| Commit message (Collapse) | Author | Age | Lines | |
|---|---|---|---|---|
| * | Only show access tokens once, and store hashed. | Matthew Somerville | 2020-06-30 | -19/+15 |
| | | ||||
| * | Allow cobrands to skip 2FA requirement. | Matthew Somerville | 2019-12-09 | -1/+3 |
| | | ||||
| * | Switch to internal QR code generator. | Matthew Somerville | 2019-11-23 | -3/+3 |
| | | ||||
| * | Rotate session ID after successful login. | Matthew Somerville | 2019-11-22 | -0/+26 |
| | | ||||
| * | Allow enforcement of 2FA for staff users. | Matthew Somerville | 2019-10-30 | -2/+45 |
| | | ||||
| * | Require code to be entered when activating 2FA. | Matthew Somerville | 2019-10-28 | -13/+1 |
| | | ||||
| * | Allow non-superusers to store 2FA secrets. | Matthew Somerville | 2019-10-28 | -4/+3 |
| | | ||||
| * | Move 2FA form template to subdirectory. | Matthew Somerville | 2019-10-28 | -1/+1 |
| | | ||||
| * | Merge in upgraded Catalyst branch. | Matthew Somerville | 2019-05-14 | -1067/+0 |
| |\ | ||||
| | * | Update a number of packages. | Matthew Somerville | 2019-05-13 | -1067/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update: * Catalyst * Specify Catalyst::DispatchType::Regex explicitly * Remove Catalyst::Plugin::Unicode::Encoding * Catalyst::Plugin::SmartURI * Specify URI::SmartURI explicitly * Catalyst::Plugin::Static::Simple * CGI * Class::Load * DateTime * DateTime::TimeZone * DBD::Pg * DBIx::Class * DBIx::Class::EncodedColumn. * Email::Address. * Email::MIME * ExtUtils::MakeMaker * ExtUtils::ParseXS (for Params::Classify upgrade) * File::ChangeNotify * Image::Size * IO::Socket::SSL * local::lib * Moo * Moose (and some related others due to deprecations) * namespace::autoclean * Net::Server * Net::SSLeay * Number::Phone * Plack * Starman * Template * Test::PostgreSQL * Test::WWW::Mechanize::Catalyst * Text::CSV * YAML carton install was run on a wheezy box, the oldest that is supported, to make sure the required minimal vesions of core modules weren't removed from the snapshot. Cpanel::JSON::XS, Devel::GlobalDestruction::XS, and MooseX::NonMoose were then put back in the snapshot, in case another system needs them (e.g. system Perl on Mac looks for MooseX::NonMoose). | |||
| * | | Prevent previous commit issue ever happening again. | Matthew Somerville | 2019-05-07 | -0/+54 |
| |/ | ||||
| * | Update last_active on login/logout/session expiry. | Matthew Somerville | 2018-05-23 | -0/+2 |
| | | ||||
| * | Increase two-factor skew to 2 time periods. | Matthew Somerville | 2018-02-07 | -1/+1 |
| | | ||||
| * | Merge branch '2fa-superuser' | Matthew Somerville | 2018-02-07 | -0/+141 |
| |\ | ||||
| | * | Allow two-factor to work during creation flow. | Matthew Somerville | 2018-02-07 | -1/+19 |
| | | | ||||
| | * | Add two-factor authentication for superusers. | Matthew Somerville | 2018-02-07 | -0/+123 |
| | | | ||||
| * | | Add admin ability to log user out. | Matthew Somerville | 2018-02-06 | -0/+23 |
| |/ | ||||
| * | Add an access token authentication credential. | Matthew Somerville | 2017-11-29 | -0/+144 |
| | | | | | This allows access if you have a token associated with your user. | |||
| * | Add debug toolbar middleware. | Matthew Somerville | 2017-08-29 | -82/+128 |
| | | | | | | | | | | | | | | | If debug is enabled, using the CATALYST_DEBUG/FIXMYSTREET_APP_DEBUG environment variables, add a debug toolbar to the output, including request/response details and a database query log. This uses Plack middleware, so works by switching our dev server to use Starman with plack directly, rather than via the script runner. We remove the GZip compression as this interferes, and take a local copy of the QueryLog::AdoptPlack trait as it needs a tweak to work. Make sure the CSP header is not output in debug mode, as that would prevent the toolbar JavaScript from running. | |||
| * | Prevent dev sites auto-creating session. | Matthew Somerville | 2016-04-06 | -7/+0 |
| | | | | | | We check for a session's existence before looking in it, as looking in it first would auto create a session. | |||
| * | Fix lack of error logging in certain scenarios. | Matthew Somerville | 2015-10-08 | -0/+1067 |
| | | | | | | | Upgrade Catalyst::Engine and Catalyst::Log to 5.90030 so that errors are logged via psgi.errors rather than printed to the (perhaps nulled) stderr. Fixes #404. | |||
| * | Prevent potential recursion in session cookie. | Matthew Somerville | 2015-09-21 | -0/+3 |
| | | | | | Unlikely to crop up, but this fixes #1077. | |||
| * | Add Catalyst::Plugin::Compress::Gzip (locally, as CPAN version overloads ↵ | Matthew Somerville | 2013-03-19 | -0/+82 |
| | | | | | wrong function). | |||
| * | Typo. | Matthew Somerville | 2012-03-30 | -1/+1 |
| | | ||||
| * | Also don't output cookie for JPEG files to prevent session loss. | Matthew Somerville | 2012-03-30 | -2/+3 |
| | | ||||
| * | Needed brackets, dur (bugfix to de7a31da). | Matthew Somerville | 2012-03-23 | -1/+1 |
| | | ||||
| * | Don't send cookie on JS files, as can cause session loss. | Matthew Somerville | 2012-03-22 | -0/+3 |
| | | ||||
| * | Get cookie expiry to work, and correct IDs on checkboxes. | Matthew Somerville | 2011-06-29 | -0/+2 |
| | | ||||
| * | Add the 'remember_me' checkbox on login | Edmund von der Burg | 2011-04-07 | -0/+357 |
 |
index : fixmystreet | |
| This is mySociety's popular map-based reporting platform: easy to install in new countries and regions http://fixmystreet.org/ | FiksGataMi |
| aboutsummaryrefslogtreecommitdiffstats |