Commit graph

89 commits

Author SHA1 Message Date
simon lehericey
759d729bf3 use AC autoconf discovery end_session_endpoint 2024-03-19 21:17:44 +01:00
simon lehericey
dca3727253 proper agent connect logout mechanism 2024-03-18 14:02:53 +01:00
simon lehericey
597342fe9d small session refactor 2024-03-18 14:02:53 +01:00
simon lehericey
063445b892 add logout route 2024-03-18 14:02:18 +01:00
Colin Darie
0a07c9cd72
fix: encode reset link email in param because it's rendered in view later 2024-02-27 18:59:52 +01:00
Martin
5f77c0cd06 feat(email.validation): expand email validation to Avis, ContactInformation, Invite, DossierTransfert 2024-02-15 16:41:00 +01:00
Lisa Durand
0286d2b6fb add profiles in flash after sign-in if multiple profile 2023-12-19 10:33:26 +01:00
Martin
26045cdd5f amelioration(instructeur#activate_account): passage de la page de d'activation d'un compte instructeur au dsfr 2023-08-30 13:40:51 +02:00
mfo
62e5b1426a tech(review): des ameliorations sur le code merci a sim/colin
Co-authored-by: LeSim <mail@simon.lehericey.net>
Co-authored-by: Colin Darie <colin@darie.eu>
2023-08-30 13:40:51 +02:00
Martin
4974962abd amelioration(instructeur.connexion): ETQ instructeur, je peux redemander un lien de connexion securisé 2023-08-30 13:40:51 +02:00
Lisa Durand
31969b290b create a new layout without procedure for login and use same layout full_screen without description for identite step 2023-05-25 16:15:31 +02:00
Colin Darie
61ebb27e86
fix(redirect): allow other hosts when required 2023-05-03 11:35:31 +02:00
simon lehericey
c7f7855f14 avoid phishing 2021-12-15 13:51:49 +01:00
Pierre de La Morinerie
a03d8d0705 controllers: remove useless handle_verified_request override
This is a leftover of 09933454ff
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
09933454ff app: improve InvalidAuthenticityToken logging
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Pierre de La Morinerie
51d6faabee controllers: log invalid tokens in Users::SessionsController
This is an attempt to understand why we have so many of these
errors in production.
2021-04-22 19:23:47 +02:00
simon lehericey
7b9b90a3e0 [fix #4238] When the token does not exist, redirect to home page without sending a new link 2019-08-27 15:01:46 +02:00
simon lehericey
80cb8b87fe Keep only the FC logic and use devise for the rest 2019-08-16 16:48:22 +02:00
simon lehericey
9c715b2969 SessionController: new User in view 2019-08-16 16:48:22 +02:00
simon lehericey
27085af9b5 SessionController: remove remember_me
It is somehow taken care by warden
2019-08-16 16:48:22 +02:00
simon lehericey
002510d5cb SessionController: remove complicated try_to_authenticate 2019-08-16 16:48:22 +02:00
simon lehericey
67cc2c1a87 SessionController: remove instructeur_signed_in? 2019-08-16 16:48:22 +02:00
simon lehericey
a3b9bf90d4 SessionController: remove useless code
- the redirection of a locked user is made by the sign_in method
- because of the paranoid mode it displays the devise.failure.invalid error message
2019-08-16 16:48:22 +02:00
simon lehericey
1b14d85c77 Rerender if wrong credentials 2019-08-16 16:48:22 +02:00
simon lehericey
dab1519b8c Remove credenticals synchronisation logic 2019-08-16 11:35:19 +02:00
simon lehericey
972b6793f7 Remove useless sessions_controller 2019-08-14 18:04:26 +02:00
simon lehericey
149b0b5797 Fix Sign out 2019-08-14 16:58:50 +02:00
simon lehericey
840be2408e Remove administrateur devise methods 2019-08-14 15:06:15 +02:00
simon lehericey
47b7dc368b Remove or fix now nonsense code 2019-08-13 15:15:16 +02:00
simon lehericey
3fde2a6f70 Rename gestionnaire in code to instructeur 2019-08-12 13:47:01 +02:00
pedong
9438f962c5 add alert for account is locked 2019-07-29 17:48:44 +02:00
pedong
0ed9c4cbd4 add check access_locked? when login 2019-07-29 17:48:44 +02:00
simon lehericey
7de3a18fd1 valid period depend on trusted_device_token.created_at 2019-02-18 17:20:49 +01:00
simon lehericey
23db8a160c move token validity to trusted_device_token 2019-02-18 17:20:49 +01:00
simon lehericey
bee9a108c5 split login and trusted_device logic 2019-02-18 17:20:00 +01:00
Pierre de La Morinerie
4fd9fa6610 sign_in: extract the procedure context to a ProcedureContextConcern 2019-01-17 11:07:09 +01:00
Pierre de La Morinerie
62ee710382 sign_in: remove hack for displaying the procedure context
Before there was no way to display the informations about a procedure
without having a dossier. Thus an empty dossier was created.

Now we can display the informations of a procedure using a @procedure
instance variable, so we can move this hack away.
2019-01-16 14:25:12 +01:00
Pierre de La Morinerie
d36696442b layouts: migrate sign_in to the shared layout 2019-01-16 14:25:12 +01:00
simon lehericey
29fff9ee68 [fix #3269] bufferize login token email 2019-01-10 12:06:35 +01:00
simon lehericey
b38fbc78ef SessionControllerSpec: remove specific attribut test
change user.update(log_in_with_france_connect: nil) as log_in_france_connect is an enum
2019-01-09 13:49:47 +01:00
Pierre de La Morinerie
5a36546485 layouts: rename "application" to "application_old" 2019-01-07 12:17:05 +01:00
Frederic Merizen
4699e515ed [Fix #2999] Send gestionnaire back to what they were doing after email verification 2018-12-06 10:03:21 +01:00
Frederic Merizen
101e8e2588 [#2999] Rediriger vers la bonne page apres login
(ne corrige pas le cas ou l'utilisateur est passe par le mail de confirmation)
2018-11-16 15:44:20 +01:00
simon lehericey
fb76197404 SessionController: flipflop trusted device 2018-11-13 10:41:45 +01:00
simon lehericey
457bc13c75 SessionController: do not display 'Connecté' when a login_link is required 2018-11-13 10:41:45 +01:00
simon lehericey
87967568b7 SessionController: if a admin is login in, redirect to admin page 2018-11-13 10:41:45 +01:00
simon lehericey
0d8d2de5a6 Session: add trusted_device cookie 2018-11-13 10:41:45 +01:00
simon lehericey
5690599289 Session: send a mail to confirm gestionnaire login 2018-11-13 10:41:45 +01:00
gregoirenovel
b994fa4206 Do one thing per line 2018-10-01 16:15:46 +02:00
gregoirenovel
16a719922b Use enum to the fullest with User.loged_in_with_france_connects 2018-08-29 17:31:08 +02:00