]> cat aescling's git repositories - mastodon.git/commit
cat aescling's git repositories / mastodon.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2ed1c92) | patch
Fix authentication failures after going halfway through a sign-in attempt (#16607)
authorClaire <claire.github-309c@sitedethib.com>
Wed, 25 Aug 2021 20:52:41 +0000 (22:52 +0200)
committerGitHub <noreply@github.com>
Wed, 25 Aug 2021 20:52:41 +0000 (22:52 +0200)
commit94bcf453219da73015cc977835717516b9dc0a67
treed1f8fab72b90fd7eb40b0b4a2dd07c5367d01b72tree | snapshot
parent2ed1c92c6331029ebd2762cc425a3a163dffd113commit | diff
Fix authentication failures after going halfway through a sign-in attempt (#16607)

* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
app/controllers/auth/sessions_controller.rb diff | blob | history
app/controllers/concerns/sign_in_token_authentication_concern.rb diff | blob | history
app/controllers/concerns/two_factor_authentication_concern.rb diff | blob | history
spec/controllers/auth/sessions_controller_spec.rb diff | blob | history
source code fur Kibicat Mastodon