Commit graph

79 commits

Author SHA1 Message Date
Lisa Durand
31969b290b create a new layout without procedure for login and use same layout full_screen without description for identite step 2023-05-25 16:15:31 +02:00
Colin Darie
61ebb27e86
fix(redirect): allow other hosts when required 2023-05-03 11:35:31 +02:00
simon lehericey
c7f7855f14 avoid phishing 2021-12-15 13:51:49 +01:00
Pierre de La Morinerie
a03d8d0705 controllers: remove useless handle_verified_request override
This is a leftover of 09933454ff
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
09933454ff app: improve InvalidAuthenticityToken logging
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Pierre de La Morinerie
51d6faabee controllers: log invalid tokens in Users::SessionsController
This is an attempt to understand why we have so many of these
errors in production.
2021-04-22 19:23:47 +02:00
simon lehericey
7b9b90a3e0 [fix #4238] When the token does not exist, redirect to home page without sending a new link 2019-08-27 15:01:46 +02:00
simon lehericey
80cb8b87fe Keep only the FC logic and use devise for the rest 2019-08-16 16:48:22 +02:00
simon lehericey
9c715b2969 SessionController: new User in view 2019-08-16 16:48:22 +02:00
simon lehericey
27085af9b5 SessionController: remove remember_me
It is somehow taken care by warden
2019-08-16 16:48:22 +02:00
simon lehericey
002510d5cb SessionController: remove complicated try_to_authenticate 2019-08-16 16:48:22 +02:00
simon lehericey
67cc2c1a87 SessionController: remove instructeur_signed_in? 2019-08-16 16:48:22 +02:00
simon lehericey
a3b9bf90d4 SessionController: remove useless code
- the redirection of a locked user is made by the sign_in method
- because of the paranoid mode it displays the devise.failure.invalid error message
2019-08-16 16:48:22 +02:00
simon lehericey
1b14d85c77 Rerender if wrong credentials 2019-08-16 16:48:22 +02:00
simon lehericey
dab1519b8c Remove credenticals synchronisation logic 2019-08-16 11:35:19 +02:00
simon lehericey
972b6793f7 Remove useless sessions_controller 2019-08-14 18:04:26 +02:00
simon lehericey
149b0b5797 Fix Sign out 2019-08-14 16:58:50 +02:00
simon lehericey
840be2408e Remove administrateur devise methods 2019-08-14 15:06:15 +02:00
simon lehericey
47b7dc368b Remove or fix now nonsense code 2019-08-13 15:15:16 +02:00
simon lehericey
3fde2a6f70 Rename gestionnaire in code to instructeur 2019-08-12 13:47:01 +02:00
pedong
9438f962c5 add alert for account is locked 2019-07-29 17:48:44 +02:00
pedong
0ed9c4cbd4 add check access_locked? when login 2019-07-29 17:48:44 +02:00
simon lehericey
7de3a18fd1 valid period depend on trusted_device_token.created_at 2019-02-18 17:20:49 +01:00
simon lehericey
23db8a160c move token validity to trusted_device_token 2019-02-18 17:20:49 +01:00
simon lehericey
bee9a108c5 split login and trusted_device logic 2019-02-18 17:20:00 +01:00
Pierre de La Morinerie
4fd9fa6610 sign_in: extract the procedure context to a ProcedureContextConcern 2019-01-17 11:07:09 +01:00
Pierre de La Morinerie
62ee710382 sign_in: remove hack for displaying the procedure context
Before there was no way to display the informations about a procedure
without having a dossier. Thus an empty dossier was created.

Now we can display the informations of a procedure using a @procedure
instance variable, so we can move this hack away.
2019-01-16 14:25:12 +01:00
Pierre de La Morinerie
d36696442b layouts: migrate sign_in to the shared layout 2019-01-16 14:25:12 +01:00
simon lehericey
29fff9ee68 [fix #3269] bufferize login token email 2019-01-10 12:06:35 +01:00
simon lehericey
b38fbc78ef SessionControllerSpec: remove specific attribut test
change user.update(log_in_with_france_connect: nil) as log_in_france_connect is an enum
2019-01-09 13:49:47 +01:00
Pierre de La Morinerie
5a36546485 layouts: rename "application" to "application_old" 2019-01-07 12:17:05 +01:00
Frederic Merizen
4699e515ed [Fix #2999] Send gestionnaire back to what they were doing after email verification 2018-12-06 10:03:21 +01:00
Frederic Merizen
101e8e2588 [#2999] Rediriger vers la bonne page apres login
(ne corrige pas le cas ou l'utilisateur est passe par le mail de confirmation)
2018-11-16 15:44:20 +01:00
simon lehericey
fb76197404 SessionController: flipflop trusted device 2018-11-13 10:41:45 +01:00
simon lehericey
457bc13c75 SessionController: do not display 'Connecté' when a login_link is required 2018-11-13 10:41:45 +01:00
simon lehericey
87967568b7 SessionController: if a admin is login in, redirect to admin page 2018-11-13 10:41:45 +01:00
simon lehericey
0d8d2de5a6 Session: add trusted_device cookie 2018-11-13 10:41:45 +01:00
simon lehericey
5690599289 Session: send a mail to confirm gestionnaire login 2018-11-13 10:41:45 +01:00
gregoirenovel
b994fa4206 Do one thing per line 2018-10-01 16:15:46 +02:00
gregoirenovel
16a719922b Use enum to the fullest with User.loged_in_with_france_connects 2018-08-29 17:31:08 +02:00
gregoirenovel
7489b8d1aa Avoid assignments in conditions 2018-03-06 17:18:44 +01:00
gregoirenovel
e26f4148ff Bump development gems
- brakeman
- rubocop
- scss_lint
2018-03-06 16:17:22 +01:00
gregoirenovel
fe7f8da636 Revert "Bump development gems"
This reverts commit d6ad3fc3fd.
2018-03-06 15:11:26 +01:00
gregoirenovel
d6ad3fc3fd Bump development gems
- brakeman
- rubocop
- scss_lint
2018-03-06 10:36:35 +01:00
simon lehericey
0308345008 Gestionnaire: move procedures_path to gestionnaire_procedures_path 2018-02-22 17:02:20 +01:00
gregoirenovel
345b892956 Enable the Layout/LeadingCommentSpace cop 2018-01-15 22:33:13 +01:00
simon lehericey
f8519c5345 FC initializers: remove Hashie 2018-01-15 17:08:38 +01:00
Simon Lehericey
0d46f92795 FC: move FC constants under particulier namespace 2018-01-15 16:59:50 +01:00
Simon Lehericey
8c487c65a9 FC: remove unused code 2018-01-15 11:27:56 +01:00
gregoirenovel
7c34807f46 Don’t use unless 2018-01-12 11:32:43 +01:00