revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-19 03:01:11 +01:00
Code Issues Releases Wiki Activity
No description
8020 commits 3 branches 7 tags 153 MiB
PHP 93.5%
JavaScript 4.1%
CSS 2.4%
Find a file
epriestley 30f6405a86 Add an explicit temporary token management page to Settings 
Summary:
Ref T5506. This makes it easier to understand and manage temporary tokens.

Eventually this could be more user-friendly, since it's relatively difficult to understand what this screen means. My short-term goal is just to make the next change easier to implement and test.

The next diff will close a small security weakness: if you change your email address, password reset links which were sent to the old address are still valid. Although an attacker would need substantial access to exploit this (essentially, it would just make it easier for them to re-compromise an already compromised account), it's a bit surprising. In the next diff, email address changes will invalidate outstanding password reset links.

Test Plan:
  - Viewed outstanding tokens.
  - Added tokens to the list by making "Forgot your password?" requests.
  - Revoked tokens individually.
  - Revoked all tokens.
  - Tried to use a revoked token.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5506

Differential Revision: https://secure.phabricator.com/D10133
2014-08-04 12:04:13 -07:00
bin Add a bin/hunks script to manage migrations of hunk data 2014-06-03 18:01:23 -07:00
conf Remove @group annotations 2014-07-10 08:12:48 +10:00
externals Update Stripe PHP API 2014-07-13 09:19:07 -07:00
resources Give files uploaded to objects a very restrictive view policy 2014-08-02 14:46:13 -07:00
scripts Allow worker tasks to have priorities 2014-07-12 03:02:06 +10:00
src Add an explicit temporary token management page to Settings 2014-08-04 12:04:13 -07:00
support Return a HTTP 500 instead of a HTTP 400 if an internal error occurs in the Aphlict server 2014-07-18 09:20:00 +10:00
webroot Give files uploaded to objects a very restrictive view policy 2014-08-02 14:46:13 -07:00
.arcconfig Update .arclint in Phabricator for phutil-library lint 2014-05-12 06:01:30 -07:00
.arclint Rename Conduit classes 2014-07-25 10:54:15 +10:00
.editorconfig Specify config for text editors 2012-11-03 22:34:44 -07:00
.gitignore Update .gitignore. 2014-06-14 11:44:19 -07:00
LICENSE Delete license headers from files 2012-11-05 11:16:51 -08:00
NOTICE Update Phabricator NOTICE file to reflect modern legal circumstances 2014-06-25 13:42:13 -07:00
README Reformat README as Remarkup 2014-07-16 22:10:36 +10:00

README 

Phabricator is an open source collection of web applications which help
software companies build better software.

Phabricator includes applications for:

  - reviewing and auditing source code;
  - hosting and browsing repositories;
  - assembling a party to venture forth;
  - tracking bugs;
  - hiding stuff from coworkers; and
  - also some other things.

You can learn more about the project (and find links to documentation and
resources) [[http://phabricator.org/ | here]].

Phabricator is developed and maintained by [[http://phacility.com/ |
Phacility]]. The first version of Phabricator was originally built at Facebook.

= LICENSE =
Phabricator is released under the Apache 2.0 license except as otherwise noted.