discourse/lib/auth
Sam 6ff309aa80 SECURITY: don't grant same privileges to user_api and api access
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
..
authenticator.rb Typo fix 2013-09-24 18:47:57 +05:30
current_user_provider.rb SECURITY: don't grant same privileges to user_api and api access 2016-12-16 12:05:43 +11:00
default_current_user_provider.rb SECURITY: don't grant same privileges to user_api and api access 2016-12-16 12:05:43 +11:00
facebook_authenticator.rb FIX: download avatar from facebook/twitter in a job in order to prevent hangs when avatars are huge 2016-10-24 17:15:13 +02:00
github_authenticator.rb Add support for email whitelist/blacklist to GitHub auth 2016-09-22 11:31:10 -07:00
google_oauth2_authenticator.rb FIX: protect against future regressions of google omniauth 2016-11-07 12:48:00 +11:00
instagram_authenticator.rb Update instagram_authenticator.rb 2016-02-26 11:37:48 +10:00
oauth2_authenticator.rb Perform the where(...).first to find_by(...) refactoring. 2014-05-06 14:41:59 +01:00
open_id_authenticator.rb FEATURE: raise an exception when the email is missing in the OpenId callback 2014-08-07 19:28:50 +02:00
result.rb Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
twitter_authenticator.rb FIX: download avatar from facebook/twitter in a job in order to prevent hangs when avatars are huge 2016-10-24 17:15:13 +02:00