f4f8a293e7
implemented review items. Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds. I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail. Translatable texts. Move second factor logic to a helper class. Move second factor specific controller endpoints to its own controller. Move serialization logic for 2-factor details in admin user views. Add a login ember component for de-duplication Fix up code formatting Change verbiage of google authenticator add controller tests: second factor controller tests change email tests change password tests admin login tests add qunit tests - password reset, preferences fix: check for 2factor on change email controller fix: email controller - only show second factor errors on attempt fix: check against 'true' to enable second factor. Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP add two factor to email signin link rate limit if second factor token present add rate limiter test for second factor attempts |
||
|---|---|---|
| .. | ||
| about | ||
| admin/backups | ||
| application | ||
| badges | ||
| categories | ||
| common | ||
| default | ||
| embed | ||
| exceptions | ||
| finish_installation | ||
| invites | ||
| layouts | ||
| list | ||
| metadata | ||
| offline | ||
| pending_flags_mailer | ||
| posts | ||
| robots_txt | ||
| safe_mode | ||
| search | ||
| session | ||
| static | ||
| tags | ||
| topics | ||
| user_api_keys | ||
| user_notifications | ||
| users | ||
| users_email | ||
| wizard | ||