revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-03 12:12:43 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/auth
History
epriestley 633aa5288c Persist login instructions onto flow-specific login pages (username/password and LDAP) 
Summary:
Fixes T13433. Currently, "Login Screen Instructions" in "Auth" are shown only on the main login screen. If you enter a bad password or bad LDAP credential set and move to the flow-specific login failure screen (for example, "invalid password"), the instructions vanish.

Instead, persist them. There are reasonable cases where this is highly useful and the cases which spring to mind where this is possibly misleading are fairly easy to fix by making the instructions more specific.

Test Plan:
  - Configured login instructions in "Auth".
  - Viewed main login screen, saw instructions.
  - Entered a bad username/password and a bad LDAP credential set, got kicked to workflow sub-pages and still saw instructions (previously: no instructions).
  - Grepped for other callers to `buildProviderPageResponse()` to look for anything weird, came up empty.

Maniphest Tasks: T13433

Differential Revision: https://secure.phabricator.com/D20863
2019-10-24 18:38:15 -07:00
..
__tests__ Prevent users from selecting excessively bad passwords based on their username or email address 2018-11-06 12:44:07 -08:00
action Simplify implementation of "SysetemAction->getSystemActionConstant()" 2019-07-19 15:45:37 -07:00
adapter Move web application classes into "phabricator/" 2019-09-02 07:58:59 -07:00
application Give "Auth Messages" a view/detail state before users customize them 2019-07-19 15:38:45 -07:00
capability Auth - add "manage providers" capability 2015-01-12 14:37:58 -08:00
conduit Deactivate SSH keys instead of destroying them completely 2016-05-18 14:54:28 -07:00
constants Allow MFA providers to be deprecated or disabled 2019-01-28 09:29:27 -08:00
controller Persist login instructions onto flow-specific login pages (username/password and LDAP) 2019-10-24 18:38:15 -07:00
data Add session and request hooks to PhabricatorAuthSessionEngine 2016-11-17 13:09:29 -08:00
editor Actually enforce auth.lock-config 2019-07-15 11:52:55 -07:00
engine Modularize user activity log message types 2019-07-24 07:10:18 -07:00
engineextension Allow "Sign with MFA" to be applied as a comment action without requiring "CAN_EDIT" 2019-06-17 10:41:42 -07:00
exception Move web application classes into "phabricator/" 2019-09-02 07:58:59 -07:00
extension Replace all "setQueryParam()" calls with "remove/replaceQueryParam()" 2019-02-14 11:56:39 -08:00
factor Autofocus the "App Code" input on the TOTP prompt during MFA gates after login 2019-08-08 12:54:22 -07:00
future Replace "URI->setQueryParams()" after initialization with a constructor argument 2019-02-14 11:46:37 -08:00
garbagecollector Add a garbage collector for MFA challenges 2018-12-17 07:00:55 -08:00
guidance Some formatting changes for showing auth provider config guidance 2019-04-17 11:08:16 -07:00
mail Send forced mail on SSH key edits 2016-05-19 15:01:25 -07:00
management Add a workflow and a new config option for locking authentication providers 2019-04-10 16:14:48 -07:00
message Allow installs to provide "Request a Username Change" instructions 2019-09-24 11:09:26 -07:00
password Prevent users from selecting excessively bad passwords based on their username or email address 2018-11-06 12:44:07 -08:00
phid Set a URI on Auth Messages, so the "Change Details" dialog from the transaction record has a cancel button 2019-04-30 06:59:04 -07:00
provider Modularize user activity log message types 2019-07-24 07:10:18 -07:00
query Make external link/refresh use provider IDs, switch external account MFA to one-shot 2019-02-12 15:18:08 -08:00
revoker Add "bin/auth revoke --list" to explain what can be revoked 2018-01-23 14:01:39 -08:00
sshkey Send forced mail on SSH key edits 2016-05-19 15:01:25 -07:00
storage Allow Auth messages to have detailed descriptions and default values, then give "Email Login" both 2019-07-19 15:39:21 -07:00
tokentype Redesign Config Application 2016-08-29 15:49:49 -07:00
view When users confirm Duo MFA in the mobile app, live-update the UI 2019-02-15 14:38:15 -08:00
worker Send emails for email invites 2015-02-11 06:06:09 -08:00
xaction Fix an issue where Duo validation could incorrectly apply to other factor types 2019-02-03 06:36:49 -08:00