Claire
|
3251b8eead
Fix reviving revoked sessions and invalidating login (#16943)
|
3 years ago |
Claire
|
21fb3f3684
Drop dependency on secure_headers, fix response headers (#15712)
|
3 years ago |
Cecylia Bocovich
|
e79f8dd85c
Onion service related changes to HTTPS handling (#15560)
|
3 years ago |
Eugen Rochko
|
acc1c03861
Fix cookies not having a SameSite attribute (#15098)
|
4 years ago |
Mathieu Brunot
|
bd8dc9bd0c
:sparkles: Add an LDAP Mail attribute config (#12053)
|
5 years ago |
Mathieu Brunot
|
d70268f099
:sparkles: Convert LDAP username (#12461)
|
5 years ago |
Eugen Rochko
|
a1f04c1e34
Fix authentication before 2FA challenge (#11943)
|
5 years ago |
Eugen Rochko
|
c707ef49d9
Fix 2FA challenge and password challenge for non-database users (#11831)
|
5 years ago |
Moritz Heiber
|
ecf40d09ed
Disable Same-Site cookie implementation to fix SSO issues on WebKit browsers (#9819)
|
5 years ago |
Sorin Davidoi
|
6f3d934bc1
feat(cookies): Use the same-site attribute to lax (#8626)
|
6 years ago |
Immae
|
b0f4fe456b
Add ldap search filter (#8151)
|
6 years ago |
abcang
|
69bf116345
Add secure option to additional cookie (#8069)
|
6 years ago |
Eugen Rochko
|
ac49c7932d
Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env (#6845)
|
6 years ago |
Alexander
|
33ee347c99
rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) (#6833)
|
6 years ago |
Alexander
|
42fe05dea1
fix logic for pam_controlled_service (#6599)
|
6 years ago |
Eugen Rochko
|
47bdb9b33b
Fix #942: Seamless LDAP login (#6556)
|
6 years ago |
Eugen Rochko
|
38e0133e1b
Make PAM gem optional, allow configuration over environment (#6415)
|
6 years ago |
Alexander
|
04fef7b888
pam authentication (#5303)
|
6 years ago |
Patrick Figel
|
04ecf44c2f
Add confirmation step for email changes (#6071)
|
6 years ago |
Eugen Rochko
|
40be4ea239
Extend Devise remember_me longevity to 1 year instead of 2 weeks (#4587)
|
7 years ago |
Eugen Rochko
|
8d6c3cd48a
Fix sessions being replaced needlessly (#4292)
|
7 years ago |
Eugen Rochko
|
00df69bc89
Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091)
|
7 years ago |
Eugen Rochko
|
f7301bd5b9
Add overview of active sessions (#3929)
|
7 years ago |
Sorin Davidoi
|
2211e8d1cd
Revocable sessions (#3616)
|
7 years ago |
Patrick Figel
|
df4ff9a8e1
Add recovery code support for two-factor auth (#1773)
|
7 years ago |
Yann GUERN
|
a85d4473aa
Avoid user enumeration with devise paranoid mode (#1527)
|
7 years ago |
Eugen Rochko
|
76e970c856
Do not automatically login after password reset, as it would circumvent two-factor auth (if enabled)
|
7 years ago |
Eugen Rochko
|
ba192f12e3
Added optional two-factor authentication
|
7 years ago |
Eugen Rochko
|
116ab27e08
i18n for devise mailer too
|
8 years ago |
Eugen Rochko
|
2c374cd97c
Adding e-mail configuration
|
8 years ago |