Commit graph

7 commits

Author SHA1 Message Date
Małgorzata Ksionek
dfcf4cf5f1 Add captcha if there are multiple failed login attempts
Add method to store session ids by ip

Add new specs for storing session ids

Add cleaning up records after login

Add retrieving anonymous sessions

Add login recaptcha setting

Add new setting to sessions controller

Add conditions for showing captcha

Add sessions controller specs

Add admin settings specs for login protection

Add new settings to api

Add stub to devise spec

Add new translation key

Add cr remarks

Rename class call

Add cr remarks

Change if-clause for consistency

Add cr remarks

Add code review remarks

Refactor AnonymousSession class

Add changelog entry

Move AnonymousSession class to lib

Move store unauthenticated sessions to sessions controller

Move link to recaptcha info

Regenerate text file

Improve copy on the spam page

Change action filter for storing anonymous sessions

Fix rubocop offences

Add code review remarks
2019-07-31 11:47:55 +02:00
Toon Claes
38586061d8 Apply recaptcha API changes in 4.0
In recaptcha 4.0.0 there was an API change:

 - `public_key` -> `site_key`
 - `private_key` -> secret_key

See:
https://github.com/ambethia/recaptcha/blob/master/CHANGELOG.md
2019-03-08 15:04:04 +01:00
gfyoung
c858f70d07 Enable frozen string for lib/gitlab/*.rb 2018-10-22 07:00:50 +00:00
Mario de la Ossa
eaada9d706 use Gitlab::UserSettings directly as a singleton instead of including/extending it 2018-02-02 18:39:55 +00:00
Sean McGivern
5883ce95ef current_application_settings belongs on Gitlab::CurrentSettings
The initializers including this were doing so at the top level, so every object
loaded after them had a `current_application_settings` method. However, if
someone had rack-attack enabled (which was loaded before these initializers), it
would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't
have that method.

To fix this:

1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need
   `Object.new.current_application_settings` to work.
2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it
   like that in several places.
3. Change the initializers to use that new form.
2017-08-31 13:38:33 +01:00
Jarka Kadlecova
3d2954e457 Use reCaptcha when an issue identified as spam 2017-02-07 12:56:20 +01:00
Gabriel Mazetto
a3469d914a reCAPTCHA is configurable through Admin Settings, no reload needed. 2015-12-28 18:50:29 -02:00