paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-06 06:53:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
63,218 Commits 30 Branches 160 Tags
b2bc8db6bcca0725edc15930626f81f4777dba3a
Commit Graph

390 Commits

Author SHA1 Message Date
Greg Price
093bae4bc5 subdomains: Fix some implicit uses of "" for the root subdomain. 
These are just instances that jumped out at me while working on the
subdomains code, mostly while grepping for get_subdomain call sites.
I haven't attempted a comprehensive search, and there are likely
still others left.
 2017-10-26 10:29:17 -07:00
darshanime
a14ec17473 dev_login: Don't redirect to realm if it doesn't exist. 
Fixes #7132.
 2017-10-25 15:13:20 -07:00
Tim Abbott
3ee53d5de3 auth: Don't offer password reset links when useless. 
If an organization doesn't have the EmailAuthBackend (which allows
password auth) enabled, then our password reset form doesn't do
anything, so we should hide it in the UI.
 2017-10-24 12:07:43 -07:00
Tim Abbott
1ab2ca5986 subdomains: Extract zerver.lib.subdomains library. 
These never really belonged with the rest of zerver.lib.utils.py, and
having a separate library makes it easier to enforce full test
coverage.
 2017-10-18 22:27:48 -07:00
Tim Abbott
065033e864 auth: Fix mypy annotations in authenticate_remote_user. 2017-10-11 23:32:11 -07:00
Tim Abbott
57b8bfe84b authenticate_remote_user: Accept a realm object. 
This paves the path for further code cleanup migrations.
 2017-10-11 23:27:00 -07:00
Tim Abbott
db645f5825 finish_google_oauth2: Depend on a realm existing. 2017-10-11 23:27:00 -07:00
Tim Abbott
e48abcfcf1 auth: Fix confusing realm variable name in JWT auth. 2017-10-11 23:27:00 -07:00
Vishnu Ks
63ed4110fe auth: Submit dev login form to the correct subdomain. 2017-10-11 10:16:55 -07:00
Tim Abbott
43bba27e5d auth: Fix redirect loop in development environment. 
Since the REALMS_HAVE_SUBDOMAINS migration in development, we've had
scattered reports of users who found trying to open 127.0.0.1:9991
resulting in a redirect loop between zulipdev.com:9991,
zulipdev.com:9991/devlogin, and zulipdev.com:9991/devlogin/, and back
to zulipdev.com:9991.

We fix this temporarily through a small cleanup, which is to have that
last step in the loop send the user to the subdomain where they're
actually logged in, zulip.zulipdev.com:9991.

There's more to be done before this system will make sense, though.
 2017-10-05 23:21:29 -07:00
Tim Abbott
1d72629dc4 subdomains: Hardcode REALMS_HAVE_SUBDOMAINS=True. 2017-10-02 16:42:43 -07:00
Umair Khan
69ccc8ce0e ldap: Show helpful message when realm is None. 2017-09-30 10:18:25 -07:00
Vishnu Ks
94e099eaab auth: Make multiuse invite link work with oAuth2. 
This works by attaching to the user's session the multi-use invitation
key, allowing that to be used in the Google/GitHub auth flows.
 2017-09-27 17:47:40 -07:00
rht
15ca13c8de zerver/views: Remove absolute_import. 2017-09-27 10:00:39 -07:00
Tim Abbott
1c25bb5eba auth: Fix typo in invalid subdomain logging. 2017-09-26 22:20:05 -07:00
Tim Abbott
0e1518bb67 auth: Disable coverage check for an auth error path. 
This is just a temporary change to get tests passing again, though
it's possible we'll be deleting this code path before long.
 2017-09-25 12:06:10 -07:00
Tim Abbott
15781dbc83 server_settings: Add email auth related features to data sent to clients. 
This should make it possible for the mobile app to correctly allow
non-email addresses as usernames exactly when it makes sense to do so.
 2017-09-15 10:30:20 -07:00
Tim Abbott
ac0d90e533 portico: Rename 'find_my_team' to 'find_account'. 2017-08-28 14:29:29 -07:00
Umair Khan
ecfafc05c0 registration: Use already_registered to show error. 
Use this new variable to determine if the user already exists while
doing registration. While doing login through GitHub if we press
*Go back to login*, we pass email using email variable. As a result,
the login page starts showing the "User already exists error" if we
don't change the variable.
 2017-08-28 07:02:11 -07:00
Umair Khan
b473ff54ce Show realm deactivation notice for login/register. 
Fixes #6247
 2017-08-25 00:09:06 -07:00
Tim Abbott
3d4893d906 settings: Rename SUBDOMAINS_HOMEPAGE to ROOT_DOMAIN_LANDING_PAGE. 
This new setting name is a lot more readable.
 2017-08-24 19:32:16 -07:00
Tim Abbott
ab61fe5922 auth: Fix Google auth to not assume SUBDOMAINS_HOMEPAGE. 
Previously, Google auth would redirect you back to the login page on
this code path.
 2017-08-24 19:03:42 -07:00
Tim Abbott
8b0c0c33b5 login: Fix logging for login/register actions. 
Previously, Zulip's server logs would not show which user or client
was involved in login or user registration actions, which made
debugging more annoying than it needed to be.
 2017-08-24 16:29:27 -07:00
Tim Abbott
a570a57fd5 login: Log which user was authenticated in mobile flows. 2017-08-24 16:29:27 -07:00
Tim Abbott
8a65fdce49 subdomains: Fix over-aggressive redirect to find_my_team. 
If the root domain is a valid subdomain, we don't want to redirect
everyone away from it.
 2017-08-23 20:07:17 -07:00
Vishnu Ks
8418f0d30e dev_login: List realms and show only users in the selected realm. 2017-08-23 19:27:32 -07:00
Vaida Plankyte
52046d537a auth.py: Add config_error page for misconfigured github/google auth. 
Significantly modified by tabbott to use a better system, pass tests,
and clean up the content.
 2017-08-16 10:05:19 -07:00
Umair Khan
4a3fde023f google: Respect is_signup argument. 
This allows us to go to Registration form directly. This behaviour is
similar to what we follow in GitHub oAuth. Before this, in registration
flow if an account was not found, user was asked if they wanted to go to
registration flow. This confirmation behavior is followed for login
oauth path.
 2017-08-09 13:44:57 -07:00
Umair Khan
bb0eb76bf3 github: Don't ask for password in registration. 2017-08-09 13:44:57 -07:00
Rishi Gupta
0f4b71b766 confirmation: Liberate get_link_for_object from ConfirmationManager. 2017-07-17 23:18:47 -07:00
Rishi Gupta
11a4cffba0 confirmation: Add explicit host in call to get_link_for_object in auth.py. 2017-07-07 18:56:14 -07:00
Rishi Gupta
8fed9eeb75 confirmation: Make host a required argument in get_link_for_object. 
Removes some lines of test from test_email_change.py. The relevant code path
was never utilized by the code itself, just by the tests.
 2017-07-07 18:53:00 -07:00
Rishi Gupta
c72a5f2efe confirmation: Call get_link_for_object with host=unused when host unused. 2017-07-07 18:53:00 -07:00
neiljp (Neil Pilgrim)
f1a8148242 mypy: Set remote_username parameter to Optional[Text] based on a test. 2017-07-07 10:56:33 -07:00
Umair Khan
dc78a7888f login_or_register_remote_user: Send login emails for mobile. 
Fixes #5389
 2017-06-26 16:14:14 -07:00
Umair Khan
34a91be9a2 api_fetch_api_key: Send new login emails for mobile. 2017-06-26 16:14:14 -07:00
Umair Khan
1e9c87855c Django 1.11: is_authenticated is now a property. 2017-06-13 15:04:04 -07:00
umkay
9ab0a8be6a mypy: Fix strict optional in zerver/views. 2017-05-25 09:30:41 -07:00
umkay
ccc70445d6 mypy: Fix strict-optional errors for test files. 
Fix mypy --strict-optional errors in zerver/tests
 2017-05-24 12:43:28 -07:00
Yago González
c0f2036435 api: Handle unregistered users in dev_fetch_api_key. 
Fixes #4851.
 2017-05-24 09:39:44 -07:00
Tim Abbott
109c5c677a mypy: Fix return value annotation for google_oauth2_csrf. 2017-05-23 17:47:03 -07:00
Aditya Bansal
c504b013b1 pep8: Add compliance with rule E261 to views/auth.py. 2017-05-18 03:00:32 +05:30
Umair Khan
dc2a9a4c5b github: Add sign up button on registration page. 2017-05-10 17:49:08 -07:00
Umair Khan
d56db0a3b4 auth.py: Add confirmation handlers for signup. 
These handlers will kick into action when is_signup is False. In case
the account exists, the user will be logged in, otherwise, user will
be asked if they want to proceed to registration.
 2017-05-10 17:20:34 -07:00
Umair Khan
11426a2cec log_into_subdomain: User should be None in signup. 2017-05-10 17:20:34 -07:00
Tim Abbott
5019b53492 auth: Pass is_signup option around. 2017-05-10 17:20:34 -07:00
Tim Abbott
ce3974b40e auth: add is_signup option to login_or_register_remote_user. 2017-05-10 17:20:34 -07:00
Tim Abbott
f4a1cea488 auth: Refactor conditionals in login_or_register_remote_user. 2017-05-05 10:19:02 -07:00
Tim Abbott
33ecfd7da4 auth: Remove require_GET for api_get_auth_backends. 
Unfortunately, the Android app incorrectly uses POST with this
endpoint, so the recent change to add this needs to be reverted.
 2017-05-04 14:39:02 -07:00
Tim Abbott
51260b7536 auth: Add new route to get server settings. 
Specifically, this makes easily available to the desktop and mobile
apps data on the server's configuration, including important details
like the realm icon, name, and description.

It deprecates /api/v1/get_auth_backends.
 2017-05-03 16:40:14 -07:00