1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-11 17:32:41 +01:00
phorge-phorge/src/applications/auth/controller
epriestley f42ec84d0c Add "High Security" mode to support multi-factor auth
Summary:
Ref T4398. This is roughly a "sudo" mode, like GitHub has for accessing SSH keys, or Facebook has for managing credit cards. GitHub actually calls theirs "sudo" mode, but I think that's too technical for big parts of our audience. I've gone with "high security mode".

This doesn't actually get exposed in the UI yet (and we don't have any meaningful auth factors to prompt the user for) but the workflow works overall. I'll go through it in a comment, since I need to arrange some screenshots.

Test Plan: See guided walkthrough.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8851
2014-04-27 17:31:11 -07:00
..
config Make password hashing modular 2014-02-18 14:09:36 -08:00
PhabricatorAuthConfirmLinkController.php Provide convenience method addTextCrumb() to PhabricatorCrumbsView 2013-12-18 17:47:34 -08:00
PhabricatorAuthController.php Fix an incorrectly spelled call on the registration error pathway 2014-02-24 11:45:28 -08:00
PhabricatorAuthDowngradeSessionController.php Add "High Security" mode to support multi-factor auth 2014-04-27 17:31:11 -07:00
PhabricatorAuthLinkController.php Tune cookie behaviors for 'phcid', 'phreg', etc 2014-03-14 14:33:31 -07:00
PhabricatorAuthLoginController.php Tune cookie behaviors for 'phcid', 'phreg', etc 2014-03-14 14:33:31 -07:00
PhabricatorAuthNeedsApprovalController.php Slightly improve behavior for unverified + unapproved users 2013-11-21 12:58:58 -08:00
PhabricatorAuthOldOAuthRedirectController.php Whitelist controllers which can receive a 'code' parameter 2014-03-12 11:30:04 -07:00
PhabricatorAuthRegisterController.php Fix two registration errors for unusual provider emails 2014-03-13 19:03:12 -07:00
PhabricatorAuthStartController.php Tune cookie behaviors for 'phcid', 'phreg', etc 2014-03-14 14:33:31 -07:00
PhabricatorAuthTerminateSessionController.php Make dialogs a little easier to use 2014-03-21 14:40:05 -07:00
PhabricatorAuthUnlinkController.php Move all account link / unlink to new registration flow 2013-06-17 06:12:45 -07:00
PhabricatorAuthValidateController.php After writing "next_uri", don't write it again for a while 2014-01-23 14:16:08 -08:00
PhabricatorDisabledUserController.php Restore merge of phutil_tag. 2013-02-13 14:51:18 -08:00
PhabricatorEmailLoginController.php Provide convenience method addTextCrumb() to PhabricatorCrumbsView 2013-12-18 17:47:34 -08:00
PhabricatorEmailTokenController.php Fix some security issues with email password resets 2014-01-27 16:53:04 -08:00
PhabricatorEmailVerificationController.php Require CSRF submission to verify email addresses 2014-02-26 11:17:46 -08:00
PhabricatorLogoutController.php Consolidate use of magical cookie name strings 2014-01-23 14:01:35 -08:00
PhabricatorMustVerifyEmailController.php Recover more flexibly from an already-verified email 2013-11-21 14:41:32 -08:00
PhabricatorRefreshCSRFController.php Delete license headers from files 2012-11-05 11:16:51 -08:00