Commit Graph

13 Commits

Author SHA1 Message Date
David Taylor
1a8fee11a0 DEV: If only one auth provider is enabled allow GET request
In this case, the auth provider is acting as a SSO provider, and can be trusted to maintain its own CSRF protections.
2019-08-12 11:03:05 +01:00
David Taylor
3b8c468832 SECURITY: Require POST with CSRF token for OmniAuth request phase 2019-08-08 11:58:00 +01:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam
442a17bfb2 PERF: bypass omniauth unless in an auth path 2018-01-15 12:44:54 +11:00
Neil Lalonde
3e5f2bd1cf FIX: replace reference to Google_oauth2 with Google during signup 2016-03-29 18:08:55 -04:00
Erick Guan
7df33ca287 FIX: redirect output omniauth log to Rails logger instead of stdout 2016-03-19 13:17:13 +01:00
Sam
65edbb609c Revert "Revert message bus upgrade"
This reverts commit 47e718f5b2.
2015-12-09 11:48:41 +11:00
Sam
47e718f5b2 Revert message bus upgrade 2015-12-09 11:45:11 +11:00
Sam
2cc95af69b Revert "REVERT: message bus changes"
This reverts commit 4820d5c7b0.
2015-12-09 07:36:36 +11:00
Robin Ward
4820d5c7b0 REVERT: message bus changes 2015-12-08 15:32:31 -05:00
Sam
c866d5b42d Revert "Revert "PERF: move message bus to the front of the middleware stack""
This reverts commit cd1dd18f01.
2015-12-08 07:11:28 +11:00
Robin Ward
cd1dd18f01 Revert "PERF: move message bus to the front of the middleware stack"
I suspect this commit is preventing Sidekiq from running inprocess.
2015-12-07 14:57:23 -05:00
Sam
c04bcf8655 PERF: move message bus to the front of the middleware stack
Organise all initializers so they are properly ordered and use the same naming scheme
2015-12-07 14:51:24 +11:00