1
0
Fork 0
forgejo/services/mailer
Gusted 4383da91bd
[SECURITY] Notify users about account security changes
- Currently if the password, primary mail, TOTP or security keys are
changed, no notification is made of that and makes compromising an
account a bit easier as it's essentially undetectable until the original
person tries to log in. Although other changes should be made as
well (re-authing before allowing a password change), this should go a
long way of improving the account security in Forgejo.
- Adds a mail notification for password and primary mail changes. For
the primary mail change, a mail notification is sent to the old primary
mail.
- Add a mail notification when TOTP or a security keys is removed, if no
other 2FA method is configured the mail will also contain that 2FA is
no longer needed to log into their account.
- `MakeEmailAddressPrimary` is refactored to the user service package,
as it now involves calling the mailer service.
- Unit tests added.
- Integration tests added.
2024-07-23 18:31:47 +02:00
..
incoming Replace reply with a forked version to fix the cut-off of the incoming mail text (#3747) 2024-05-13 21:24:58 +00:00
token [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
mail.go [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
mail_admin_new_user.go Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
mail_admin_new_user_test.go [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
mail_auth_test.go [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
mail_comment.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
mail_issue.go Clean up template locale usage (#27856) 2023-10-31 22:11:48 +08:00
mail_release.go Add option to change mail from user display name (#31528) 2024-07-22 15:44:13 +02:00
mail_repo.go Add option to change mail from user display name (#31528) 2024-07-22 15:44:13 +02:00
mail_team_invite.go Refactor locale&string&template related code (#29165) 2024-02-16 15:20:52 +01:00
mail_test.go [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
mailer.go Add option for mailer to override mail headers (#27860) 2024-06-09 11:13:39 +02:00
mailer_test.go test(services/mailer): Add option for mailer to override mail headers 2024-06-09 11:13:39 +02:00
main_test.go [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
notify.go [GITEA] notifies admins on new user registration 2024-02-05 16:09:28 +01:00