overleaf

mirror of https://github.com/overleaf/overleaf.git synced 2024-10-31 21:21:03 -04:00

Author	SHA1	Message	Date
Shane Kilkelly	f1653d01b7	Refactor method names in `UserSessionsManager`	2016-07-01 15:33:59 +01:00
James Allen	3e03164ed4	Remove dead auth_token code	2016-03-10 17:15:14 +00:00
Henry Oswald	bd54cc722a	fixed broken tests in AuthenticationController	2016-02-18 10:16:50 +00:00
Henry Oswald	7fd29b18a8	destroy users session before creating a new one for them after login session changed to prevent against fixation attacks	2015-07-01 15:29:02 +01:00
Henry Oswald	a7640b5bbd	changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist	2015-04-30 11:57:40 +01:00
James Allen	5c30a7de67	Add in option for global login requirement (defaults to on)	2015-04-15 11:14:53 +01:00
James Allen	8e13ded360	Regenerate the session id after logging in or registering	2015-02-13 11:18:17 +00:00
Henry Oswald	804bc16bc8	redirect users to /register when coming from templates or share url redirect to /login when going anywhere else (/project /project/1234)	2014-11-13 17:12:39 +00:00
Henry Oswald	66ba6e612d	Revert "send 401 when login fails" This reverts commit fb901c6365d37654ba9058f57a71a4e60366688e.	2014-08-08 10:21:17 +01:00
Henry Oswald	7976f2f0fe	send 401 when login fails	2014-08-07 16:28:00 +01:00
Henry Oswald	d047d44079	Changed the error messages which are sent down to the client to be translated first fixed up tests from titles we check when rendering, deleted them as they never catch anything important, more hastle than they are worth imo.	2014-08-01 14:03:38 +01:00
James Allen	c1afbc66d9	Don't error if user is not logged in when compiling	2014-05-27 12:33:56 +01:00
Henry Oswald	479b37a48c	null check user when getting user id from session	2014-04-02 15:56:54 +01:00
James Allen	8715690ce9	Intial open source comment	2014-02-12 10:23:40 +00:00

14 commits