]> cat aescling's git repositories - mastodon.git/commit
cat aescling's git repositories / mastodon.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e192e3c) | patch
Fix authentication failures after going halfway through a sign-in attempt (#16607)
authorClaire <claire.github-309c@sitedethib.com>
Wed, 25 Aug 2021 20:52:41 +0000 (22:52 +0200)
committersingle-right-quote <34298117+single-right-quote@users.noreply.github.com>
Wed, 1 Sep 2021 00:27:19 +0000 (00:27 +0000)
commit3bdc6a0b600bc6924e2df313400d8e0896386e8a
tree7ff3f4c4fe77f42dfb68225dc92d15377a356be0tree | snapshot
parente192e3cbff946346215cebd68342e41029b8afcfcommit | diff
Fix authentication failures after going halfway through a sign-in attempt (#16607)

* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
app/controllers/auth/sessions_controller.rb diff | blob | history
app/controllers/concerns/sign_in_token_authentication_concern.rb diff | blob | history
app/controllers/concerns/two_factor_authentication_concern.rb diff | blob | history
spec/controllers/auth/sessions_controller_spec.rb diff | blob | history
source code fur Kibicat Mastodon