mastodon/app/controllers/auth
Claire 6f36b633a7
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
..
challenges_controller.rb Add password challenge to 2FA settings, e-mail notifications (#11878) 2019-09-18 16:37:27 +02:00
confirmations_controller.rb Fix confirmation redirect to app without `Location` header (#18523) 2022-05-26 22:03:54 +02:00
omniauth_callbacks_controller.rb Merge pull request from GHSA-vm39-j3vx-pch3 2024-02-14 15:16:07 +01:00
passwords_controller.rb Revoke all authorized applications on password reset (#21325) 2022-12-15 15:47:06 +01:00
registrations_controller.rb Fix invalid/expired invites being processed on sign-up (#24337) 2023-04-04 12:41:27 +02:00
sessions_controller.rb Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-24 15:31:06 +01:00
setup_controller.rb Change unconfirmed user login behaviour (#11375) 2019-07-22 10:48:50 +02:00