chinwag/chinwagsocial
chinwag/chinwagsocial
2
0
Fork 0
Code Issues Pull requests Releases 14 Wiki Activity
19,020 commits 10 branches 339 tags 950 MiB
Commit graph

143 commits

Author SHA1 Message Date
Matt Jankowski
1297ad759e
 		Update rubocop to version 1.76.0 (#34926) 2025-06-05 12:09:05 +00:00
Claire
8c51a8ba94
 		Add ability to translate server rules (#34494) 2025-05-21 11:54:12 +00:00
Claire
f94b1fce41
 		Drop compatibility with Redis < 6.2 (#30413) 2025-05-20 12:55:42 +00:00
Eugen Rochko
d213c585ff
 		Add age verification on sign-up (#34150) 2025-03-14 14:07:29 +00:00
Matt Jankowski
c3419d146a
 		Remove duplicate cache header setting before action (#33833) 2025-02-05 09:19:08 +00:00
Matt Jankowski
a1d9c3fb99
 		Use expect params wrapper for more "auth" and "2FA" "controllers" (#33717) 2025-01-24 14:40:20 +00:00
Matt Jankowski
45149cd5e1
 		Use expect for nested params in auth/setup#update (#33657) 2025-01-21 08:16:40 +00:00
Matt Jankowski
998cf0dd53
 		Convert auth/setup spec controller->system/request (#33604) 2025-01-16 09:03:46 +00:00
Eugen Rochko
ca45f896dd
 		Fix various visual sign-up flow issues (#33206) 2024-12-09 08:23:19 +00:00
Matt Jankowski
a397141d78
 		Move non-action public method controller callback to private methods (#31933) 2024-09-18 08:05:25 +00:00
Matt Jankowski
a9d0b48b65
 		Set "admin" body class from admin nested layout (#31269) 2024-09-06 13:58:46 +00:00
Renaud Chaput
c3e1d86d58
 		Fix log out from user menu not working on Safari (#31402) 2024-08-13 17:49:23 +00:00
Claire
2ec1181ee5
 		Fix contrast between background and form elements on some pages (#31266) 2024-08-02 13:55:31 +00:00
Matt Jankowski
929b9fdaff
 		Remove exclusion for Rails/LexicallyScopedActionFilter cop (#30697) 2024-06-21 15:34:13 +00:00
Matt Jankowski
9b5055d34d
 		Fix Style/SuperArguments cop (#30406) 2024-05-24 08:36:21 +00:00
Claire
d4d0565b0f
 		Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 21:49:45 +00:00
Claire
b31af34c97
 		Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-14 15:16:07 +01:00
Claire
eeabf9af72
 		Fix compatibility with Redis <6.2 (#29123) 2024-02-07 11:52:38 +00:00
Matt Jankowski
17ea22671d
 		Fix Style/GuardClause cop in app/controllers (#28420) 2024-01-25 15:13:41 +00:00
Claire
e2d9635074
 		Add notification email on invalid second authenticator (#28822) 2024-01-22 13:55:43 +00:00
Claire
3593ee2e36
 		Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00
Matt Jankowski
0e5b8fc46b
 		Fix Style/RedundantReturn cop (#28391) 2023-12-18 09:50:51 +00:00
Claire
963354978a
 		Add Account#unavailable? and Account#permanently_unavailable? aliases (#28053) 2023-11-30 15:43:26 +00:00
Matt Jankowski
1f1c75bba5
 		File cleanup/organization in controllers/concerns (#27846) 2023-11-30 14:39:41 +00:00
Claire
07a4059901
 		Add support for invite codes in the registration API (#27805) 2023-11-13 13:27:00 +00:00
Claire
49b8433c56
 		Fix confusing screen when visiting a confirmation link for an already-confirmed email (#27368) 2023-10-25 21:33:44 +00:00
Claire
379115e601
 		Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 2023-10-23 15:46:21 +00:00
Matt Jankowski
340f1a68be
 		Simplify instance presenter view access (#26046) 2023-09-28 16:52:37 +02:00
Matt Jankowski
50ff3d3342
 		Coverage for Auth::OmniauthCallbacks controller (#26147) 2023-07-25 09:46:57 +02:00
Claire
b629e21515
 		Fix unexpected redirection to /explore after sign-in (#26143) 2023-07-24 16:06:32 +02:00
Matt Jankowski
5134fc65e2
 		Fix Naming/AccessorMethodName cop (#25924) 2023-07-12 10:03:19 +02:00
Claire
e6a8faae81
 		Add users index on unconfirmed_email (#25672) 2023-07-02 19:41:35 +02:00
Claire
180f0e6715
 		Fix inefficient query when requesting a new confirmation email from a logged-in account (#25669) 2023-07-02 16:08:58 +02:00
Eugen Rochko
f20698000f
 		Fix always redirecting to onboarding in web UI (#25396) 2023-06-14 09:05:03 +02:00
Frankie Roberto
36a77748b4
 		Order sessions by most-recent to least-recently updated (#25005) 2023-05-22 11:40:00 +02:00
Claire
bec6a1cad4
 		Add hCaptcha support (#25019) 2023-05-16 23:27:35 +02:00
Matt Jankowski
6e226f5a32
 		Fix Rails/ActionOrder cop (#24692) 2023-04-30 06:46:39 +02:00
Eugen Rochko
e98c86050a
 		Refactor Cache-Control and Vary definitions (#24347) 2023-04-19 16:07:29 +02:00
Eugen Rochko
e5c0b16735
 		Add progress indicator to sign-up flow (#24545) 2023-04-16 07:01:24 +02:00
Claire
280fa3b2c0
 		Fix invalid/expired invites being processed on sign-up (#24337) 2023-03-31 21:42:28 +02:00
CSDUMMI
d258ec8e3b
 		Prefer the stored location as after_sign_in_path in Omniauth Callback Controller (#24073) 2023-03-13 00:06:27 +01:00
Nick Schonning
aef0051fd0
 		Enable Rubocop HTTP status rules (#23717) 2023-02-20 11:16:40 +09:00
Nick Schonning
e2a3ebb271
 		Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
David Vega
1b5d207131
 		Fix single name variables on controller folder (#20092) 
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>

Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>
Co-authored-by: Effy Elden <effy@effy.space>
 2022-12-15 17:11:58 +01:00
Francis Murillo
5fb1c3e934
 		Revoke all authorized applications on password reset (#21325) 
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
 2022-12-15 15:47:06 +01:00
Claire
48e136605a
 		Fix form-action CSP directive for external login (#20962) 2022-11-17 22:59:07 +01:00
Daniel Axtens
4d85c27d1a
 		Add 'private' to Cache-Control, match Rails expectations (#20608) 
Several controlers set quite intricate Cache-Control headers in order to
hopefully not be cached by any intermediate proxies or local caches. Unfortunately,
these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes
and discards any values set alongside no-store other than private:
8015c2c2cf/actionpack/lib/action_dispatch/http/cache.rb (L207-L209)

We want to preserve no-store on these responses, but we might as well remove
parts that are going to be dropped anyway. As many of the endpoints in these
controllers are private to a particular user, we should also add "private",
which will be preserved alongside no-store.
 2022-11-16 04:56:30 +01:00
Claire
1e1289b024
 		Fix crash when external auth provider has no display_name set (#19962) 
Fixes #19913
 2022-11-07 15:43:24 +01:00
Claire
a529d6d93e
 		Fix invites (#19560) 
Fixes #19507

Fix regression from #19296
 2022-10-30 19:04:39 +01:00
Eugen Rochko
679274465b
 		Add server rules to sign-up flow (#19296) 2022-10-05 18:57:33 +02:00