Shane Kilkelly
|
22101d0305
|
If user is sent to login page with explicit redirect, obey
|
2016-11-24 11:38:13 +00:00 |
|
Shane Kilkelly
|
cee3326ce3
|
fix omission of 'length'
|
2016-11-22 17:06:05 +00:00 |
|
Shane Kilkelly
|
8a4352fff2
|
Set redirect when redirecting from restricted
|
2016-11-22 16:54:03 +00:00 |
|
Shane Kilkelly
|
8089bb55a4
|
use session for the post-login redirect, remove redir query string.
|
2016-11-22 14:24:36 +00:00 |
|
Shane Kilkelly
|
bfa0e7cf89
|
WIP: start moving web sessions to cluster
|
2016-11-08 15:32:36 +00:00 |
|
Shane Kilkelly
|
9cb3d8c4b8
|
Enable hook from module into passport init.
|
2016-11-01 14:06:54 +00:00 |
|
Henry Oswald
|
3141f91b59
|
Merge pull request #322 from sharelatex/ho-password-limits
Ho password limits
|
2016-10-05 10:03:54 +01:00 |
|
Shane Kilkelly
|
dd14e51713
|
Handle null, undefined and false in isUserLoggedIn
|
2016-09-23 16:53:07 +01:00 |
|
Henry Oswald
|
8a2b7d0461
|
server side protect passwords which are too long
|
2016-09-23 16:51:46 +01:00 |
|
Henry Oswald
|
0d0f0e8604
|
wip
|
2016-09-23 16:38:46 +01:00 |
|
Shane Kilkelly
|
dbac4bd008
|
update session when user settings change
|
2016-09-22 16:58:25 +01:00 |
|
Shane Kilkelly
|
636b1fe9e2
|
Copy to session.user , for compatibility
|
2016-09-22 15:49:09 +01:00 |
|
Shane Kilkelly
|
c959e0c65d
|
Set req.user
|
2016-09-22 13:54:13 +01:00 |
|
Shane Kilkelly
|
dde5b7b830
|
Regenerate session on login, protect against session-fixation attack.
|
2016-09-21 13:03:37 +01:00 |
|
Shane Kilkelly
|
bb71433727
|
Remove getLoggedInUser
|
2016-09-21 09:27:51 +01:00 |
|
Henry Oswald
|
777cbf1c80
|
move comment for user is false next to if statment
|
2016-09-20 14:51:51 +01:00 |
|
Shane Kilkelly
|
2119dcbb58
|
Finalise login workflow, works with login form again.
|
2016-09-15 14:36:11 +01:00 |
|
Shane Kilkelly
|
8e0103a1bc
|
wip: fix unit tests for AuthenticationController
|
2016-09-07 14:05:51 +01:00 |
|
Shane Kilkelly
|
3a5b3a8e8d
|
wip: acceptance tests working
|
2016-09-06 15:55:34 +01:00 |
|
Shane Kilkelly
|
b0a10c948c
|
wip refactor
|
2016-09-06 15:22:13 +01:00 |
|
Shane Kilkelly
|
749658a916
|
WIP: fixing acceptance tests
|
2016-09-06 13:21:22 +01:00 |
|
Shane Kilkelly
|
ab2c1e82fb
|
WIP: refactor
|
2016-09-05 15:58:31 +01:00 |
|
Shane Kilkelly
|
e6c7aa25ec
|
barely functional login and logout
|
2016-09-05 10:28:47 +01:00 |
|
Shane Kilkelly
|
e4f4325150
|
Basic passport integration
|
2016-09-02 16:17:37 +01:00 |
|
Paulo Reis
|
9bf9df9a4a
|
Track login events.
|
2016-08-11 14:09:45 +01:00 |
|
Shane Kilkelly
|
0ac9b05d02
|
Add ip_address and session_created to the session user object.
|
2016-07-01 15:49:07 +01:00 |
|
Shane Kilkelly
|
f1653d01b7
|
Refactor method names in UserSessionsManager
|
2016-07-01 15:33:59 +01:00 |
|
Shane Kilkelly
|
db213c0621
|
Begin keeping record of user sessions in reds.
|
2016-06-29 11:35:25 +01:00 |
|
Brian Gough
|
98a0c54004
|
use parameter for bcrypt rounds, rehash passwords on login if necessary
|
2016-06-17 12:22:03 +01:00 |
|
James Allen
|
de02928454
|
Merge branch 'master' into ja_email_tokens
|
2016-03-17 17:01:26 +00:00 |
|
James Allen
|
b556d57f40
|
Remove missed console.log debugging lines in AuthenticationController.coffee
|
2016-03-14 17:11:23 +00:00 |
|
James Allen
|
71ef045728
|
Implement authorization guards in Authorization{Manager,Controller}
|
2016-03-14 17:06:57 +00:00 |
|
James Allen
|
3e03164ed4
|
Remove dead auth_token code
|
2016-03-10 17:15:14 +00:00 |
|
Henry Oswald
|
940586f654
|
sped up unit tests to improve speed
also removed some unneeded requires.
|
2016-03-09 12:51:19 +00:00 |
|
Henry Oswald
|
c8084406d3
|
user notifications auto created on login for joinging groups
|
2016-02-17 16:24:09 +00:00 |
|
Henry Oswald
|
690b195f1a
|
move login success to .json as it sends json over
|
2016-01-25 17:35:57 +00:00 |
|
James Allen
|
1e8ab5357b
|
Improve pre-registered account activation process
|
2015-12-11 11:30:06 +00:00 |
|
Henry Oswald
|
7fd29b18a8
|
destroy users session before creating a new one for them after login
session changed to prevent against fixation attacks
|
2015-07-01 15:29:02 +01:00 |
|
Henry Oswald
|
665bdcf538
|
v1 of express4 conversion
|
2015-07-01 15:17:43 +01:00 |
|
Henry Oswald
|
a7640b5bbd
|
changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist
|
2015-04-30 11:57:40 +01:00 |
|
James Allen
|
5c30a7de67
|
Add in option for global login requirement (defaults to on)
|
2015-04-15 11:14:53 +01:00 |
|
James Allen
|
000f01fbeb
|
Remove unneeded uid module
|
2015-02-17 11:21:50 +00:00 |
|
James Allen
|
8e13ded360
|
Regenerate the session id after logging in or registering
|
2015-02-13 11:18:17 +00:00 |
|
Henry Oswald
|
804bc16bc8
|
redirect users to /register when coming from templates or share url
redirect to /login when going anywhere else (/project /project/1234)
|
2014-11-13 17:12:39 +00:00 |
|
James Allen
|
dbd85a05f1
|
Send user features and features switches to views where needed
|
2014-10-07 13:31:13 +01:00 |
|
Henry Oswald
|
66ba6e612d
|
Revert "send 401 when login fails"
This reverts commit fb901c6365d37654ba9058f57a71a4e60366688e.
|
2014-08-08 10:21:17 +01:00 |
|
Henry Oswald
|
7976f2f0fe
|
send 401 when login fails
|
2014-08-07 16:28:00 +01:00 |
|
Henry Oswald
|
d047d44079
|
Changed the error messages which are sent down to the client to be translated first
fixed up tests from titles we check when rendering, deleted them as they never
catch anything important, more hastle than they are worth imo.
|
2014-08-01 14:03:38 +01:00 |
|
James Allen
|
e4d9d03f55
|
Improve feedback on login/register forms
|
2014-07-11 17:08:19 +01:00 |
|
James Allen
|
c1afbc66d9
|
Don't error if user is not logged in when compiling
|
2014-05-27 12:33:56 +01:00 |
|
Henry Oswald
|
479b37a48c
|
null check user when getting user id from session
|
2014-04-02 15:56:54 +01:00 |
|
James Allen
|
8715690ce9
|
Intial open source comment
|
2014-02-12 10:23:40 +00:00 |
|