bida/bastodon
6
0
Fork 0
Code Issues 7 Pull requests Releases Wiki Activity
bastodon/app/controllers/auth
History
Claire cfa583fa71
Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287) 
Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
2022-01-23 15:50:41 +01:00
..
challenges_controller.rb Add password challenge to 2FA settings, e-mail notifications (#11878) 2019-09-18 16:37:27 +02:00
confirmations_controller.rb Change confirmations controller to redirect to / for approved users (#16151) 2021-05-03 15:45:19 +02:00
omniauth_callbacks_controller.rb Fix undefined variable for Auth::OmniauthCallbacksController (#16654) 2021-08-25 17:40:56 +02:00
passwords_controller.rb Fix reviving revoked sessions and invalidating login (#16943) 2021-11-06 00:13:58 +01:00
registrations_controller.rb Fix reviving revoked sessions and invalidating login (#16943) 2021-11-06 00:13:58 +01:00
sessions_controller.rb Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287) 2022-01-23 15:50:41 +01:00
setup_controller.rb