luna/mastodon
0
0
Fork 0
mirror of https://github.com/lunaisnotaboy/mastodon.git synced 2024-11-07 23:44:33 +00:00
Code Issues Projects Releases Wiki Activity
mastodon/app/controllers
History
Claire bddd9ba36d
Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN

Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.

* Add OMNIAUTH_ONLY environment variable to enforce external log-in only

* Disable user registration when OMNIAUTH_ONLY is set to true

* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
2022-01-23 15:52:58 +01:00
..
activitypub Add support for private pinned posts (#16954) 2022-01-17 00:49:55 +01:00
admin Add notifications for statuses deleted by moderators (#17204) 2022-01-17 09:41:33 +01:00
api Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 2022-01-23 15:52:58 +01:00
auth Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 2022-01-23 15:52:58 +01:00
concerns Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
oauth
settings Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
well_known Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
about_controller.rb Add server rules (#15769) 2021-02-21 19:50:12 +01:00
account_follow_controller.rb
account_unfollow_controller.rb
accounts_controller.rb Add support for private pinned posts (#16954) 2022-01-17 00:49:55 +01:00
application_controller.rb Add logging of S3-related errors (#16381) 2021-07-21 18:34:39 +02:00
authorize_interactions_controller.rb
custom_css_controller.rb Remove set-cookie header on custom.css (#16314) 2021-05-30 17:57:47 +02:00
directories_controller.rb Change trending hashtags to be affected be reblogs (#16164) 2021-05-07 14:33:43 +02:00
emojis_controller.rb
filters_controller.rb
follower_accounts_controller.rb Fix serialization of followers/following counts when user hides their network (#16418) 2021-06-21 20:14:47 +02:00
following_accounts_controller.rb Fix serialization of followers/following counts when user hides their network (#16418) 2021-06-21 20:14:47 +02:00
health_controller.rb Change health check (#15988) 2021-04-03 02:39:04 +02:00
home_controller.rb Change routing paths to use usernames in web UI (#16171) 2021-09-26 05:46:13 +02:00
instance_actors_controller.rb Create instance actor if it hasn't been properly seeded (#15693) 2021-02-09 18:12:54 +01:00
intents_controller.rb
invites_controller.rb
manifests_controller.rb
media_controller.rb Fix error when rendering public pages with media attachments (#16763) 2021-10-13 15:27:19 +02:00
media_proxy_controller.rb Fix media proxy RedisLocks auto-releasing too fast (#16291) 2021-05-22 15:00:33 +02:00
public_timelines_controller.rb
relationships_controller.rb Add interrelationship icon (#15149) 2020-11-12 17:43:12 +01:00
remote_follow_controller.rb Fix redirecting non-functional accounts on public pages (#11978) 2019-09-28 01:33:27 +02:00
remote_interaction_controller.rb
shares_controller.rb
statuses_cleanup_controller.rb Add feature to automatically delete old toots (#16529) 2021-08-09 23:11:50 +02:00
statuses_controller.rb Fix error when trying to render component for media without meta (#16112) 2021-05-05 21:16:55 +02:00
tags_controller.rb Refactor how public and tag timelines are queried (#14728) 2020-09-07 11:02:04 +02:00