f4f8a293e7
implemented review items. Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds. I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail. Translatable texts. Move second factor logic to a helper class. Move second factor specific controller endpoints to its own controller. Move serialization logic for 2-factor details in admin user views. Add a login ember component for de-duplication Fix up code formatting Change verbiage of google authenticator add controller tests: second factor controller tests change email tests change password tests admin login tests add qunit tests - password reset, preferences fix: check for 2factor on change email controller fix: email controller - only show second factor errors on attempt fix: check against 'true' to enable second factor. Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP add two factor to email signin link rate limit if second factor token present add rate limiter test for second factor attempts |
||
|---|---|---|
| .. | ||
| components | ||
| controllers | ||
| fabricators | ||
| fixtures | ||
| helpers | ||
| import_export | ||
| integration | ||
| integrity | ||
| jobs | ||
| mailers | ||
| models | ||
| multisite | ||
| requests | ||
| serializers | ||
| services | ||
| support | ||
| tasks | ||
| views/omniauth_callbacks | ||
| discourse_tagging_spec.rb | ||
| rails_helper.rb | ||