phorge-phorge

mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 14:00:56 +01:00

No description

Find a file

epriestley 6f3bd13cf5 Begin adding more guidance to the "One-Time Login" flow Summary: Ref T13244. See PHI774. If an install does not use password auth, the "one-time login" flow (via "Welcome" email or "bin/auth recover") is pretty rough. Current behavior: - If an install uses passwords, the user is prompted to set a password. - If an install does not use passwords, you're dumped to `/settings/external/` to link an external account. This is pretty sketchy and this UI does not make it clear what users are expected to do (link an account) or why (so they can log in). Instead, improve this flow: - Password reset flow is fine. - (Future Change) If there are external linkable accounts (like Google) and the user doesn't have any linked, I want to give users a flow like a password reset flow that says "link to an external account". - (This Change) If you're an administrator and there are no providers at all, go to "/auth/" so you can set something up. - (This Change) If we don't hit on any other rules, just go home? This may be tweaked a bit as we go, but basically I want to refine the "/settings/external/" case into a more useful flow which gives users more of a chance of surviving it. Test Plan: Logged in with passwords enabled (got password reset), with nothing enabled as an admin (got sent to Auth), and with something other than passwords enabled (got sent home). Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13244 Differential Revision: https://secure.phabricator.com/D20094		2019-02-05 14:17:25 -08:00
bin	Remove dead symlink	2019-01-10 16:27:45 -08:00
conf	Remove an old digest in Celerity code and some obsolete configuration options	2019-01-04 13:43:38 -08:00
externals	Update the "SES" and "sendmail" mailers for the new API; remove "encoding"	2019-01-16 13:18:55 -08:00
resources	Correct a bug where milestone "spacePHID" columns could become desynchronized	2019-01-30 19:41:49 -08:00
scripts	Remove "iconv" PHP extension dependency	2019-01-30 19:46:58 -08:00
src	Begin adding more guidance to the "One-Time Login" flow	2019-02-05 14:17:25 -08:00
support	Use phutil_microseconds_since(...) to simplify some timing arithmetic	2018-11-08 16:46:32 -08:00
webroot	Add CSRF to SMS challenges, and pave the way for more MFA types (including Duo)	2019-01-24 15:10:57 -08:00
.arcconfig	Set "history.immutable" to "false" explicitly in .arcconfig	2016-08-03 08:12:49 -07:00
.arclint	Begin adding test coverage to GitHub Events API parsers	2016-03-09 09:30:07 -08:00
.arcunit	Use the configuration driven unit test engine	2015-08-11 07:57:11 +10:00
.editorconfig	Fix text lint issues	2015-02-12 07:00:13 +11:00
.gitignore	Make i18n string extraction faster and more flexible	2016-07-04 10:23:30 -07:00
LICENSE	Fix text lint issues	2015-02-12 07:00:13 +11:00
NOTICE	Update Phabricator NOTICE file to reflect modern legal circumstances	2014-06-25 13:42:13 -07:00
README.md	Remove push to IRC from "readme.md" too	2015-10-24 18:39:16 -07:00

README.md

Phabricator is a collection of web applications which help software companies build better software.

Phabricator includes applications for:

reviewing and auditing source code;
hosting and browsing repositories;
tracking bugs;
managing projects;
conversing with team members;
assembling a party to venture forth;
writing stuff down and reading it later;
hiding stuff from coworkers; and
also some other things.

You can learn more about the project (and find links to documentation and resources) at Phabricator.org

Phabricator is developed and maintained by Phacility.

SUPPORT RESOURCES

For resources on filing bugs, requesting features, reporting security issues, and getting other kinds of support, see Support Resources.

NO PULL REQUESTS!

We do not accept pull requests through GitHub. If you would like to contribute code, please read our Contributor's Guide.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.