openstreetmap-website

Author	SHA1	Message	Date
Tom Hughes	7c25a1e1bc	Make the username cookie permanent	2011-11-16 10:05:39 +00:00
Tom Hughes	5bc3054d61	Store the username in a cookie and use it to validate the session	2011-11-14 09:42:59 +00:00
Tom Hughes	88bf67b092	Make /user/new handle already logged in users better	2011-11-14 09:42:58 +00:00
Tom Hughes	07b834785f	Force openid callbacks to use GET to avoid CSRF validation issues	2011-11-14 09:42:57 +00:00
Tom Hughes	546db82281	Preserve field values if the signup form fails validation	2011-11-14 09:42:56 +00:00
Tom Hughes	071c3581e9	Disable CSRF token verification for API methods	2011-11-14 09:42:55 +00:00
Tom Hughes	97b1290f1a	Use SecureRandom instead of the deprecated ActiveSupport::SecureRandom	2011-11-14 09:42:52 +00:00
Tom Hughes	3227f40193	Make more use of named scopes	2011-11-14 09:42:51 +00:00
Tom Hughes	226c41be69	Update ActiveRecord queries to use arel	2011-11-14 09:42:44 +00:00
Tom Hughes	423f5ffbc2	Use config.filter_parameters instead of filter_parameter_logging	2011-11-14 09:42:43 +00:00
Tom Hughes	7d45c2fd3c	Replace request.request_uri with request.fullpath	2011-11-14 09:42:42 +00:00
Tom Hughes	2e2c95133b	Use new ActionMail API to send emails	2011-11-14 09:42:41 +00:00
Tom Hughes	dc4cc8d219	Add support for manual tracking of a Piwik goal on signup	2011-09-20 21:40:53 +01:00
Tom Hughes	59a49a6ef5	Fix problems with database offline mode	2011-06-23 08:30:44 +01:00
Tom Hughes	da572b90c7	Don't error if we fail to get SReg and/or AX data from OpenID	2011-06-15 00:07:32 +01:00
Tom Hughes	c940313823	Fix some broken tests	2011-06-14 22:57:10 +01:00
Tom Hughes	83ecb516a4	Make password signups work	2011-06-10 21:48:17 +01:00
Tom Hughes	ce7b651eb2	Merge branch 'master' into openid	2011-06-10 19:11:08 +01:00
Tom Hughes	c4f7a8346a	Use session.delete to remove entries instead of assigning nil	2011-06-01 10:17:54 +01:00
Tom Hughes	2a635ab28f	Start ROTS for user login tests as well as creation tests	2011-05-21 13:35:15 +01:00
Tom Hughes	832b96b75a	Merge branch 'master' into openid Conflicts: app/controllers/user_controller.rb app/views/user/terms.html.erb test/fixtures/users.yml	2011-05-21 12:14:56 +01:00
Tom Hughes	02e186ee5b	Allow user details to be fetched without agreeing terms	2011-04-20 21:17:59 +01:00
Tom Hughes	37b6418f72	Revert "Allow user details to be fetched without agreeing terms" This reverts commit `ddd12b03e1`.	2011-04-18 23:04:42 +01:00
Tom Hughes	ddd12b03e1	Allow user details to be fetched without agreeing terms	2011-04-18 22:23:48 +01:00
Tom Hughes	6f7eb8f0e8	Don't require terms to be agreed when logging out	2011-04-18 09:04:57 +01:00
Matt Amos	c21aa5933a	Added flash notice for CTs decline Also ensured that CTs are either accepted or declined and cannot be inadvertently bypassed.	2011-04-18 00:29:15 +01:00
Tom Hughes	b77c6fe8ae	Improve recognition of OAuth referers for triggering of slim mode	2011-04-06 13:24:08 +01:00
Tom Hughes	4b20afd51e	Preserve the referer at the end of account creation	2011-04-03 13:46:18 +01:00
Tom Hughes	097fb390b8	Only show login/signup in slim mode when used from oauth	2011-04-03 13:46:18 +01:00
Andy Allan	7b57119146	Another approach, but this time without scattering stuff all over the methods	2011-04-03 13:46:17 +01:00
Andy Allan	0531a7dfa1	Ah, that doesn't work due to 'bugs' in the way layouts work - only the last command has any effect	2011-04-03 13:46:17 +01:00
Andy Allan	5531c0bf34	Use the slim layout on the login page	2011-04-03 13:46:16 +01:00
Tom Hughes	0169453855	Make sure the user is redirect correctly after seeing the terms	2011-04-03 13:46:16 +01:00
Tom Hughes	392aa71015	Tidy up a few things	2011-04-03 13:46:16 +01:00
Matt Amos	8b12abd5bb	Phase 2 CTs implementation and tests, with config parameter	2011-04-03 13:46:16 +01:00
Tom Hughes	0ea9f92be5	Merge branch 'master' into openid Conflicts: app/controllers/user_controller.rb	2010-12-05 15:15:55 +00:00
Tom Hughes	9c2de4039c	Add an explicit "default editor" option to the user settings	2010-11-29 12:20:23 +00:00
Matt Amos	cd66a5db99	Initial work on support for multiple editors	2010-11-29 12:20:21 +00:00
Tom Hughes	7f3d37867b	Protect against interception of confirmation emails When processing an account confirmation email don't automatically log the user in unless their browser session has a token that matches the same user. Closes #3337.	2010-11-15 21:41:32 +00:00
Tom Hughes	e09b187cae	Merge branch 'master' into openid Conflicts: app/controllers/user_controller.rb	2010-10-17 10:59:29 +01:00
Tom Hughes	2f0ed54206	Handle attempts to agree terms by users with validation errors better	2010-10-12 20:34:49 +01:00
Tom Hughes	c016bf6c15	Merge branch 'master' into openid Conflicts: app/controllers/user_controller.rb	2010-10-05 00:23:04 +01:00
Tom Hughes	bddf524c88	Allow users to send themselves a new confirmation email Add a method which generates a new confirmation email, and provide links to it from appropriate places.	2010-10-04 21:52:58 +01:00
Tom Hughes	52e523cb0b	Invite users to fill in their profile after confirming an account	2010-10-04 19:45:26 +01:00
Tom Hughes	483936772d	Improve the flash message shown after a user signs up Make the message a bit more friendly and include the email address the confirmation was sent to.	2010-10-04 19:11:01 +01:00
Tom Hughes	0874c807e3	Use javascript to automatically submit confirmation forms In order to avoid forcing the user to press a confirm button, whilst still not running into the problems we used to have with virus scanners activating accounts we use javascript to hide and then automatically submit the confirmation form.	2010-10-04 19:11:01 +01:00
Kai Krueger	96b2a9bf16	Add support for fetching attributes via AX as well as SReg	2010-10-03 14:25:45 +01:00
Tom Hughes	bebb9203df	Fix errors when an existing user tries to agree to the new terms	2010-10-01 21:07:34 +01:00
Tom Hughes	f70feedc65	Merge branch 'master' into openid	2010-09-24 09:35:36 +01:00
Tom Hughes	ef038fa5fe	Only display the license notice if we don't already have a notice	2010-09-10 11:23:01 +01:00

1 2 3 4 5

204 commits