Tiago Botelho
37383d9a9d
Rollsback changes made to signing_enabled.
2017-09-01 10:51:40 +01:00
Robin Bobbitt
672a68d372
Fixes needed when GitLab sign-in is not enabled
...
When sign-in is disabled:
- skip password expiration checks
- prevent password reset requests
- don’t show Password tab in User Settings
- don’t allow login with username/password for Git over HTTP requests
- render 404 on requests to Profiles::PasswordsController
2017-07-13 10:08:27 -04:00
Robert Speicher
599a6d7873
Allow the initial admin to set a password
...
Closes #1980
2016-03-04 17:37:57 -05:00
Drew Blessing
f4ec906e90
Use devise paranoid mode and ensure the same message is returned every time
...
Skipped CI because it has already passed. Had to rebase due to CHANGELOG.
2015-12-09 18:40:37 -06:00
Robert Speicher
b8ff38b1d4
Refactor PasswordsController to use before_actions
2015-10-01 21:47:27 -04:00
Robert Speicher
292bca0546
Only allow password reset emails once per minute
...
Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2611
2015-09-30 15:38:21 -04:00
Robert Speicher
3a4274e19e
Take advantage of Devise.sign_in_after_reset_password
2015-09-30 14:35:00 -04:00
Robert Speicher
b6318297fc
Use User#two_factor_enabled instead of otp_required_for_login
2015-06-19 15:14:37 -04:00
Vinnie Okada
af428b1259
Fill in email on the new password form
2015-05-16 14:03:18 -06:00
Vinnie Okada
c68c23210b
Redirect if password reset token is expired
...
Don't display the password editing form if the user's token is expired;
redirect to the form that allows users to request a new password reset
token.
2015-05-16 14:03:18 -06:00
Robert Speicher
24bef5e67a
Handle password reset for users with 2FA enabled
2015-05-11 14:31:31 -04:00
Dmitriy Zaporozhets
3dfcb95f0d
Use ruby 1.9 hash syntax
2015-01-23 17:41:10 -08:00
Marin Jankovski
a740e2d6d1
Do not allow password reset for ldap user.
2014-03-18 12:25:49 +01:00
Dmitriy Zaporozhets
3e09e6f7b8
Move Profile related controllers under Profiles:: module
2013-06-24 18:24:14 +03:00
Dmitriy Zaporozhets
00882b3c33
Prevent infinit password change by settin password_expires_at to nil
2013-06-13 20:21:51 +03:00
Dmitriy Zaporozhets
46231f0f1d
Fix password set form and infinite loop
2013-06-13 20:16:48 +03:00
Dmitriy Zaporozhets
5b40780290
Password expire: implement password resource inside profile. add before_fiter check
2013-06-13 19:53:04 +03:00