chinwagsocial/app
Claire 94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
..
chewy Change tootctl search deploy algorithm (#14300) 2020-07-14 18:10:35 +02:00
controllers Fix authentication failures after going halfway through a sign-in attempt (#16607) 2021-08-25 22:52:41 +02:00
helpers Change number_to_human calls to always use 3-digits precision (#16469) 2021-07-07 21:13:08 +02:00
javascript Fix follow request count to dynamically update (#16652) 2021-08-25 17:46:29 +02:00
lib Fix invalid blurhash handling in Create activity (#16583) 2021-08-09 13:33:19 +02:00
mailers Prepare Mastodon for Rails 6 (#15911) 2021-03-17 10:09:55 +01:00
models Fix followers synchronization mechanism not working when URI has empty path (#16510) 2021-08-11 17:48:42 +02:00
policies Add ability to skip sign-in token authentication for specific users (#16427) 2021-07-08 05:31:28 +02:00
presenters Add server rules (#15769) 2021-02-21 19:50:12 +01:00
serializers Add configuration attribute to GET /api/v1/instance (#16485) 2021-07-10 17:58:41 +02:00
services Fix remotely-suspended accounts' toots being merged back into timelines (#16628) 2021-08-20 07:40:33 +01:00
validators Add configuration attribute to GET /api/v1/instance (#16485) 2021-07-10 17:58:41 +02:00
views Fix “discoverable” account setting being tied to profile directory (#16637) 2021-08-20 16:11:58 +02:00
workers Fix followers synchronization mechanism not working when URI has empty path (#16510) 2021-08-11 17:48:42 +02:00