mastodon/spec
Claire 2688f18d06 Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-11-05 20:27:07 +01:00
..
controllers Fix authentication failures after going halfway through a sign-in attempt (#16607) 2021-11-05 20:27:07 +01:00
fabricators Add canonical e-mail blocks for suspended accounts (#16049) 2021-04-17 03:14:25 +02:00
features Add submit button to the top of preferences pages (#13068) 2020-03-08 16:04:03 +01:00
fixtures Add import/export feature for bookmarks (#14956) 2020-11-19 17:48:13 +01:00
helpers Change RTL detection to rely on unicode-bidi paragraph by paragraph (#14573) 2020-12-15 12:56:43 +01:00
lib Add joined date to profiles in web UI (#16169) 2021-05-07 14:33:19 +02:00
mailers Add Ruby 3.0 support (#16046) 2021-05-06 14:22:54 +02:00
models Change trending hashtags to be affected be reblogs (#16164) 2021-05-07 14:33:43 +02:00
policies Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
presenters Add Ruby 3.0 support (#16046) 2021-05-06 14:22:54 +02:00
requests Further preparation for Rails 6 (#15916) 2021-03-19 02:45:34 +01:00
routing Move create/destroy actions for api/v1/statuses to namespace (#3678) 2017-06-10 09:39:26 +02:00
serializers/activitypub Fix account URI in UpdatePollSerializer (#11194) 2019-06-27 19:41:55 +02:00
services Fix crash when encountering invalid account fields (#16598) 2021-11-05 20:26:51 +01:00
support Fix base64-encoded file uploads not being possible (#12748) 2020-01-04 01:54:07 +01:00
validators Add canonical e-mail blocks for suspended accounts (#16049) 2021-04-17 03:14:25 +02:00
views Remove Atom feeds and old URLs in the form of GET /:username/updates/:id (#11247) 2019-07-07 16:16:51 +02:00
workers Change Web Push API deliveries to use request pooling (#16014) 2021-04-12 14:25:34 +02:00
rails_helper.rb Add WebAuthn as an alternative 2FA method (#14466) 2020-08-24 16:46:27 +02:00
spec_helper.rb Move rspec examples to tmp dir (#12539) 2019-12-02 19:55:08 +01:00