Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-07-31 | Add captcha if there are multiple failed login attempts | Małgorzata Ksionek | |
Add method to store session ids by ip Add new specs for storing session ids Add cleaning up records after login Add retrieving anonymous sessions Add login recaptcha setting Add new setting to sessions controller Add conditions for showing captcha Add sessions controller specs Add admin settings specs for login protection Add new settings to api Add stub to devise spec Add new translation key Add cr remarks Rename class call Add cr remarks Change if-clause for consistency Add cr remarks Add code review remarks Refactor AnonymousSession class Add changelog entry Move AnonymousSession class to lib Move store unauthenticated sessions to sessions controller Move link to recaptcha info Regenerate text file Improve copy on the spam page Change action filter for storing anonymous sessions Fix rubocop offences Add code review remarks | |||
2018-09-26 | Guard against a login attempt with invalid CSRF token | Stan Hu | |
If a user logs in with a bad CSRF token, the Warden before_logout hook will be called with no valid user. This would lead to odd Error 500 messages with a backtrace. Addresses part of #50857 | |||
2018-08-03 | Simplify the check of reduntant user logout events | Grzegorz Bizon | |
2018-08-03 | Do not skip recording session destruction events | Grzegorz Bizon | |
2018-08-03 | Improve blocked user tracking code readability | Grzegorz Bizon | |
2018-08-02 | Skip redunant before_logout warden events | Grzegorz Bizon | |
2018-08-01 | Improve authentication events-related code readability | Grzegorz Bizon | |
2018-08-01 | Do not implicitly authenticate user during session creation | Grzegorz Bizon | |
2018-08-01 | Simplify blocked user tracking during authentication | Grzegorz Bizon | |
2018-08-01 | Improve blocked user tracking and fire some events only once | Grzegorz Bizon | |
2018-07-31 | Improve authentication activity code readability | Grzegorz Bizon | |
2018-07-27 | Fix rubocop offense in warden initializers | Grzegorz Bizon | |
2018-07-27 | Catch custom warden events too to increment metrics | Grzegorz Bizon | |
2018-07-26 | Make authentication metrics events explicit is specs | Grzegorz Bizon | |
2018-07-23 | Track blocked users and two factor authentications | Grzegorz Bizon | |
2018-07-20 | Refactor blocked user tracker class | Grzegorz Bizon | |
2018-07-19 | Rename authentication activity observer methods | Grzegorz Bizon | |
2018-07-17 | Implement scaffold of authentication activity metrics | Grzegorz Bizon | |
2018-05-07 | Only run session related Warden hooks for user scope | Douwe Maan | |
2018-05-02 | Display and revoke active sessions | Alexis Reigel ( 🌴 may 2nd - may 9th 🌴 ) | |
2018-01-15 | Log and send a system hook if a blocked user fails to login | Stan Hu | |
Closes #41633 | |||
2017-03-06 | Make Warden set_user hook validate user ip uniquness | Pawel Chojnacki | |
+ rename shared context |