Drew Blessing
|
f4ec906e90
|
Use devise paranoid mode and ensure the same message is returned every time
Skipped CI because it has already passed. Had to rebase due to CHANGELOG.
|
2015-12-09 18:40:37 -06:00 |
|
Robert Speicher
|
b8ff38b1d4
|
Refactor PasswordsController to use before_actions
|
2015-10-01 21:47:27 -04:00 |
|
Robert Speicher
|
292bca0546
|
Only allow password reset emails once per minute
Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2611
|
2015-09-30 15:38:21 -04:00 |
|
Robert Speicher
|
3a4274e19e
|
Take advantage of Devise.sign_in_after_reset_password
|
2015-09-30 14:35:00 -04:00 |
|
Robert Speicher
|
b6318297fc
|
Use User#two_factor_enabled instead of otp_required_for_login
|
2015-06-19 15:14:37 -04:00 |
|
Vinnie Okada
|
af428b1259
|
Fill in email on the new password form
|
2015-05-16 14:03:18 -06:00 |
|
Vinnie Okada
|
c68c23210b
|
Redirect if password reset token is expired
Don't display the password editing form if the user's token is expired;
redirect to the form that allows users to request a new password reset
token.
|
2015-05-16 14:03:18 -06:00 |
|
Robert Speicher
|
24bef5e67a
|
Handle password reset for users with 2FA enabled
|
2015-05-11 14:31:31 -04:00 |
|
Dmitriy Zaporozhets
|
3dfcb95f0d
|
Use ruby 1.9 hash syntax
|
2015-01-23 17:41:10 -08:00 |
|
Marin Jankovski
|
a740e2d6d1
|
Do not allow password reset for ldap user.
|
2014-03-18 12:25:49 +01:00 |
|
Dmitriy Zaporozhets
|
3e09e6f7b8
|
Move Profile related controllers under Profiles:: module
|
2013-06-24 18:24:14 +03:00 |
|
Dmitriy Zaporozhets
|
00882b3c33
|
Prevent infinit password change by settin password_expires_at to nil
|
2013-06-13 20:21:51 +03:00 |
|
Dmitriy Zaporozhets
|
46231f0f1d
|
Fix password set form and infinite loop
|
2013-06-13 20:16:48 +03:00 |
|
Dmitriy Zaporozhets
|
5b40780290
|
Password expire: implement password resource inside profile. add before_fiter check
|
2013-06-13 19:53:04 +03:00 |
|