github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-17 22:02:31 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
43,488 Commits 322 Branches 516 Tags
d91d67a442a1223e44772bd339c2ffc9d901b3b4
Commit Graph

19 Commits

Author SHA1 Message Date
Alan Guo Xiang Tan
ce04db8610 FEATURE: Allow invites redemption with Omniauth providers. 2021-03-09 09:27:18 +08:00
David Taylor
a040f72f96 FIX: Make email_valid handling consistent (#11556) 
Previously we were checking truthiness in some places, and `== true` in
others. That can lead to some inconsistent UX where the interface says
the email is valid, but account creation fails.

This commit ensures values are boolean when set, and raises an error for
other value types.

If this safety check is triggered, it means the specific auth provider
needs to be updated to pass booleans.
 2021-02-22 12:05:36 +00:00
David Taylor
fbf29443bd FIX: Allow signup when auth provider supplies no email 2020-07-10 17:56:33 +01:00
David Taylor
977766e7a8 FEATURE: sso_overrides_(email|username|name) for all auth methods 
These settings previously applied only to discourse-sso. Now they work for all external authentication methods.
 2020-07-06 10:18:45 +01:00
David Taylor
ec448a1516 DEV: Refactor Auth::Result for readability, recreate during signup flow 2020-07-06 10:18:41 +01:00
David Taylor
73172f00d3 FIX: Clear authentication data from session after create account (#8040) 2019-09-12 12:11:12 +01:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files 
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
 2019-05-13 09:31:32 +08:00
OsamaSayegh
f6d412465b FIX: apply automatic group rules when using social login providers 2018-05-23 02:26:07 +03:00
Neil Lalonde
2db66072d7 SECURITY: signup without verified email using Google auth 2017-10-16 13:51:41 -04:00
Guo Xiang Tan
76dd6933d2 Revert "Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email.""" 
This reverts commit e6d75f68449ba5cc57e0abcbaa8cc1d505dd4916.

This is why we should not be pushing directly to master.
 2017-03-01 10:16:59 +08:00
Guo Xiang Tan
e6d75f6844 Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."" 
This reverts commit 0e3def7d2b78053bb84cc432afc65228e66143aa.
 2017-02-28 11:27:14 +08:00
Robin Ward
0e3def7d2b Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email." 
This reverts commit 1060239e2df6ab400f3d988dae3447d099ae8942.
 2017-02-27 13:19:26 -05:00
Guo Xiang Tan
1060239e2d SECURITY: Ensure oAuth authenticated email is the same as created user's email. 2017-02-24 13:13:10 +08:00
Guo Xiang Tan
0847b4258a Revert "SECURITY: Ensure that user has been authenticated." 
This reverts commit fbe51d68a7e4c89183415e24e8163dd3f70085df.

Changing the commit message to correctly reflect what we're actually
fixing.
 2017-02-24 13:12:29 +08:00
Guo Xiang Tan
fbe51d68a7 SECURITY: Ensure that user has been authenticated. 2017-02-24 10:47:48 +08:00
Robin Ward
9609a47016 Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
Régis Hanol
7641d88224 FEATURE: new 'maximum new user accounts per registration IP' site setting 2014-11-17 12:04:29 +01:00
Sam
619fa50d4b BUGFIX: twitter auth asking for a password 2014-03-20 14:49:25 +11:00
Scott Albertson
51eff92170 Refactor UsersController#create 
* Simplify controller action
* Extract service classes
 2013-12-05 10:11:16 -08:00