Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,723 Commits 54 Branches 184 Tags 41 MiB
Commit Graph

25 Commits

Author SHA1 Message Date
Adrià Casajús 31896ff262
Replace black and flake8 with ruff (#1943) 2023-11-21 16:42:18 +01:00
Adrià Casajús 3f84a63e6d
Extend validity of totp tokens for up to a minute. (#1494) 
* Feat: Allow TOTP for up to one minute in the future and in the past

* Feat: Allow TOTP for up to one minute in the future and in the past

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-12-16 17:54:46 +01:00
Son Nguyen Kim 7b24cdd98a
Revert "remove deduct_limit as it has no effect (#1347)" (#1348) 
This reverts commit 851ba0a99a.
 2022-10-13 22:00:45 +02:00
Son Nguyen Kim 851ba0a99a
remove deduct_limit as it has no effect (#1347) 
* remove deduct_limit as it has no effect

- disable rate limit during test
- randomize data in test
- support non-empty db in test

* fix more test
 2022-10-13 18:55:22 +02:00
Adrià Casajús e91fd26964
Sanitized missing places 2022-03-29 18:03:18 +02:00
george 50122da0fe
Implement API notifications and use a function in email_utils 2022-01-20 17:42:11 +00:00
george 42407a0543
Send the email after the local error. 2022-01-20 16:44:15 +00:00
george f7f91afc1e
Send a notification email for invalid recovery codes. 2022-01-20 16:41:42 +00:00
george 6d736aa915
Implement rate limiting with send_email_with_rate_control. 2022-01-20 15:05:18 +00:00
george 0eb2984b9c
Add invalid TOTP login email notifications. 2022-01-20 14:18:47 +00:00
Son 372466ab06 do not use flask-sqlalchemy 
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
 2021-10-12 14:36:47 +02:00
Son NK ef7fae32b1 remove the "Hi {name}" from email template 2021-01-11 10:23:34 +01:00
Sibren Vasse 31a1f94a5f Implement rate limiting 2020-05-25 11:39:33 +02:00
Sibren Vasse 097ac771b0 Prevent OTP replay attacks by invalidating last token 2020-05-24 19:23:16 +02:00
Sibren Vasse 35bb1645a3 Allow user to disable mfa for browser for 30 days 2020-05-24 19:23:16 +02:00
Sibren Vasse 8c946d7026 Remove token when submitted value is incorrect 2020-05-24 19:23:16 +02:00
Son NK 87d52216cb reformat 2020-05-17 10:35:11 +02:00
Son NK 2e208ed505 display recovery code options on mfa and fido page 2020-05-17 10:27:20 +02:00
devStorm f7e3320242
model - fido_enabled 2020-05-07 05:32:52 -07:00
devStorm 9b8340f3e0
Black formatted 2020-05-07 02:53:28 -07:00
devStorm 9da6054ec0
Allow to use either OTP or FIDO for 2FA 2020-05-05 05:16:33 -07:00
Son NK 837ab8258e redirect to login page instead 2020-01-03 23:50:34 +01:00
Son NK 4208ba379f Fix user could go to MFA page directly 2020-01-03 23:42:35 +01:00
Son NK de0368c20f remove redundant code 2019-12-27 16:53:07 +00:00
Son NK c52f2d1603 Create auth/mfa page used by user who has enabled MFA 2019-12-27 16:53:07 +00:00