Commit Graph

19 Commits (22a9952040e7282e065624c54c72a402da740b89)

Author SHA1 Message Date
Mélanie Chauvel 19d3809ad5
Improve description of keyboard shortcuts (#16129)
* Remove useless “to” from shortcuts description

* Improve descriptions of keyboard shortcuts

* Use curved quotations marks instead of straight ones
2021-05-04 23:23:36 +02:00
Asier Iturralde Sarasola 066dbe1e69
Fix typo: you -> your (#15476) 2021-01-07 09:32:16 +01:00
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
* feat: add possibility of adding WebAuthn security keys to use as 2FA

This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add request for WebAuthn as second factor at login if enabled

This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: add possibility of deleting WebAuthn Credentials

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: disable WebAuthn when an Admin disables 2FA for a user

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA

Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.

* We had to change a little the flow for setting up TOTP, given that now
  it's possible to setting up again if you already had TOTP, in order to
  let users modify their authenticator app – given that now it's not
  possible for them to disable TOTP and set it up again with another
  authenticator app.
  So, basically, now instead of storing the new `otp_secret` in the
  user, we store it in the session until the process of set up is
  finished.
  This was because, as it was before, when users clicked on 'Edit' in
  the new two-factor methods lists page, but then went back without
  finishing the flow, their `otp_secret` had been changed therefore
  invalidating their previous authenticator app, making them unable to
  log in again using TOTP.

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>

* refactor: fix eslint errors

The PR build was failing given that linting returning some errors.
This commit attempts to fix them.

* refactor: normalize i18n translations

The build was failing given that i18n translations files were not
normalized.
This commits fixes that.

* refactor: avoid having the webauthn gem locked to a specific version

* refactor: use symbols for routes without '/'

* refactor: avoid sending webauthn disabled email when 2FA is disabled

When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.

* refactor: avoid creating new env variable for webauthn_origin config

* refactor: improve flash error messages for webauthn pages

Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
2020-08-24 16:46:27 +02:00
Eugen Rochko e1066cd431
Add password challenge to 2FA settings, e-mail notifications (#11878)
Fix #3961
2019-09-18 16:37:27 +02:00
Eugen Rochko 5eff29b28c
Fix pre-review confirmation e-mail saying you can't login (#11860)
Fix #11419
2019-09-16 15:44:52 +02:00
Eugen Rochko 51e154f5e8
Admission-based registrations mode (#10250)
Fix #6856
Fix #6951
2019-03-14 05:28:30 +01:00
mayaeh 46e806cd2f Rename from instance to server. (#9938) 2019-02-05 19:11:24 +01:00
Eugen Rochko 5d2fc6de32
Add REST API for creating an account (#9572)
* Add REST API for creating an account

The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.

The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.

The method is rate-limited by IP to 5 requests per 30 minutes.

* Redirect users back to app from confirmation if they were created with an app

* Add tests

* Return 403 on the method if registrations are not open

* Require agreement param to be true in the API when creating an account
2018-12-24 19:12:38 +01:00
SerCom_KC fb16c37d2a Update Simplified Chinese translations (#6280)
* i18n: (zh-CN) Update translation for #6252

* e-mail -> email

* i18n: (zh-CN) Update translations for #6256

* i18n: (zh-CN) Minor Improvements

* i18n: (zh-CN) Update translations for #6263

* i18n: (zh-CN) Update translations for #6279
2018-01-17 16:47:25 +01:00
SerCom_KC 3323b4173e Change disclaimer in email according to #5817 (#6266) 2018-01-16 06:44:57 +01:00
Eugen Rochko 5276c0a090
HTML e-mails for UserMailer (#6256)
- premailer gem to turn CSS into inline styles automatically
- rework UserMailer templates
- reword UserMailer templates
2018-01-16 03:29:11 +01:00
Patrick Figel 04ecf44c2f Add confirmation step for email changes (#6071)
* Add confirmation step for email changes

This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.

Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.

Fixes #3871

* Add review fixes
2018-01-02 16:55:00 +01:00
jeroenpraat 7c1f3f8163 Added a warning to look into the spam folder (#2921)
Inspired by a user who received the email confirmation in Gmail's spam folder. This happened with Sparkpost correctly setup.
2017-05-17 02:55:37 +02:00
Thomas Citharel d90d23699c Make Reporting admin section translatable (#1549)
* Make Reporting admin section translatable

And translate it into english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make subject of emails translatable and improve french translation

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Make error pages translatable and translate them in english and french

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

* Translate site setting section

* Insert instance in registration emails and improve them a bit

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-04-12 17:11:49 +02:00
Jantso Porali 9e3c4fd2d7 Update language files (#1516)
* update faq with default language

* update translation for about page

* update Minio config

Thanks to @Gargon for helping me. I hope this will help others as well

* update import and export translation

* translate emails to finnish

* add finnish translation for emails

* add finnish translation for emails

* add finnish translation

* add missing dot

* update finnish language to emails

* add finnish translation for emails

* add dot and fix typo

* updated some minor typos

* remove language change due breaking emails

And by dev request

* updated minio config by dev request

* updated about page translation

* fix for Amazon S3/Minio instance setups

If you were using S3 or Minio for your files, this will fix the Import issue :)

* update translation according to issue #1515

See issue #1515

* update translation for issue #1515

see issue #1515
2017-04-11 21:41:29 +02:00
Eugen Rochko 546c4718e7 Localizations for most server-side strings 2016-11-16 00:55:33 +01:00
Waldir Pimenta 4f654eb822 use consistent capitalization for subject lines 2016-10-06 11:16:59 +01:00
Yann Vaillant 038a407b9e
Update default devise wording to include reference to Mastodon
Fix #68
2016-10-06 07:45:07 +02:00
Eugen Rochko 7e93da3f8d Removing grape and adding devise 2016-03-05 13:12:24 +01:00