revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-05 20:31:03 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/auth
History
epriestley bb20c13651 Allow MFA factors to provide more guidance text on create workflows 
Summary:
Depends on D20016. Ref T920. This does nothing interesting on its own since the TOTP provider has no guidance/warnings, but landing it separately helps to simplify an upcoming SMS diff.

SMS will have these guidance messages:

  - "Administrator: you haven't configured any mailer which can send SMS, like Twilio."
  - "Administrator: SMS is weak."
  - "User: you haven't configured a contact number."

Test Plan: {F6151283} {F6151284}

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T920

Differential Revision: https://secure.phabricator.com/D20017
2019-01-23 14:10:16 -08:00
..
__tests__ Prevent users from selecting excessively bad passwords based on their username or email address 2018-11-06 12:44:07 -08:00
action Tighten some MFA/TOTP parameters to improve resistance to brute force attacks 2018-12-28 00:10:13 -08:00
application Support designating a contact number as "primary" 2019-01-23 14:03:08 -08:00
capability Auth - add "manage providers" capability 2015-01-12 14:37:58 -08:00
conduit Deactivate SSH keys instead of destroying them completely 2016-05-18 14:54:28 -07:00
constants Support invites in the registration and login flow 2015-02-11 06:06:28 -08:00
controller Allow MFA factors to provide more guidance text on create workflows 2019-01-23 14:10:16 -08:00
data Add session and request hooks to PhabricatorAuthSessionEngine 2016-11-17 13:09:29 -08:00
editor Add "Contact Numbers" so we can send users SMS mesages 2019-01-23 13:39:56 -08:00
engine Convert user MFA factors to point at configurable "MFA Providers", not raw "MFA Factors" 2019-01-23 13:37:43 -08:00
engineextension Allow any transaction group to be signed with a one-shot "Sign With MFA" action 2018-12-28 00:09:30 -08:00
exception Improve UI messaging around "one-shot" vs "session upgrade" MFA 2018-12-28 00:11:36 -08:00
extension Add a more modern object for storing password hashes 2018-01-22 15:35:28 -08:00
factor Allow MFA factors to provide more guidance text on create workflows 2019-01-23 14:10:16 -08:00
garbagecollector Add a garbage collector for MFA challenges 2018-12-17 07:00:55 -08:00
guidance Add a bunch of Phacility-specific code to the upstream, thinly veiled as generic code 2016-11-15 09:11:22 -08:00
handler Modularize generation of supplemental login messages 2015-09-04 10:34:39 -07:00
mail Send forced mail on SSH key edits 2016-05-19 15:01:25 -07:00
management Update bin/auth MFA commands for the new "MFA Provider" indirection layer 2019-01-23 13:38:44 -08:00
message Add "Auth Messages" to support customizing onboarding/welcome flows 2019-01-18 19:53:19 -08:00
password Prevent users from selecting excessively bad passwords based on their username or email address 2018-11-06 12:44:07 -08:00
phid Add "Contact Numbers" so we can send users SMS mesages 2019-01-23 13:39:56 -08:00
provider Put a hard limit on password login attempts from the same remote address 2019-01-18 19:48:42 -08:00
query Give "MetaMTAMail" a "message type" and support SMS 2019-01-23 14:05:46 -08:00
revoker Add "bin/auth revoke --list" to explain what can be revoked 2018-01-23 14:01:39 -08:00
sshkey Send forced mail on SSH key edits 2016-05-19 15:01:25 -07:00
storage Allow MFA factors to provide more guidance text on create workflows 2019-01-23 14:10:16 -08:00
tokentype Redesign Config Application 2016-08-29 15:49:49 -07:00
view Explicitly add rel="noreferrer" to all external links 2018-02-17 17:46:11 -08:00
worker Send emails for email invites 2015-02-11 06:06:09 -08:00
xaction Support designating a contact number as "primary" 2019-01-23 14:03:08 -08:00