0ct0pu5/healthchecks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3019 commits 2 branches 66 tags 26 MiB
Commit graph

32 commits

Author SHA1 Message Date
Pēteris Caune
ea89237c16
Fix hc.accounts.views.check_token to handle non-UUID usernames 
Fixes: #882
 2023-08-22 13:45:54 +03:00
Pēteris Caune
e46cf3725b
Add CSRF protection in the signup view 2023-02-14 09:15:46 +02:00
Pēteris Caune
161430fb10
Sort imports and add "from __future__ import annotations" 2022-10-17 16:52:15 +03:00
Pēteris Caune
c1ff8875e3
Implement login link expiration 
Login links will now expire in 1 hour.
 2022-05-30 15:48:51 +03:00
Pēteris Caune
6790d867a6
Add address verification step in the "Change Email" flow 
A similar issue has come up multiple times: the user
changes account's email address, enters a bad address
by mistake, and gets locked out of their account.

This commit adds an extra step in the "Change Email" flow:

* In "Account Settings", user clicks on [Change Email]
* User gets a prompt for a 6-digit confirmation code, which
  has been sent to their old address. This is to prevent
  account takeover when Eve sits down at a computer where Alice
  is logged in.
* The user enters the confirmation code, and a "Change Email"
  form loads.
* The user enters their new email address.
* (The new step!) Instead of changing the email right away,
  we send a special login link to user's specified new address.
* (The new step, continued) The user clicks on the login link,
  their account's email address gets updated, and they get
  logged in.

The additional step makes sure the user can receive email
at their new address. If they cannot receive email there,
they cannot complete the "Change Email" procedure.
 2022-05-20 17:54:45 +03:00
Pēteris Caune
222722569e
Add support for 2FA using TOTP 
Fixes: #354
 2021-07-30 16:43:23 +03:00
Pēteris Caune
6c10980889
Add Account Settings > Appearance page 2021-06-18 13:51:07 +03:00
Pēteris Caune
fb79948759
Update the "Change Email" function to use confirmation codes 2020-11-16 15:33:29 +02:00
Pēteris Caune
ed6b15bfa9
Update the "Set Password" function to use confirmation codes 2020-11-16 14:53:50 +02:00
Pēteris Caune
adb7702f39
Rename login_tfa to login_webauthn 2020-11-16 14:16:06 +02:00
Pēteris Caune
64be87137b
Add a two-factor authentication form (WIP) 2020-11-14 12:54:26 +02:00
Pēteris Caune
2ac0f87560
Implement a "Remove Security Key" feature 2020-11-14 11:45:09 +02:00
Pēteris Caune
1eaa216d3a
Add experimental code for registering Webauthn credentials 2020-11-12 16:15:07 +02:00
Pēteris Caune
0d2c6217d3
Auto-submit the unsubscribe confirmation form only if signature is more than 5 minutes old. Idea from https://stackoverflow.com/questions/59281750/strategies-to-prevent-email-scanners-from-activating-unsubscribe-links/59381066#59381066 2019-12-18 16:10:30 +02:00
Pēteris Caune
cdfc9840a7
Source formatted with Black 2019-05-15 14:27:50 +03:00
Pēteris Caune
178b0ff95c
Show "Badges" and "Settings" in top navigation. Fixes #234 2019-04-02 11:51:35 +03:00
Pēteris Caune
6b0d566922
"My Projects" page. 2019-01-29 10:59:10 +02:00
Pēteris Caune
b12eb1ee75
Users switch between projects, not between accounts. 2019-01-22 15:58:07 +02:00
Pēteris Caune
9214265136
Separate sign up and login forms. 2018-10-12 10:55:15 +03:00
Pēteris Caune
ef6e1870d9
Preliminary Django 2 support 2018-04-24 22:38:02 +03:00
Pēteris Caune
1fd5d0b3ce More secure unsubscribe links for monthly reports. 2017-10-18 15:53:08 +03:00
Pēteris Caune
2393dad09e Users can update their email addresses. Fixes #105 2017-08-23 15:47:20 +03:00
Pēteris Caune
e685154cc2 "Close Account" section in Settings page. Fixes #95 2017-03-16 19:39:30 +02:00
Pēteris Caune
4906a5247c Split "Account Settings" page into subpages. 2017-03-16 16:06:22 +02:00
Pēteris Caune
fdf9c607e5 Team Access, test cleanup 2016-05-09 15:35:13 +03:00
Pēteris Caune
1dacc8b797 Users can add passwords to their accounts. Fixes #6 2016-01-05 00:25:08 +02:00
Pēteris Caune
91e6f80d9a Code to send monthly reports (but no management command yet to actually send them) 2015-12-15 02:27:24 +02:00
Pēteris Caune
947f686c61 Organize imports using isort. 2015-11-02 23:55:33 +02:00
Pēteris Caune
7876da2c9e logout, unified login 2015-06-18 18:39:03 +03:00
Pēteris Caune
7997879bd8 Account creation 2015-06-12 20:49:35 +03:00
Pēteris Caune
a965f4c605 Login works, stubbed out canary index page 2015-06-11 23:44:49 +03:00
Pēteris Caune
00cdc313ec Initial commit 2015-06-11 22:12:09 +03:00