
1411eedad3
FEATURE: offer to unwatch categories when unwatching category
2016-06-28 18:34:20 +10:00
Régis Hanol
5bfc9cf69e
Allow API to create staged users
2016-06-23 12:27:05 +02:00
Arpit Jalan
f387dfe226
FIX: mixed case group mentions were not getting highligted in composer
2016-05-22 18:32:49 +05:30
Robin Ward
89e506551a
Add body class to account-created
route
2016-05-05 14:37:09 -04:00
Sam
a130cb8305
FEATURE: move more urgent emails notifications to critical queue
...
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Aryan Raj
c3507a3242
Fix: Added underscore to my_redirect regex
2016-03-20 13:00:56 +05:30
Robin Ward
5771d2aee2
SECURITY: Support for confirm old as well as new email accounts
2016-03-08 14:52:22 -05:00
Robin Ward
d62689fa76
Move updating a user's email to its own controller
2016-03-08 14:52:22 -05:00
Régis Hanol
1135d2094a
Merge pull request #4006 from scossar/set-locale-from-header
...
Feature: (WIP) Set locale from Accept-Language header
2016-03-04 09:12:30 +01:00
Arpit Jalan
36f82aa68c
FEATURE: enforce admin password validation when signing up via developer email
2016-03-04 00:28:47 +05:30
scossar
0a396583ed
set locale for anonymous from header
...
set locale on signup
update spec
add locale option
2016-02-26 13:45:00 -08:00
Arpit Jalan
0064927077
FIX: do not allow new email to be duplicate
...
FIX: return proper error message when email already exists
2016-01-23 13:42:53 +05:30
Sam Saffron
7303f8f309
FEATURE: first pass at user summary page
2016-01-20 15:14:25 +11:00
Arpit Jalan
380764dc92
FIX: validate email when changing via user preferences page
2016-01-16 10:50:49 +05:30
Neil Lalonde
c7df6783a9
FIX: only invalidate password reset links using javascript
2016-01-04 11:48:54 -05:00
Sam
a8b5192efd
FEATURE: User page refactor
...
Re-organise user page so it is easier to find interesting info
split it into tabs
- Introduce notifications and messages tabs
- Stop couting stuff for the user page to speed up rendering
- Suppress more information when viewing your own profile
2015-12-20 16:45:49 +11:00
Sam
7917316f6f
FEATURE: display warning on top of composer for group mentions
...
If users attempt to mention a group that is "mentionable" display a warning
informing them that people will be notified.
2015-12-04 13:41:07 +11:00
Sam
9899e8d4a5
FEATURE: First class messages to groups, you can select a group as a target of a message
2015-12-02 15:49:43 +11:00
Sam
f6390c8ad6
correct bad merge
2015-11-30 17:12:51 +11:00
Sam
ad3dd161e7
FEATURE: first class group mentions built in
...
If you allow a group to be mentioned it can be mentioned with the @ symbol.
Keep in mind as a safety mechanism max_users_notified_per_group_mention is set to 100
2015-11-30 17:08:43 +11:00
Régis Hanol
16b3d26d7b
allow staff members to view staged accounts user card/profile
2015-11-27 20:02:24 +01:00
Régis Hanol
76692235ae
FIX: don't ever fetch staged accounts in unseen mentions
2015-11-27 18:16:50 +01:00
Régis Hanol
43614439e6
FEATURE: can take over a staged account
2015-11-13 19:07:28 +01:00
Régis Hanol
16f509afb9
FIX: enforce 'allow_uploaded_avatars' & 'sso_overrides_avatar' server-side
2015-11-12 10:26:45 +01:00
Régis Hanol
bb79e6aff7
FEATURE: new hide_user_profiles_from_public site setting
2015-10-28 19:56:08 +01:00
Robin Ward
46ca66771b
FIX: Better error message for resending activation. Don't limit staff.
2015-10-27 16:25:30 -04:00
Robin Ward
a527c58c7d
UX: Show a nicer "Log In" screen if the user follows /my/preferences
2015-10-14 13:39:31 -04:00
Robin Ward
d66a545dd2
FIX: /my/preferences
should prompt users to log in
2015-10-14 12:40:13 -04:00
Régis Hanol
36309e50cc
Merge pull request #3767 from tgxworld/track_user_profile_views
...
Track user profile views
2015-09-23 11:38:18 +02:00
Régis Hanol
07e7b07b63
FIX: refreshing gravatar wasn't working
2015-09-17 19:42:44 +02:00
Guo Xiang Tan
7acc93b2a0
FEATURE: Track user profile views.
2015-09-16 14:48:31 +08:00
Régis Hanol
18d7c1c75d
fix the build - take 2
2015-09-11 15:47:48 +02:00
Régis Hanol
93f9dcfcec
FIX: don't overwrite custom uploaded avatar when selecting gravatar
...
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
Sam
6437cd0341
FEATURE: add support for generic external avatar services
...
This changes it so we only ship an avatar template down to the client
it has no magic, all it knows is how to plug in size
2015-09-11 15:10:56 +02:00
Régis Hanol
2742602254
FEATURE: support for external letter avatars service
2015-09-11 02:12:40 +02:00
Robin Ward
32e2d7963a
FEATURE: Show FAQ at top of the hamburger until the user reads it
2015-09-04 16:56:02 -04:00