Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-02-02 | use Gitlab::UserSettings directly as a singleton instead of ↵ | Mario de la Ossa | |
including/extending it | |||
2018-01-01 | Allow logged in user to change his password | Rubén Dávila | |
Users were unable to change their password through the "Reset password" link that was sent to their email if they were logged in. This is due to a default controller filter from Devise that requires the user to not be logged in in order to use this link. | |||
2017-11-23 | Allow password authentication to be disabled entirely | Markus Koller | |
2017-09-01 | Rollsback changes made to signing_enabled. | Tiago Botelho | |
2017-07-13 | Fixes needed when GitLab sign-in is not enabled | Robin Bobbitt | |
When sign-in is disabled: - skip password expiration checks - prevent password reset requests - don’t show Password tab in User Settings - don’t allow login with username/password for Git over HTTP requests - render 404 on requests to Profiles::PasswordsController | |||
2016-03-05 | Allow the initial admin to set a password | Robert Speicher | |
Closes #1980 | |||
2015-12-10 | Use devise paranoid mode and ensure the same message is returned every time | Drew Blessing | |
Skipped CI because it has already passed. Had to rebase due to CHANGELOG. | |||
2015-10-02 | Refactor PasswordsController to use before_actions | Robert Speicher | |
2015-09-30 | Only allow password reset emails once per minute | Robert Speicher | |
Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2611 | |||
2015-09-30 | Take advantage of `Devise.sign_in_after_reset_password` | Robert Speicher | |
2015-06-19 | Use User#two_factor_enabled instead of otp_required_for_login | Robert Speicher | |
2015-05-16 | Fill in email on the new password form | Vinnie Okada | |
2015-05-16 | Redirect if password reset token is expired | Vinnie Okada | |
Don't display the password editing form if the user's token is expired; redirect to the form that allows users to request a new password reset token. | |||
2015-05-11 | Handle password reset for users with 2FA enabled | Robert Speicher | |
2015-01-24 | Use ruby 1.9 hash syntax | Dmitriy Zaporozhets | |
2014-03-18 | Do not allow password reset for ldap user. | Marin Jankovski | |
2013-06-24 | Move Profile related controllers under Profiles:: module | Dmitriy Zaporozhets | |
2013-06-13 | Prevent infinit password change by settin password_expires_at to nil | Dmitriy Zaporozhets | |
2013-06-13 | Fix password set form and infinite loop | Dmitriy Zaporozhets | |
2013-06-13 | Password expire: implement password resource inside profile. add ↵ | Dmitriy Zaporozhets | |
before_fiter check |