IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity
f4f8a293e7
discourse/spec/requests
History
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP 
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
..
admin FIX: don't return 200s when login is required to paths 2018-02-01 12:26:45 +11:00
composer_controller_spec.rb FIX: return 429 when admin api key is limited on admin route 2018-01-12 14:15:26 +11:00
directory_items_controller_spec.rb FIX: return 429 when admin api key is limited on admin route 2018-01-12 14:15:26 +11:00
email_controller_spec.rb FIX: return 429 when admin api key is limited on admin route 2018-01-12 14:15:26 +11:00
embed_controller_spec.rb FIX: do not create duplicate topics 2018-01-04 23:53:52 +05:30
groups_controller_spec.rb FIX: return 429 when admin api key is limited on admin route 2018-01-12 14:15:26 +11:00
list_controller_spec.rb FIX: Only allow intergers for page params. 2017-10-02 10:45:54 +08:00
omniauth_callbacks_controller_spec.rb FIX: save registration_ip_address for staged users logging in via social auth 2017-12-12 17:41:16 +05:30
post_actions_controller_spec.rb FIX: return 429 when admin api key is limited on admin route 2018-01-12 14:15:26 +11:00
posts_controller_spec.rb FEATURE: Staff members can lock posts 2018-01-26 14:01:30 -05:00
robots_txt_controller_spec.rb Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
safe_mode_controller_spec.rb Move new controller specs to reqeusts folder. 2017-08-24 12:01:11 +09:00
session_controller_spec.rb FEATURE: Implement 2factor login TOTP 2018-02-21 09:04:07 +08:00
static_controller_spec.rb favicon proxy now uses hijack 2017-11-27 14:51:14 +11:00
tags_controller_spec.rb Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
topics_controller_spec.rb FIX: return 429 when admin api key is limited on admin route 2018-01-12 14:15:26 +11:00
users_controller_spec.rb FEATURE: login by a link from email 2018-02-13 16:14:39 +08:00
users_email_controller_spec.rb FEATURE: Implement 2factor login TOTP 2018-02-21 09:04:07 +08:00