github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 12:28:59 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
c9cb6920dc
discourse/app/services
History
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP 
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
..
spam_rule Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
anonymous_shadow_creator.rb anonymous shadow users are approved on creation if must_approve_users is enabled (#5569) 2018-02-13 01:58:38 -05:00
badge_granter.rb Set user title from the badge view (#5049) 2017-08-17 16:32:37 -04:00
color_scheme_revisor.rb Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
group_action_logger.rb FEATURE: Add group settngs to allow users to leave a group freely. 2017-07-28 15:00:25 +09:00
group_mentions_updater.rb FIX: Skip validations when updating group mentions. 2017-04-04 14:13:18 +08:00
group_message.rb Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
handle_chunk_upload.rb Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
notification_emailer.rb rename 'private_email_time_window_seconds' to 'personal_email_time_window_seconds' 2018-02-01 13:25:29 +05:30
post_action_notifier.rb FIX: don't create new like notifications for deleted topics 2018-01-17 14:36:32 -05:00
post_alerter.rb PERF: reduce memory usage for post alerter 2018-01-22 17:11:52 +11:00
post_owner_changer.rb Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
random_topic_selector.rb FIX: invalid cache for parent category with limit_suggested_to_category 2018-01-15 16:13:29 +11:00
search_indexer.rb FEATURE: search within title using in:title 2018-02-20 14:41:21 +11:00
spam_rules_enforcer.rb Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
staff_action_logger.rb FEATURE: Implement 2factor login TOTP 2018-02-21 09:04:07 +08:00
topic_status_updater.rb Add a DiscourseEvent for when a topic is closed 2017-09-27 14:00:53 -04:00
topic_timestamp_changer.rb FIX: TopicTimestampChanger should not allow timestamps in the future. 2017-05-22 16:03:49 +08:00
tracked_topics_updater.rb Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
trust_level_granter.rb REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
user_action_creator.rb FIX: topic counts after converting topic to/from public and private 2017-11-09 15:33:44 -05:00
user_activator.rb FEATURE: forgot_password_strict setting also prevents reporting that an email address is taken during signup 2017-10-03 15:28:30 -04:00
user_anonymizer.rb Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
user_authenticator.rb SECURITY: signup without verified email using Google auth 2017-10-16 13:51:41 -04:00
user_destroyer.rb FIX: delete staged users when the incoming email is rejected 2017-10-11 16:17:01 +02:00
user_silencer.rb FIX: Include post in staff action logs when silencing a user 2018-02-13 15:59:10 -05:00
user_updater.rb FEATURE: Allow the user to select a custom home page (#5268) 2017-11-10 06:45:19 +11:00
username_changer.rb Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
username_checker_service.rb FIX: wasn't able to use the same username when taking over a staged account 2017-12-12 11:26:00 +01:00
word_watcher.rb FIX: Missing word boundaries when non-regexp 2017-11-17 14:37:31 -05:00