| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-06-08 | Merge branch 'password-min-length-placeholder' into 'master' | Robert Speicher | |
| Added minimum password length to password field Add a placeholder to the password field in the register form with the minimum number of characters required. Also added a pattern to the field to stop it submitting if less than that. Closes #17765 See merge request !4458 | |||
| 2016-06-06 | Add a U2F-specific audit log entry after logging in. | Timothy Andrew | |
| - "two-factor" for OTP-based 2FA - "two-factor-via-u2f-device" for U2F-based 2FA - "standard" for non-2FA login | |||
| 2016-06-06 | Implement authentication (login) using a U2F device. | Timothy Andrew | |
| - Move the `authenticate_with_two_factor` method from `ApplicationController` to the `AuthenticatesWithTwoFactor` module, where it should be. | |||
| 2016-06-03 | Added minimum password length to password field | Phil Hughes | |
| Closes #17765 | |||
| 2016-05-31 | Pass the "Remember me" value to the 2FA token form | Robert Speicher | |
| Prior, if a user had 2FA enabled and checked the "Remember me" field, the setting was ignored because the OTP input was on a new form and the value was never passed. Closes #18000 | |||
| 2016-04-07 | Fix 2FA authentication spoofing vulnerability | Grzegorz Bizon | |
| This commit attempts to change default user search scope if otp_user_id session variable has been set. If it is present, it means that user has 2FA enabled, and has already been verified with login and password. In this case we should look for user with otp_user_id first, before picking it up by login. | |||
| 2016-03-05 | Allow the initial admin to set a password | Robert Speicher | |
| Closes #1980 | |||
| 2016-01-24 | Skip the 2FA requirement during logout | Robert Speicher | |
| 2015-12-28 | reCAPTCHA is configurable through Admin Settings, no reload needed. | Gabriel Mazetto | |
| 2015-12-27 | Add support for Google reCAPTCHA in user registration to prevent spammers | Stan Hu | |
| 2015-09-20 | Bump devise-two-factor to 2.0.0 | Robert Speicher | |
| Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2605 See https://github.com/tinfoil/devise-two-factor/pull/43 | |||
| 2015-09-02 | Crowd integration | Valery Sizov | |
| 2015-08-12 | Fix redirection after sign in when using auto_sign_in_with_provider | Alex Lossent | |
| Logic for redirect path moved to a filter. | |||
| 2015-07-23 | Allow custom label to be set for authentication providers. | Douwe Maan | |
| 2015-07-06 | Audit log for user authentication | Valery Sizov | |
| 2015-06-19 | Use User#two_factor_enabled instead of otp_required_for_login | Robert Speicher | |
| 2015-05-29 | Add an option to automatically sign-in with an Omniauth provider without ↵ | Alex Lossent | |
| showing the GitLab sign-in page This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for all user authentication. | |||
| 2015-05-14 | Refactor SessionsController to use a controller concern | Robert Speicher | |
| 2015-05-10 | Prevent "You are already signed in." error message upon 2FA login | Robert Speicher | |
| 2015-05-10 | Move "invalid 2FA code" error message to the flash | Robert Speicher | |
| This makes it consistent with the Invalid email/password error message from the previous step. | |||
| 2015-05-10 | Refactor SessionsController | Robert Speicher | |
| Also adds test case for providing an invalid 2FA code and then a valid one without re-entering username and password. | |||
| 2015-05-10 | Make two-factor login work and add a feature spec | Robert Speicher | |
| 2015-05-10 | Don't use hard-coded sign_in path | Robert Speicher | |
| 2015-05-10 | prepend_before_filter -> prepend_before_action | Robert Speicher | |
| 2015-05-10 | Add support for backup codes | Dmitriy Zaporozhets | |
| 2015-05-10 | Turn 2-factor authentication into 2 steps process. Disabled 2fa UI for ldap ↵ | Dmitriy Zaporozhets | |
| users since it is not supported | |||
| 2015-04-08 | Upon successful login, clear `reset_password_token` field | Robert Speicher | |
| Closes #1942 | |||
| 2015-01-08 | Improve application settings and write tests | Dmitriy Zaporozhets | |
| 2014-10-14 | Use Hash syntax for LDAP server declaration | Jan-Willem van der Meer | |
| 2014-10-13 | Add refactoring for multiple LDAP server support | Jan-Willem van der Meer | |
| These changes are ported from EE to CE. Apply changes for app directory | |||
| 2014-07-28 | Only redirect to referrer from public GitLab pages | Jacob Vosmaer | |
| 2014-07-22 | Call store_location_for once. | Marin Jankovski | |
| 2014-07-21 | If the referer is not set, use fullpath. | Marin Jankovski | |
| 2014-07-11 | Use devise stored_location to redirect after signing for both public and ↵ | Marin Jankovski | |
| private pages. | |||
Welcome to mirror list, hosted at ThFree Co, Russian Federation.
 |
index : gitlab.com/gitlab-org/gitlab-foss.git | |
| Unnamed repository; edit this file 'description' to name the repository. | root |
| summaryrefslogtreecommitdiff |