Mathieu Magnin
d1749c2baf
[ #10754 ] verify email when using login token
2024-09-06 14:56:44 +02:00
Colin Darie
77fb0553fc
chore: enable freeze string literals by comment
2024-08-22 09:26:48 +02:00
Colin Darie
3c7018fd31
fix: don't set preferred domain on signup/signin unless feature is enabled
2024-04-09 10:04:18 +02:00
Colin Darie
17f9992722
Merge pull request #10040 from colinux/cross-domain-component
...
Prépare la bannière informant du changement de nom de domaine, avec redirection automatique le cas échéant
2024-03-21 14:58:29 +00:00
Colin Darie
f768801b7d
feat(registration): set preferred host on signup/signin
2024-03-21 13:15:36 +01:00
simon lehericey
efa35e04a5
use Current.application_name in app excluding mail
2024-03-21 10:06:09 +01:00
simon lehericey
759d729bf3
use AC autoconf discovery end_session_endpoint
2024-03-19 21:17:44 +01:00
simon lehericey
dca3727253
proper agent connect logout mechanism
2024-03-18 14:02:53 +01:00
simon lehericey
597342fe9d
small session refactor
2024-03-18 14:02:53 +01:00
simon lehericey
063445b892
add logout route
2024-03-18 14:02:18 +01:00
Colin Darie
0a07c9cd72
fix: encode reset link email in param because it's rendered in view later
2024-02-27 18:59:52 +01:00
Martin
5f77c0cd06
feat(email.validation): expand email validation to Avis, ContactInformation, Invite, DossierTransfert
2024-02-15 16:41:00 +01:00
Lisa Durand
0286d2b6fb
add profiles in flash after sign-in if multiple profile
2023-12-19 10:33:26 +01:00
Martin
26045cdd5f
amelioration(instructeur#activate_account): passage de la page de d'activation d'un compte instructeur au dsfr
2023-08-30 13:40:51 +02:00
mfo
62e5b1426a
tech(review): des ameliorations sur le code merci a sim/colin
...
Co-authored-by: LeSim <mail@simon.lehericey.net>
Co-authored-by: Colin Darie <colin@darie.eu>
2023-08-30 13:40:51 +02:00
Martin
4974962abd
amelioration(instructeur.connexion): ETQ instructeur, je peux redemander un lien de connexion securisé
2023-08-30 13:40:51 +02:00
Lisa Durand
31969b290b
create a new layout without procedure for login and use same layout full_screen without description for identite step
2023-05-25 16:15:31 +02:00
Colin Darie
61ebb27e86
fix(redirect): allow other hosts when required
2023-05-03 11:35:31 +02:00
simon lehericey
c7f7855f14
avoid phishing
2021-12-15 13:51:49 +01:00
Pierre de La Morinerie
a03d8d0705
controllers: remove useless handle_verified_request
override
...
This is a leftover of 09933454ff
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
09933454ff
app: improve InvalidAuthenticityToken logging
...
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Pierre de La Morinerie
51d6faabee
controllers: log invalid tokens in Users::SessionsController
...
This is an attempt to understand why we have so many of these
errors in production.
2021-04-22 19:23:47 +02:00
simon lehericey
7b9b90a3e0
[ fix #4238 ] When the token does not exist, redirect to home page without sending a new link
2019-08-27 15:01:46 +02:00
simon lehericey
80cb8b87fe
Keep only the FC logic and use devise for the rest
2019-08-16 16:48:22 +02:00
simon lehericey
9c715b2969
SessionController: new User in view
2019-08-16 16:48:22 +02:00
simon lehericey
27085af9b5
SessionController: remove remember_me
...
It is somehow taken care by warden
2019-08-16 16:48:22 +02:00
simon lehericey
002510d5cb
SessionController: remove complicated try_to_authenticate
2019-08-16 16:48:22 +02:00
simon lehericey
67cc2c1a87
SessionController: remove instructeur_signed_in?
2019-08-16 16:48:22 +02:00
simon lehericey
a3b9bf90d4
SessionController: remove useless code
...
- the redirection of a locked user is made by the sign_in method
- because of the paranoid mode it displays the devise.failure.invalid error message
2019-08-16 16:48:22 +02:00
simon lehericey
1b14d85c77
Rerender if wrong credentials
2019-08-16 16:48:22 +02:00
simon lehericey
dab1519b8c
Remove credenticals synchronisation logic
2019-08-16 11:35:19 +02:00
simon lehericey
972b6793f7
Remove useless sessions_controller
2019-08-14 18:04:26 +02:00
simon lehericey
149b0b5797
Fix Sign out
2019-08-14 16:58:50 +02:00
simon lehericey
840be2408e
Remove administrateur devise methods
2019-08-14 15:06:15 +02:00
simon lehericey
47b7dc368b
Remove or fix now nonsense code
2019-08-13 15:15:16 +02:00
simon lehericey
3fde2a6f70
Rename gestionnaire in code to instructeur
2019-08-12 13:47:01 +02:00
pedong
9438f962c5
add alert for account is locked
2019-07-29 17:48:44 +02:00
pedong
0ed9c4cbd4
add check access_locked? when login
2019-07-29 17:48:44 +02:00
simon lehericey
7de3a18fd1
valid period depend on trusted_device_token.created_at
2019-02-18 17:20:49 +01:00
simon lehericey
23db8a160c
move token validity to trusted_device_token
2019-02-18 17:20:49 +01:00
simon lehericey
bee9a108c5
split login and trusted_device logic
2019-02-18 17:20:00 +01:00
Pierre de La Morinerie
4fd9fa6610
sign_in: extract the procedure context to a ProcedureContextConcern
2019-01-17 11:07:09 +01:00
Pierre de La Morinerie
62ee710382
sign_in: remove hack for displaying the procedure context
...
Before there was no way to display the informations about a procedure
without having a dossier. Thus an empty dossier was created.
Now we can display the informations of a procedure using a @procedure
instance variable, so we can move this hack away.
2019-01-16 14:25:12 +01:00
Pierre de La Morinerie
d36696442b
layouts: migrate sign_in to the shared layout
2019-01-16 14:25:12 +01:00
simon lehericey
29fff9ee68
[ fix #3269 ] bufferize login token email
2019-01-10 12:06:35 +01:00
simon lehericey
b38fbc78ef
SessionControllerSpec: remove specific attribut test
...
change user.update(log_in_with_france_connect: nil) as log_in_france_connect is an enum
2019-01-09 13:49:47 +01:00
Pierre de La Morinerie
5a36546485
layouts: rename "application" to "application_old"
2019-01-07 12:17:05 +01:00
Frederic Merizen
4699e515ed
[ Fix #2999 ] Send gestionnaire back to what they were doing after email verification
2018-12-06 10:03:21 +01:00
Frederic Merizen
101e8e2588
[ #2999 ] Rediriger vers la bonne page apres login
...
(ne corrige pas le cas ou l'utilisateur est passe par le mail de confirmation)
2018-11-16 15:44:20 +01:00
simon lehericey
fb76197404
SessionController: flipflop trusted device
2018-11-13 10:41:45 +01:00