Commit graph

13 commits

Author SHA1 Message Date
GitLab Bot
8a840df2e4 Add latest changes from gitlab-org/gitlab@master 2020-04-24 15:09:37 +00:00
GitLab Bot
8078bd185f Add latest changes from gitlab-org/gitlab@master 2019-11-01 00:06:02 +00:00
GitLab Bot
4682f5015a Add latest changes from gitlab-org/gitlab@master 2019-10-18 21:06:37 +00:00
GitLab Bot
9865665cb1 Add latest changes from gitlab-org/gitlab@master 2019-10-08 12:06:01 +00:00
Grzegorz Bizon
1068ec2e92 Merge branch '66741-remove-spec-rails_helper-rb' into 'master'
Remove spec/rails_helper.rb

Closes #66741

See merge request gitlab-org/gitlab-ce!32380
2019-09-03 13:48:17 +00:00
Ash McKenzie
19ff9d9899
Replace rails_helper.rb with spec_helper.rb
rails_helper.rb's only logic was to require
spec_helper.rb.
2019-08-30 12:26:18 +10:00
Małgorzata Ksionek
dfcf4cf5f1 Add captcha if there are multiple failed login attempts
Add method to store session ids by ip

Add new specs for storing session ids

Add cleaning up records after login

Add retrieving anonymous sessions

Add login recaptcha setting

Add new setting to sessions controller

Add conditions for showing captcha

Add sessions controller specs

Add admin settings specs for login protection

Add new settings to api

Add stub to devise spec

Add new translation key

Add cr remarks

Rename class call

Add cr remarks

Change if-clause for consistency

Add cr remarks

Add code review remarks

Refactor AnonymousSession class

Add changelog entry

Move AnonymousSession class to lib

Move store unauthenticated sessions to sessions controller

Move link to recaptcha info

Regenerate text file

Improve copy on the spam page

Change action filter for storing anonymous sessions

Fix rubocop offences

Add code review remarks
2019-07-31 11:47:55 +02:00
Stan Hu
9b48d9f43f Show a reCAPTCHA on signin page if custom header is set
This will only be displayed if `X-GitLab-Show-Login-Captcha` is set as an HTTP
header.
2018-06-21 15:37:34 -07:00
Sean McGivern
5883ce95ef current_application_settings belongs on Gitlab::CurrentSettings
The initializers including this were doing so at the top level, so every object
loaded after them had a `current_application_settings` method. However, if
someone had rack-attack enabled (which was loaded before these initializers), it
would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't
have that method.

To fix this:

1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need
   `Object.new.current_application_settings` to work.
2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it
   like that in several places.
3. Change the initializers to use that new form.
2017-08-31 13:38:33 +01:00
Grzegorz Bizon
0430b76441 Enable Style/DotPosition Rubocop 👮 2017-06-21 13:48:12 +00:00
Bryce Johnson
60e6eca0d0 Fix login tests for crowd to use #crowd. 2016-10-18 11:12:41 +02:00
Connor Shea
602fe11191
Remove provider path, replace with dynamic path. 2016-08-03 11:50:38 -06:00
Robert Speicher
b95ef77e23 Move "I should see Crowd login form" feature to a view spec
We were doing all kinds of code gymnastics to "enable" Crowd in the
feature spec and this would sometimes cause a transient failure.

Really what it's testing is if the Crowd login form shows when Crowd's
enabled, so this is much better suited to a view spec.
2016-02-24 17:38:13 -05:00