catstodon/app/controllers/auth
Claire 94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
..
challenges_controller.rb Add password challenge to 2FA settings, e-mail notifications (#11878) 2019-09-18 16:37:27 +02:00
confirmations_controller.rb Change confirmations controller to redirect to / for approved users (#16151) 2021-05-03 15:45:19 +02:00
omniauth_callbacks_controller.rb Fix undefined variable for Auth::OmniauthCallbacksController (#16654) 2021-08-25 17:40:56 +02:00
passwords_controller.rb Fix other sessions not being logged out on password change (#14252) 2020-07-07 15:26:31 +02:00
registrations_controller.rb Add honeypot fields and minimum fill-out time for sign-up form (#15276) 2020-12-10 06:27:26 +01:00
sessions_controller.rb Fix authentication failures after going halfway through a sign-in attempt (#16607) 2021-08-25 22:52:41 +02:00
setup_controller.rb Change unconfirmed user login behaviour (#11375) 2019-07-22 10:48:50 +02:00