Henry Oswald
|
ebdce6169e
|
idendifyUser on login
|
2017-03-22 15:50:49 +00:00 |
|
Shane Kilkelly
|
1137ab0715
|
Don't record redirect to static asset paths
|
2017-01-17 14:35:37 +00:00 |
|
Shane Kilkelly
|
f5ced03074
|
Set redirect when sending user to login page.
Allows smart redirecting to work when public access is turned off.
|
2017-01-10 15:42:36 +00:00 |
|
Shane Kilkelly
|
395135a655
|
Merge branch 'sk-post-login-redirect'
|
2016-11-28 09:52:14 +00:00 |
|
Henry Oswald
|
f130470971
|
log ip address of user when logging in
|
2016-11-25 11:59:50 +00:00 |
|
Shane Kilkelly
|
167f01857a
|
Remove stray next params.
|
2016-11-24 14:15:01 +00:00 |
|
Shane Kilkelly
|
22101d0305
|
If user is sent to login page with explicit redirect, obey
|
2016-11-24 11:38:13 +00:00 |
|
Shane Kilkelly
|
cee3326ce3
|
fix omission of 'length'
|
2016-11-22 17:06:05 +00:00 |
|
Shane Kilkelly
|
8a4352fff2
|
Set redirect when redirecting from restricted
|
2016-11-22 16:54:03 +00:00 |
|
Shane Kilkelly
|
8089bb55a4
|
use session for the post-login redirect, remove redir query string.
|
2016-11-22 14:24:36 +00:00 |
|
Shane Kilkelly
|
bfa0e7cf89
|
WIP: start moving web sessions to cluster
|
2016-11-08 15:32:36 +00:00 |
|
Shane Kilkelly
|
9cb3d8c4b8
|
Enable hook from module into passport init.
|
2016-11-01 14:06:54 +00:00 |
|
Henry Oswald
|
3141f91b59
|
Merge pull request #322 from sharelatex/ho-password-limits
Ho password limits
|
2016-10-05 10:03:54 +01:00 |
|
Shane Kilkelly
|
dd14e51713
|
Handle null, undefined and false in isUserLoggedIn
|
2016-09-23 16:53:07 +01:00 |
|
Henry Oswald
|
8a2b7d0461
|
server side protect passwords which are too long
|
2016-09-23 16:51:46 +01:00 |
|
Henry Oswald
|
0d0f0e8604
|
wip
|
2016-09-23 16:38:46 +01:00 |
|
Shane Kilkelly
|
dbac4bd008
|
update session when user settings change
|
2016-09-22 16:58:25 +01:00 |
|
Shane Kilkelly
|
636b1fe9e2
|
Copy to session.user , for compatibility
|
2016-09-22 15:49:09 +01:00 |
|
Shane Kilkelly
|
c959e0c65d
|
Set req.user
|
2016-09-22 13:54:13 +01:00 |
|
Shane Kilkelly
|
dde5b7b830
|
Regenerate session on login, protect against session-fixation attack.
|
2016-09-21 13:03:37 +01:00 |
|
Shane Kilkelly
|
bb71433727
|
Remove getLoggedInUser
|
2016-09-21 09:27:51 +01:00 |
|
Henry Oswald
|
777cbf1c80
|
move comment for user is false next to if statment
|
2016-09-20 14:51:51 +01:00 |
|
Shane Kilkelly
|
2119dcbb58
|
Finalise login workflow, works with login form again.
|
2016-09-15 14:36:11 +01:00 |
|
Shane Kilkelly
|
8e0103a1bc
|
wip: fix unit tests for AuthenticationController
|
2016-09-07 14:05:51 +01:00 |
|
Shane Kilkelly
|
3a5b3a8e8d
|
wip: acceptance tests working
|
2016-09-06 15:55:34 +01:00 |
|
Shane Kilkelly
|
b0a10c948c
|
wip refactor
|
2016-09-06 15:22:13 +01:00 |
|
Shane Kilkelly
|
749658a916
|
WIP: fixing acceptance tests
|
2016-09-06 13:21:22 +01:00 |
|
Shane Kilkelly
|
ab2c1e82fb
|
WIP: refactor
|
2016-09-05 15:58:31 +01:00 |
|
Shane Kilkelly
|
e6c7aa25ec
|
barely functional login and logout
|
2016-09-05 10:28:47 +01:00 |
|
Shane Kilkelly
|
e4f4325150
|
Basic passport integration
|
2016-09-02 16:17:37 +01:00 |
|
Paulo Reis
|
9bf9df9a4a
|
Track login events.
|
2016-08-11 14:09:45 +01:00 |
|
Shane Kilkelly
|
0ac9b05d02
|
Add ip_address and session_created to the session user object.
|
2016-07-01 15:49:07 +01:00 |
|
Shane Kilkelly
|
f1653d01b7
|
Refactor method names in UserSessionsManager
|
2016-07-01 15:33:59 +01:00 |
|
Shane Kilkelly
|
db213c0621
|
Begin keeping record of user sessions in reds.
|
2016-06-29 11:35:25 +01:00 |
|
Brian Gough
|
98a0c54004
|
use parameter for bcrypt rounds, rehash passwords on login if necessary
|
2016-06-17 12:22:03 +01:00 |
|
James Allen
|
de02928454
|
Merge branch 'master' into ja_email_tokens
|
2016-03-17 17:01:26 +00:00 |
|
James Allen
|
b556d57f40
|
Remove missed console.log debugging lines in AuthenticationController.coffee
|
2016-03-14 17:11:23 +00:00 |
|
James Allen
|
71ef045728
|
Implement authorization guards in Authorization{Manager,Controller}
|
2016-03-14 17:06:57 +00:00 |
|
James Allen
|
3e03164ed4
|
Remove dead auth_token code
|
2016-03-10 17:15:14 +00:00 |
|
Henry Oswald
|
940586f654
|
sped up unit tests to improve speed
also removed some unneeded requires.
|
2016-03-09 12:51:19 +00:00 |
|
Henry Oswald
|
c8084406d3
|
user notifications auto created on login for joinging groups
|
2016-02-17 16:24:09 +00:00 |
|
Henry Oswald
|
690b195f1a
|
move login success to .json as it sends json over
|
2016-01-25 17:35:57 +00:00 |
|
James Allen
|
1e8ab5357b
|
Improve pre-registered account activation process
|
2015-12-11 11:30:06 +00:00 |
|
Henry Oswald
|
7fd29b18a8
|
destroy users session before creating a new one for them after login
session changed to prevent against fixation attacks
|
2015-07-01 15:29:02 +01:00 |
|
Henry Oswald
|
665bdcf538
|
v1 of express4 conversion
|
2015-07-01 15:17:43 +01:00 |
|
Henry Oswald
|
a7640b5bbd
|
changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist
|
2015-04-30 11:57:40 +01:00 |
|
James Allen
|
5c30a7de67
|
Add in option for global login requirement (defaults to on)
|
2015-04-15 11:14:53 +01:00 |
|
James Allen
|
000f01fbeb
|
Remove unneeded uid module
|
2015-02-17 11:21:50 +00:00 |
|
James Allen
|
8e13ded360
|
Regenerate the session id after logging in or registering
|
2015-02-13 11:18:17 +00:00 |
|
Henry Oswald
|
804bc16bc8
|
redirect users to /register when coming from templates or share url
redirect to /login when going anywhere else (/project /project/1234)
|
2014-11-13 17:12:39 +00:00 |
|