hometown/app/controllers/auth
Francis Murillo 5fb1c3e934
Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
..
challenges_controller.rb Add password challenge to 2FA settings, e-mail notifications (#11878) 2019-09-18 16:37:27 +02:00
confirmations_controller.rb Fix confirmation redirect to app without `Location` header (#18523) 2022-05-26 22:03:54 +02:00
omniauth_callbacks_controller.rb Fix crash when external auth provider has no display_name set (#19962) 2022-11-07 15:43:24 +01:00
passwords_controller.rb Revoke all authorized applications on password reset (#21325) 2022-12-15 15:47:06 +01:00
registrations_controller.rb Add 'private' to Cache-Control, match Rails expectations (#20608) 2022-11-16 04:56:30 +01:00
sessions_controller.rb Fix form-action CSP directive for external login (#20962) 2022-11-17 22:59:07 +01:00
setup_controller.rb Change unconfirmed user login behaviour (#11375) 2019-07-22 10:48:50 +02:00