github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-06 13:06:56 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
36,721 Commits 312 Branches 514 Tags
cbd72d51b441277d1a5249aa20c62d61a57b4543
Commit Graph

16 Commits

Author SHA1 Message Date
David Taylor
88779d849f UX: Ignore name parameter from IDP when it is equal to email (#8869) 
Some auth providers (e.g. Auth0 with default configuration) send the email address in the name field. In Discourse, the name field is made public, so this commit adds a safeguard to prevent emails being made public.
 2020-02-05 16:03:18 +00:00
David Taylor
b084d6c8df DEV: Add missing parenthesis for 47ad2a4d 2019-07-24 11:29:18 +01:00
David Taylor
0a6cae654b SECURITY: Add confirmation screen when connecting associated accounts 2019-07-24 10:28:15 +01:00
David Taylor
da4c1c5afc DEV: Remove trailing whitespace from 47ad2a4d 2019-07-24 10:27:44 +01:00
Angus McLeod
47ad2a4d7a DEV: Handle both name formats in managed authenticator (#7925) 2019-07-24 10:22:26 +01:00
David Taylor
5e61893cb2 FIX: Display generic descriptor for associated account with no info 2019-06-03 12:14:02 +01:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files 
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
 2019-05-13 09:31:32 +08:00
David Taylor
fc0cf3ecd1 FEATURE: Fetch email from auth provider if current user email is invalid (#7163) 
If the existing email address for a user ends in `.invalid`, we should take the email address from an authentication payload, and replace the invalid address. This typically happens when we import users from a system without email addresses.

This commit also adds some extensibility so that plugin authenticators can define `always_update_user_email?`
 2019-03-14 11:33:30 +00:00
David Taylor
fc7938f7e0 REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120) 
https://meta.discourse.org/t/future-social-authentication-improvements/94691/3
 2019-03-07 11:31:04 +00:00
David Taylor
b907924c93 FIX: ManagedAuthenticator should automatically update last_used time 2019-02-27 15:29:26 +00:00
David Taylor
9db829134c FIX: Use database to persist metadata during social registration (#6750) 
Previously was using the cookie_store, which is limited to 4kb. This caused issues for providers sending large volumes of metadata about a user.
 2018-12-10 15:10:06 +00:00
David Taylor
86f8734bc0 FIX: Prioritize explicit 'connect' over matching by email 
This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
 2018-12-07 15:05:51 +00:00
David Taylor
3cad3f9df1 DEV: Add profile fetching support to ManagedAuthenticator 2018-12-07 15:05:51 +00:00
David Taylor
e117deb2ba FIX: Improve avatar loading, and add tests 
Follow-up from 4e2cc9c
 2018-12-04 15:09:32 +00:00
David Taylor
4e2cc9caf0 FIX: Use safe navigation operator when looking for avatar URL 2018-12-03 17:28:21 +00:00
David Taylor
534e1b1b18 DEV: Introduce Auth::ManagedAuthenticator 
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
 2018-11-30 11:18:11 +00:00