1d72629dc4
subdomains: Hardcode REALMS_HAVE_SUBDOMAINS=True.
2017-10-02 16:42:43 -07:00
69ccc8ce0e
ldap: Show helpful message when realm is None.
2017-09-30 10:18:25 -07:00
94e099eaab
auth: Make multiuse invite link work with oAuth2.
...
This works by attaching to the user's session the multi-use invitation
key, allowing that to be used in the Google/GitHub auth flows.
2017-09-27 17:47:40 -07:00
15ca13c8de
zerver/views: Remove absolute_import.
2017-09-27 10:00:39 -07:00
1c25bb5eba
auth: Fix typo in invalid subdomain logging.
2017-09-26 22:20:05 -07:00
0e1518bb67
auth: Disable coverage check for an auth error path.
...
This is just a temporary change to get tests passing again, though
it's possible we'll be deleting this code path before long.
2017-09-25 12:06:10 -07:00
15781dbc83
server_settings: Add email auth related features to data sent to clients.
...
This should make it possible for the mobile app to correctly allow
non-email addresses as usernames exactly when it makes sense to do so.
2017-09-15 10:30:20 -07:00
ac0d90e533
portico: Rename 'find_my_team' to 'find_account'.
2017-08-28 14:29:29 -07:00
ecfafc05c0
registration: Use already_registered to show error.
...
Use this new variable to determine if the user already exists while
doing registration. While doing login through GitHub if we press
*Go back to login*, we pass email using email variable. As a result,
the login page starts showing the "User already exists error" if we
don't change the variable.
2017-08-28 07:02:11 -07:00
b473ff54ce
Show realm deactivation notice for login/register.
...
Fixes #6247
2017-08-25 00:09:06 -07:00
3d4893d906
settings: Rename SUBDOMAINS_HOMEPAGE to ROOT_DOMAIN_LANDING_PAGE.
...
This new setting name is a lot more readable.
2017-08-24 19:32:16 -07:00
ab61fe5922
auth: Fix Google auth to not assume SUBDOMAINS_HOMEPAGE.
...
Previously, Google auth would redirect you back to the login page on
this code path.
2017-08-24 19:03:42 -07:00
8b0c0c33b5
login: Fix logging for login/register actions.
...
Previously, Zulip's server logs would not show which user or client
was involved in login or user registration actions, which made
debugging more annoying than it needed to be.
2017-08-24 16:29:27 -07:00
a570a57fd5
login: Log which user was authenticated in mobile flows.
2017-08-24 16:29:27 -07:00
8a65fdce49
subdomains: Fix over-aggressive redirect to find_my_team.
...
If the root domain is a valid subdomain, we don't want to redirect
everyone away from it.
2017-08-23 20:07:17 -07:00
8418f0d30e
dev_login: List realms and show only users in the selected realm.
2017-08-23 19:27:32 -07:00
52046d537a
auth.py: Add config_error page for misconfigured github/google auth.
...
Significantly modified by tabbott to use a better system, pass tests,
and clean up the content.
2017-08-16 10:05:19 -07:00
4a3fde023f
google: Respect is_signup argument.
...
This allows us to go to Registration form directly. This behaviour is
similar to what we follow in GitHub oAuth. Before this, in registration
flow if an account was not found, user was asked if they wanted to go to
registration flow. This confirmation behavior is followed for login
oauth path.
2017-08-09 13:44:57 -07:00
bb0eb76bf3
github: Don't ask for password in registration.
2017-08-09 13:44:57 -07:00
0f4b71b766
confirmation: Liberate get_link_for_object from ConfirmationManager.
2017-07-17 23:18:47 -07:00
11a4cffba0
confirmation: Add explicit host in call to get_link_for_object in auth.py.
2017-07-07 18:56:14 -07:00
8fed9eeb75
confirmation: Make host a required argument in get_link_for_object.
...
Removes some lines of test from test_email_change.py. The relevant code path
was never utilized by the code itself, just by the tests.
2017-07-07 18:53:00 -07:00
c72a5f2efe
confirmation: Call get_link_for_object with host=unused when host unused.
2017-07-07 18:53:00 -07:00
f1a8148242
mypy: Set remote_username parameter to Optional[Text] based on a test.
2017-07-07 10:56:33 -07:00
dc78a7888f
login_or_register_remote_user: Send login emails for mobile.
...
Fixes #5389
2017-06-26 16:14:14 -07:00
34a91be9a2
api_fetch_api_key: Send new login emails for mobile.
2017-06-26 16:14:14 -07:00
1e9c87855c
Django 1.11: is_authenticated is now a property.
2017-06-13 15:04:04 -07:00
9ab0a8be6a
mypy: Fix strict optional in zerver/views.
2017-05-25 09:30:41 -07:00
ccc70445d6
mypy: Fix strict-optional errors for test files.
...
Fix mypy --strict-optional errors in zerver/tests
2017-05-24 12:43:28 -07:00
c0f2036435
api: Handle unregistered users in dev_fetch_api_key.
...
Fixes #4851 .
2017-05-24 09:39:44 -07:00
109c5c677a
mypy: Fix return value annotation for google_oauth2_csrf.
2017-05-23 17:47:03 -07:00
c504b013b1
pep8: Add compliance with rule E261 to views/auth.py.
2017-05-18 03:00:32 +05:30
dc2a9a4c5b
github: Add sign up button on registration page.
2017-05-10 17:49:08 -07:00
d56db0a3b4
auth.py: Add confirmation handlers for signup.
...
These handlers will kick into action when is_signup is False. In case
the account exists, the user will be logged in, otherwise, user will
be asked if they want to proceed to registration.
2017-05-10 17:20:34 -07:00
11426a2cec
log_into_subdomain: User should be None in signup.
2017-05-10 17:20:34 -07:00
5019b53492
auth: Pass is_signup option around.
2017-05-10 17:20:34 -07:00
ce3974b40e
auth: add is_signup option to login_or_register_remote_user.
2017-05-10 17:20:34 -07:00
f4a1cea488
auth: Refactor conditionals in login_or_register_remote_user.
2017-05-05 10:19:02 -07:00
33ecfd7da4
auth: Remove require_GET for api_get_auth_backends.
...
Unfortunately, the Android app incorrectly uses POST with this
endpoint, so the recent change to add this needs to be reverted.
2017-05-04 14:39:02 -07:00
51260b7536
auth: Add new route to get server settings.
...
Specifically, this makes easily available to the desktop and mobile
apps data on the server's configuration, including important details
like the realm icon, name, and description.
It deprecates /api/v1/get_auth_backends.
2017-05-03 16:40:14 -07:00
5d5a314051
auth: Refactor api_get_auth_backends.
2017-05-03 16:40:07 -07:00
90a154e451
Add mobile auth redirect to custom URI scheme (zulip://).
...
This makes it possible for the Zulip mobile apps to use the normal web
authentication/Oauth flows, so that they can support GitHub, Google,
and other authentication methods we support on the backend, without
needing to write significant custom mobile-app-side code for each
authentication backend.
This PR only provides support for Google auth; a bit more refactoring
would be needed to support this for the GitHub/Social backends.
Modified by tabbott to use the mobile_auth_otp library to protect the
API key.
2017-04-28 11:47:35 -07:00
0566b8dd73
auth: Fix prams typo in Google auth code path.
2017-04-28 11:47:35 -07:00
83fe8d4420
auth: Simplify code for Google CSRF state.
...
This will make it much easier to avoid adding new things that aren't
actually included in the CSRF hash of the other parameters.
2017-04-28 11:47:35 -07:00
54b899860d
auth: Add GitHub to list of reported backends.
2017-04-28 11:47:35 -07:00
dbbc73837d
redirect_to_main_site: Handle is_signup parameter.
...
Passes on the is_signup parameter passed in a querystring.
2017-04-20 11:14:28 -07:00
d699172d06
authenticate_remote_user: Properly handle None email.
2017-04-18 09:33:03 -07:00
519dcdb750
api_dev_fetch_api_key: Improve invalid email message.
...
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
2017-04-13 12:48:13 -07:00
80b019629c
remote_user_sso: Improve invalid email message.
...
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
2017-04-13 12:48:13 -07:00
93aa478efb
api_fetch_api_key: Improve invalid email message.
...
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
The only backend which can accept a non-email username is LDAP.
So we check if it is enabled before showing the custom message.
2017-04-13 12:48:13 -07:00
Tim Abbott
Umair Khan
Vishnu Ks
rht
Vishnu Ks
Vaida Plankyte
Rishi Gupta
neiljp (Neil Pilgrim)
umkay
Yago González
Aditya Bansal
Neeraj Wahi