An error occurred fetching the project authors.
  1. 14 Feb, 2017 1 commit
  2. 06 Feb, 2017 3 commits
  3. 13 Jan, 2017 2 commits
  4. 16 Dec, 2016 4 commits
  5. 18 Aug, 2016 1 commit
    • Robert Speicher's avatar
      Merge branch '2fa-check-git-http' into 'master' · 02640809
      Robert Speicher authored
      2FA checks for Git over HTTP
      
      ## What does this MR do?
      
      This MR allows the use of `PersonalAccessTokens` to access Git over HTTP and makes that the only allowed method if the user has 2FA enabled. If a user with 2FA enabled tries to access Git over HTTP using his username and password the request will be denied and the user will be presented with the following message:
      
      ```
      remote: HTTP Basic: Access denied
      remote: You have 2FA enabled, please use a personal access token for Git over HTTP.
      remote: You can generate one at http://localhost:3000/profile/personal_access_tokens
      fatal: Authentication failed for 'http://localhost:3000/documentcloud/underscore.git/'
      ```
      
      ## What are the relevant issue numbers?
      
      Fixes #13568 
      
      See merge request !5764
      02640809
  6. 17 Aug, 2016 1 commit
  7. 16 Aug, 2016 2 commits
  8. 30 Jun, 2016 1 commit
  9. 16 Jun, 2016 1 commit
    • Timothy Andrew's avatar
      Implement @DouweM's feedback. · 7ee0898a
      Timothy Andrew authored
      - Extract a duplicated `redirect_to`
      - Fix a typo: "token", not "certificate"
      - Have the "Expires at" datepicker be attached to a text field, not inline
      - Have both private tokens and personal access tokens verified in a
        single "authenticate_from_private_token" method, both in the
        application and API. Move relevant logic to
        `User#find_by_personal_access_token`
      - Remove unnecessary constants relating to API auth. We don't need a
        separate constant for personal access tokens since the param is the
        same as for private tokens.
      7ee0898a
  10. 10 Jun, 2016 1 commit
    • Timothy Andrew's avatar
      Implement second round of comments from @jschatz1. · e18a08fd
      Timothy Andrew authored
      - Just use a link for the clipboard button. Having a non-clickable
        container (that looks like a button) is confusing.
      - Use `text-danger` for the "you won't be able to access it again" message.
      - Highlight the created token so people know to look there.
      e18a08fd
  11. 09 Jun, 2016 1 commit
    • Timothy Andrew's avatar
      Implement @jschatz1's comments. · 1f5ecf91
      Timothy Andrew authored
      - No hardcoded colors in any SCSS file except `variables.scss`
      - Don't allow choosing a date in the past
      - Use the same table as in the "Applications" tab
      - The button should say "Create Personal Access Token"
      - Float the revoke button to the right of the table cell
      - Change the revocation message to be more explicit.
      - Date shouldn't look selected on page load
      - Don't use a panel for the created token
          - Use a normal flash for "Your new personal access token has been created"
          - Show the input (with the token) below it full width.
          - Put the "Make sure you save it - you won't be able to access it again." message near the input
      - Have the created token's input highlight all on single click
      1f5ecf91
  12. 03 Jun, 2016 2 commits
  13. 02 Jun, 2016 1 commit
  14. 01 Jun, 2016 1 commit
    • Timothy Andrew's avatar
      Fix minor issues with the personal access tokens implementation. · c75aea5e
      Timothy Andrew authored
      - Use the `:personal_access_token` param root instead of
        `personal_access_token_params`, because we aren't using the
        `personal_access_token` param for authentication anymore (we're using
        `private_token` instead).
      - Use `build` to instantiate a `PersonalAccessToken`
      - Use better-formatted dates
      c75aea5e
  15. 11 May, 2016 1 commit
  16. 28 Apr, 2016 9 commits