healthchecks

Author	SHA1	Message	Date
Pēteris Caune	adb7702f39	Rename login_tfa to login_webauthn	2020-11-16 14:16:06 +02:00
Pēteris Caune	839c309cf7	Refactor for testability, add more test cases	2020-11-16 12:52:26 +02:00
Pēteris Caune	ecf964ea3b	Remove a verify_origin workaround	2020-11-15 21:49:25 +02:00
Pēteris Caune	9f58ebfd3e	Hook up a 2FA check after a password or email link authentication	2020-11-15 21:39:49 +02:00
Pēteris Caune	64be87137b	Add a two-factor authentication form (WIP)	2020-11-14 12:54:26 +02:00
Pēteris Caune	2ac0f87560	Implement a "Remove Security Key" feature	2020-11-14 11:45:09 +02:00
Pēteris Caune	2c3286c280	Improve the "add security key" UX, require sudo mode	2020-11-13 16:23:28 +02:00
Pēteris Caune	53688f1d87	Add error handling on the client side, use Django form API	2020-11-12 17:08:23 +02:00
Pēteris Caune	1eaa216d3a	Add experimental code for registering Webauthn credentials	2020-11-12 16:15:07 +02:00
Pēteris Caune	ad720af242	Rename "hc-p-channels" to "hc-channels"	2020-09-01 12:56:35 +03:00
Pēteris Caune	0a85c5ed12	In Account Settings > My Projects, indicate read-only memberships as read-only	2020-08-31 11:07:39 +03:00
Pēteris Caune	e424176a1f	Remove mentions of "whitelist"	2020-08-26 16:38:29 +03:00
Pēteris Caune	d73de68f70	Specify the read-write/read-only flag when inviting a team member.	2020-08-26 16:09:17 +03:00
Pēteris Caune	adb004b333	Read-only users cannot change project settings.	2020-08-26 15:04:12 +03:00
Pēteris Caune	2346ac3e80	Bugfix: don't allow duplicate team memberships	2020-08-19 12:07:48 +03:00
Pēteris Caune	ca715dd8d4	Check membership when initiating project's transfer. Use transaction.atomic() when completing the transfer.	2020-04-13 15:19:37 +03:00
Pēteris Caune	57da17b8e2	Send an "Ownership Transfer Request" email notification.	2020-04-13 15:04:59 +03:00
Pēteris Caune	532b752e3c	cleanup: don't import each form individually	2020-04-13 12:16:39 +03:00
Pēteris Caune	f7acaa57af	Adding tests.	2020-04-12 18:21:08 +03:00
Pēteris Caune	f42b2b144a	New feature: Project Settings > Transfer Ownership (WIP, missing tests)	2020-04-12 14:46:12 +03:00
Pēteris Caune	29e016d0fc	Update Telegram instructions. Fix redirect after login when adding Telegram integration.	2020-02-27 15:52:00 +02:00
Pēteris Caune	0c9c453ea0	Profile.current_project not used any more, remove last remaining references. cc: #336	2020-02-27 12:34:21 +02:00
Pēteris Caune	6a0c90853b	request.project is now unused, removing	2020-02-26 10:37:19 +02:00
Pēteris Caune	318934697f	Remove last references of the hc-channels route.	2020-02-25 15:26:33 +02:00
Pēteris Caune	acce0808ce	Project code in URL for the "Add Slack" page. cc: #336	2020-02-25 14:22:34 +02:00
Pēteris Caune	0ff4bd01e0	Improved UI to invite users from account's other projects. Fixes #258 . The team size limit is applied to the number of distinct users across all projects. Fixes #332.	2020-02-14 13:05:21 +02:00
Pēteris Caune	f51a0a257e	Don't delete customer data in braintree when closing account. Need customer data to stay in braintree until the end of each month for tax reports.	2020-02-03 11:11:21 +02:00
Pēteris Caune	0d2c6217d3	Auto-submit the unsubscribe confirmation form only if signature is more than 5 minutes old. Idea from https://stackoverflow.com/questions/59281750/strategies-to-prevent-email-scanners-from-activating-unsubscribe-links/59381066#59381066	2019-12-18 16:10:30 +02:00
Pēteris Caune	8d81d27af3	Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe	2019-12-10 09:14:54 +02:00
Pēteris Caune	1cdb6e6d1d	Don't set CSRF cookie on first visit. Signup is exempt from CSRF protection.	2019-12-06 08:58:32 +02:00
Pēteris Caune	163b020116	Signup form sets the "auto-login" cookie to avoid an extra click during first login	2019-10-12 20:14:57 +03:00
Pēteris Caune	2bb769f7bb	Send monthly reports on 1st of every month, not randomly during the month	2019-10-12 20:07:09 +03:00
Pēteris Caune	391921d8af	Revert deterministic username generation feature – it causes problems when users change their email address. See #290 for details.	2019-10-12 11:37:06 +03:00
Pēteris Caune	41a0871452	Generate usernames as uuid3(const, email). Prevents multiple accts with the same email. Prevent double-clicking the submit button in signup form. Fixes #290	2019-09-30 16:40:45 +03:00
Pēteris Caune	dfee69584b	Don't show the "Sign Up" link in the login page if registration is closed. Fixes #280	2019-08-26 10:55:41 +03:00
Pēteris Caune	2489f86b38	Delete customer from Braintree when closing account.	2019-08-19 11:47:36 +03:00
Pēteris Caune	8f6726d1ee	Prevent email clients from opening the one-time login links. Fixes #255	2019-05-21 11:26:55 +03:00
Pēteris Caune	cdfc9840a7	Source formatted with Black	2019-05-15 14:27:50 +03:00
Pēteris Caune	afaa8767cd	Rate limit login-with-password attempts.	2019-04-26 15:51:10 +03:00
Pēteris Caune	beae8e62b4	Rate limit team invites to 20/day	2019-04-26 09:04:51 +03:00
Pēteris Caune	aaa3b2748e	Rate limiting for the "Log In" emails	2019-04-25 21:28:40 +03:00
Pēteris Caune	178b0ff95c	Show "Badges" and "Settings" in top navigation. Fixes #234	2019-04-02 11:51:35 +03:00
Pēteris Caune	62310a5181	Show overall project status in the top navigation menu and in the "Select Project" page. cc: #183	2019-02-01 23:25:12 +02:00
Pēteris Caune	d04f3cc328	Use Project.badge_key for generating badge URLs	2019-01-31 22:51:19 +02:00
Pēteris Caune	069bc9b735	Test cases for adding project, removing project and leaving project.	2019-01-29 19:57:18 +02:00
Pēteris Caune	4ff1654806	Don't create default projects for invited users.	2019-01-29 19:16:52 +02:00
Pēteris Caune	c1e4595ab2	If user has a single project, _redirect_after_login redirects to it.	2019-01-29 19:05:32 +02:00
Pēteris Caune	f2ae573872	Reduce the usage of request.project.	2019-01-29 16:54:51 +02:00
Pēteris Caune	08810d1fca	Check membership before removing project member.	2019-01-29 16:42:12 +02:00
Pēteris Caune	8dd91b247b	When user has no projects, don't auto-create a project.	2019-01-29 13:19:15 +02:00

1 2 3

131 Commits