gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2018-03-20	OmniauthInitializer created to improve devise.rb	James Edwards-Jones
	This should simplify refactoring and allow testing
2018-02-28	Moved o_auth/saml/ldap modules under gitlab/auth	Horatiu Eugen Vlad

2018-01-11	Adds Rubocop rule for line break around conditionals	🙈 jacopo beschi 🙉

2017-11-16	Adds Rubocop rule for line break after guard clause	Jacopo
	Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses.
2017-11-07	Change Sign Out route from a DELETE to a GET	Joe Marty
	Closes #39708
2017-10-05	Merge branch 'master' into ↵	Douwe Maan
	digitalmoksha/gitlab-ce-feature/verify_secondary_emails # Conflicts: # app/controllers/admin/users_controller.rb # app/controllers/confirmations_controller.rb # app/controllers/profiles/emails_controller.rb # app/models/user.rb # app/services/emails/base_service.rb # app/services/emails/destroy_service.rb # app/views/devise/mailer/confirmation_instructions.html.haml # lib/api/users.rb # spec/services/emails/destroy_service_spec.rb
2017-10-01	Add `:email_confirmation` to devise `insensitive_keys`	robdel12
	This fixes a bug where the email confirmation input value is case sensative. For example, if the email input is `myemail@example.com` and the email confirmation input is `Myemail@example.com` the form would fail to submit.
2017-09-24	must now set the devise default scope (since we now have an :email scope)	Brett Walker
	and rubocop fixes
2017-07-27	Remove GitLab custom fealure app for devise	Valery Sizov

2017-02-23	Enable Style/SpaceInsideBrackets	Douwe Maan

2017-02-20	Added support for Authentiq Back-Channel Logout	Alexandros Keramidas

2016-11-16	Merge branch 'fix-shibboleth-auth-with-no-uid' into 'master'	Rémy Coutable
	fix shibboleth misconfigurations resulting in authentication bypass This merge request fixes #22267 where a misconfigured Shibboleth `HTTP_UID` or `HTTP_EPPN` could result in users being logged into an account that did not belong to them. See merge request !7428
2016-11-15	fix shibboleth misconfigurations resulting in authentication bypass	Brian Neel

2016-11-12	Centralize LDAP config/filter logic	Drew Blessing
	Centralize all LDAP config logic in `GitLab::LDAP::Config`. Previously, some logic was in the Devise initializer and it was not honoring the `user_filter`. If a user outside the configured `user_filter` signed in, an account would be created but they would then be denied access. Now that logic is centralized, the filter is honored and users outside the filter are never created.
2016-08-05	Update to send changed password notification emails	Tom Bell
	Add the devise initializer config setting to enable the sending of notification emails when a user changes their password.
2016-06-29	Enable Style/SpaceAfterComma Rubocop cop	Grzegorz Bizon

2016-05-13	Codestyle: make sure we have space around operators	Gabriel Mazetto

2016-03-09	Use a custom Devise failure app to handle unauthenticated .zip requests	Robert Speicher
	Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/12944
2015-12-21	Merge branch 'add_email_unlock' into 'master'	Robert Speicher
	Allow account unlock via email We see a lot of users get confused about what it means when your account gets locked. Many try to reset their password and are still faced with a lockout. With this change, users receive an email that allows them to unlock their account immediately. The previous behavior where the account is auto-unlocked after a time also still works. See merge request !2049
2015-12-15	add CAS authentication support	tduehr

2015-12-15	Allow account unlock via email	Drew Blessing

2015-12-10	Use devise paranoid mode and ensure the same message is returned every time	Drew Blessing
	Skipped CI because it has already passed. Had to rebase due to CHANGELOG.
2015-09-30	Take advantage of `Devise.sign_in_after_reset_password`	Robert Speicher

2015-09-02	Crowd integration	Valery Sizov

2015-05-10	Add support for backup codes	Dmitriy Zaporozhets

2015-05-10	Fix rubocop complain	Dmitriy Zaporozhets

2015-05-10	Init 2 factor authentication for user model	Dmitriy Zaporozhets

2015-05-02	Make Reply-To config apply to change e-mail confirmation and other notifications	Stan Hu
	sent through Devise Fix test case that was passing due to a broken `around` statement. Closes #1556
2015-04-10	Use `\A` and `\z` in regexes instead of `^` and `$`.	Douwe Maan

2015-01-23	Increase password reset timeout since other people trigger it when they ↵	Sytse Sijbrandij
	create an account for you.
2014-10-15	Only enable LDAP providers if LDAP is enabled	Jan-Willem van der Meer

2014-10-14	Use Hash syntax for LDAP server declaration	Jan-Willem van der Meer

2014-10-13	Apply configuration changes for Multiple LDAP servers	Jan-Willem van der Meer

2014-07-09	Try to keep token authenticable compatibility	Marin Jankovski

2014-05-27	Revert "Actually use the 'user_filter' configuration option"	Jacob Vosmaer
	This reverts commit e9d4587ff11c8510f01dfa184414f73d75b4550b, which is incompatible with GitLab's built in LDAP user filter: a GitLab LDAP filter is [added on top of the other filters used to find the user](https://gitlab.com/gitlab-org/gitlab-ce/blob/982d4d51e8110bec280eb00db0fb756b062103d9/lib/gitlab/ldap/adapter.rb#L61) Example GitLab LDAP filter: `(memberOf=cn=foo,dc=bar)`. In contrast, an omniauth-ldap filter [replaces the 'normal' filters](https://gitlab.com/gitlab-org/omniauth-ldap/blob/76d77543dec0c585bb4e974262f43675f9810953/lib/omniauth/strategies/ldap.rb#L55) Example omniauth-ldap user filter: `(&(uid=%{username})(memberOf=cn=foo,dc=bar))`.
2014-04-21	Actually use the 'user_filter' configuration option	Travis Odom

2014-02-19	Send emails from the author	Pierre de La Morinerie
	This changes the email "From" field from "gitlab@example.com" to either: * "John Doe <gitlab@example.com>" if the author of the action is known, * "GitLab <gitlab@example.com>" otherwise. Rationale: this allow mails to appear as if they were sent by the author. It appears in the mailbox more like a real discussion between the sender and the receiver ("John sent: we should refactor this") and less like a robot notifying about something.
2014-02-04	Change Devise.confirm_within to Devise.allow_unconfirmed_access_for	Athos Ribeiro
	According to Devise's changelog (https://github.com/plataformatec/devise/blob/master/CHANGELOG.md), Devise.confirm_within was deprecated in favor of Devise.allow_unconfirmed_access_for in version 2.0.0.
2013-12-30	refactor omniauth configuration method	Raffael Schmid
	This refactoring allows a user to use omniauth providers which do not use ```app_id``` and ```app_secret``` without needing to change the devise configuration.
2013-12-10	Migrate application to rails 4 step 1	Dmitriy Zaporozhets
	Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-12-01	We welcome everyone to contribute.	Sytse Sijbrandij

2013-11-25	Minimal password length increased	Dmitriy Zaporozhets
	Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-10-15	Enable confirmable and reconfirmable modules for User	Dmitriy Zaporozhets
	Now when you want to signup or change existing email you will be forced to confirm that you really own this email. You get email with link to follow in order to confirm your email address Conflicts: app/models/user.rb
2013-07-18	Update the proc/lamda to be consistent	Izaak Alpert
	Change-Id: I411c7544c7834b00d26e51dc9a6c0396c51bd4f3
2013-07-18	Allow the ldap logins with email or username	Izaak Alpert
	Change-Id: I73b4aa4c46afd56ae02fb24abcd673c0724547e4
2013-05-05	Replace old hashes with new 1.9 ruby hashes (rebase)	Andrey Kumanyaev

2013-03-25	login with both email or username	Dmitriy Zaporozhets

2013-02-28	update devise gem	Dmitriy Zaporozhets

2012-12-24	Allow the OmniAuth provider args parameter to pass through as either an ↵	Aaron Stone
	Array or a Hash.
2012-12-20	Fix gravatar and ldap config	Riyad Preukschas