chinwagsocial/app/controllers/concerns
Claire 94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
..
account_controller_concern.rb
account_owned_concern.rb
accountable_concern.rb
authorization.rb
cache_concern.rb Fix cache_collection crashing when given an empty collection (#15921) 2021-03-18 00:41:32 +01:00
challengable_concern.rb
export_controller_concern.rb
localized.rb
rate_limit_headers.rb
registration_spam_concern.rb Add honeypot fields and minimum fill-out time for sign-up form (#15276) 2020-12-10 06:27:26 +01:00
session_tracking_concern.rb
sign_in_token_authentication_concern.rb Fix authentication failures after going halfway through a sign-in attempt (#16607) 2021-08-25 22:52:41 +02:00
signature_authentication.rb
signature_verification.rb Fix crash on receiving requests with missing Digest header (#15782) 2021-02-26 17:40:27 +01:00
status_controller_concern.rb
two_factor_authentication_concern.rb Fix authentication failures after going halfway through a sign-in attempt (#16607) 2021-08-25 22:52:41 +02:00
user_tracking_concern.rb Fix 2FA/sign-in token sessions being valid after password change (#14802) 2020-11-12 23:05:01 +01:00