harmacist/healthchecks
1
0
Fork 0
forked from GithubBackups/healthchecks
Code Issues Pull Requests Projects Releases Wiki Activity
1,665 Commits 3 Branches 0 Tags
Commit Graph

146 Commits

Author SHA1 Message Date
Pēteris Caune
68b1d5bb8b
Fix the "Email Reports" screen to clear Profile.next_nag_date 2021-03-15 13:06:57 +02:00
Pēteris Caune
5321f772fe
Add a link to check's details page in Slack notifications 
Fixes: #486
 2021-03-04 15:51:35 +02:00
Pēteris Caune
725be65bdd
Add the PROMETHEUS_ENABLED setting 2021-01-29 15:05:42 +02:00
Pēteris Caune
dfd159ab18
Add a "Lost password?" link with instructions in the Sign In page 2020-12-09 15:38:19 +02:00
Pēteris Caune
0b4251bdee
Add logic to handle exceptions thrown by the fido2 library 2020-11-19 16:53:58 +02:00
Pēteris Caune
3cfc31610a
Add extra security checks in the login_webauthn view 2020-11-19 16:21:31 +02:00
Pēteris Caune
8448f882cf
Add notes about adding a second key, and removing the last key 2020-11-19 15:05:08 +02:00
Pēteris Caune
568a287850
Fix WebAuthn registration to use random bytes for user handle 
User handle is used in a username-less authentication, to map a
credential received from browser with an user account in the
database. Since we only use security keys as a second factor,
the user handle is not of much use to us.

The user handle:
 - must not be blank,
 - must not be a constant value,
 - must not contain personally identifiable information.

So we use random bytes, and don't store them on our end.
 2020-11-19 13:59:23 +02:00
Pēteris Caune
8dbf9e02af
Fix capitalization, Webauthn -> WebAuthn 2020-11-19 13:01:26 +02:00
Pēteris Caune
7124383a53
Add checks for RP_ID, add a 2FA section in README 2020-11-19 12:54:00 +02:00
Pēteris Caune
9401bc3987
Update the "Close Account" function to use confirmation codes 2020-11-16 16:22:25 +02:00
Pēteris Caune
48750ee668
Update "Change Password" to show messages in panel's footer 2020-11-16 15:45:25 +02:00
Pēteris Caune
fb79948759
Update the "Change Email" function to use confirmation codes 2020-11-16 15:33:29 +02:00
Pēteris Caune
ed6b15bfa9
Update the "Set Password" function to use confirmation codes 2020-11-16 14:53:50 +02:00
Pēteris Caune
1ca4caa3a8
Update the set_password view to use update_session_auth_hash 
Changing user's password logs themselves out. To avoid that,
we were logging the user back in right after changing the password.

I recently discovered update_session_auth_hash, which seems to
be the proper way to do this.

Docs: https://docs.djangoproject.com/en/3.1/topics/auth/default/#session-invalidation-on-password-change
 2020-11-16 14:29:52 +02:00
Pēteris Caune
adb7702f39
Rename login_tfa to login_webauthn 2020-11-16 14:16:06 +02:00
Pēteris Caune
839c309cf7
Refactor for testability, add more test cases 2020-11-16 12:52:26 +02:00
Pēteris Caune
ecf964ea3b
Remove a verify_origin workaround 2020-11-15 21:49:25 +02:00
Pēteris Caune
9f58ebfd3e
Hook up a 2FA check after a password or email link authentication 2020-11-15 21:39:49 +02:00
Pēteris Caune
64be87137b
Add a two-factor authentication form (WIP) 2020-11-14 12:54:26 +02:00
Pēteris Caune
2ac0f87560
Implement a "Remove Security Key" feature 2020-11-14 11:45:09 +02:00
Pēteris Caune
2c3286c280
Improve the "add security key" UX, require sudo mode 2020-11-13 16:23:28 +02:00
Pēteris Caune
53688f1d87
Add error handling on the client side, use Django form API 2020-11-12 17:08:23 +02:00
Pēteris Caune
1eaa216d3a
Add experimental code for registering Webauthn credentials 2020-11-12 16:15:07 +02:00
Pēteris Caune
ad720af242
Rename "hc-p-channels" to "hc-channels" 2020-09-01 12:56:35 +03:00
Pēteris Caune
0a85c5ed12
In Account Settings > My Projects, indicate read-only memberships as read-only 2020-08-31 11:07:39 +03:00
Pēteris Caune
e424176a1f
Remove mentions of "whitelist" 2020-08-26 16:38:29 +03:00
Pēteris Caune
d73de68f70
Specify the read-write/read-only flag when inviting a team member. 2020-08-26 16:09:17 +03:00
Pēteris Caune
adb004b333
Read-only users cannot change project settings. 2020-08-26 15:04:12 +03:00
Pēteris Caune
2346ac3e80
Bugfix: don't allow duplicate team memberships 2020-08-19 12:07:48 +03:00
Pēteris Caune
ca715dd8d4
Check membership when initiating project's transfer. Use transaction.atomic() when completing the transfer. 2020-04-13 15:19:37 +03:00
Pēteris Caune
57da17b8e2
Send an "Ownership Transfer Request" email notification. 2020-04-13 15:04:59 +03:00
Pēteris Caune
532b752e3c
cleanup: don't import each form individually 2020-04-13 12:16:39 +03:00
Pēteris Caune
f7acaa57af
Adding tests. 2020-04-12 18:21:08 +03:00
Pēteris Caune
f42b2b144a
New feature: Project Settings > Transfer Ownership (WIP, missing tests) 2020-04-12 14:46:12 +03:00
Pēteris Caune
29e016d0fc
Update Telegram instructions. Fix redirect after login when adding Telegram integration. 2020-02-27 15:52:00 +02:00
Pēteris Caune
0c9c453ea0
Profile.current_project not used any more, remove last remaining references. cc: #336 2020-02-27 12:34:21 +02:00
Pēteris Caune
6a0c90853b
request.project is now unused, removing 2020-02-26 10:37:19 +02:00
Pēteris Caune
318934697f
Remove last references of the hc-channels route. 2020-02-25 15:26:33 +02:00
Pēteris Caune
acce0808ce
Project code in URL for the "Add Slack" page. cc: #336 2020-02-25 14:22:34 +02:00
Pēteris Caune
0ff4bd01e0
Improved UI to invite users from account's other projects. Fixes #258. 
The team size limit is applied to the number of distinct users across all projects. Fixes #332.
 2020-02-14 13:05:21 +02:00
Pēteris Caune
f51a0a257e
Don't delete customer data in braintree when closing account. 
Need customer data to stay in braintree until the end of each month for tax reports.
 2020-02-03 11:11:21 +02:00
Pēteris Caune
0d2c6217d3
Auto-submit the unsubscribe confirmation form only if signature is more than 5 minutes old. Idea from https://stackoverflow.com/questions/59281750/strategies-to-prevent-email-scanners-from-activating-unsubscribe-links/59381066#59381066 2019-12-18 16:10:30 +02:00
Pēteris Caune
8d81d27af3
Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe 2019-12-10 09:14:54 +02:00
Pēteris Caune
1cdb6e6d1d
Don't set CSRF cookie on first visit. Signup is exempt from CSRF protection. 2019-12-06 08:58:32 +02:00
Pēteris Caune
163b020116
Signup form sets the "auto-login" cookie to avoid an extra click during first login 2019-10-12 20:14:57 +03:00
Pēteris Caune
2bb769f7bb
Send monthly reports on 1st of every month, not randomly during the month 2019-10-12 20:07:09 +03:00
Pēteris Caune
391921d8af
Revert deterministic username generation feature – it causes problems when users change their email address. See #290 for details. 2019-10-12 11:37:06 +03:00
Pēteris Caune
41a0871452
Generate usernames as uuid3(const, email). Prevents multiple accts with the same email. Prevent double-clicking the submit button in signup form. Fixes #290 2019-09-30 16:40:45 +03:00
Pēteris Caune
dfee69584b
Don't show the "Sign Up" link in the login page if registration is closed. Fixes #280 2019-08-26 10:55:41 +03:00