Mirror/app-MAIL-temp
1
0
Fork 0
mirror of https://github.com/simple-login/app.git synced 2024-11-13 07:31:12 +01:00
Code Issues Projects Releases Packages Wiki Activity
4855 commits 60 branches 231 tags 19 MiB
Commit graph

25 commits

Author SHA1 Message Date
Adrià Casajús
31896ff262
Replace black and flake8 with ruff (#1943) 2023-11-21 16:42:18 +01:00
Adrià Casajús
3f84a63e6d
Extend validity of totp tokens for up to a minute. (#1494) 
* Feat: Allow TOTP for up to one minute in the future and in the past

* Feat: Allow TOTP for up to one minute in the future and in the past

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-12-16 17:54:46 +01:00
Son Nguyen Kim
7b24cdd98a
Revert "remove deduct_limit as it has no effect (#1347)" (#1348) 
This reverts commit 851ba0a99a.
 2022-10-13 22:00:45 +02:00
Son Nguyen Kim
851ba0a99a
remove deduct_limit as it has no effect (#1347) 
* remove deduct_limit as it has no effect

- disable rate limit during test
- randomize data in test
- support non-empty db in test

* fix more test
 2022-10-13 18:55:22 +02:00
Adrià Casajús
e91fd26964
Sanitized missing places 2022-03-29 18:03:18 +02:00
george
50122da0fe
Implement API notifications and use a function in email_utils 2022-01-20 17:42:11 +00:00
george
42407a0543
Send the email after the local error. 2022-01-20 16:44:15 +00:00
george
f7f91afc1e
Send a notification email for invalid recovery codes. 2022-01-20 16:41:42 +00:00
george
6d736aa915
Implement rate limiting with send_email_with_rate_control. 2022-01-20 15:05:18 +00:00
george
0eb2984b9c
Add invalid TOTP login email notifications. 2022-01-20 14:18:47 +00:00
Son
372466ab06 do not use flask-sqlalchemy 
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
 2021-10-12 14:36:47 +02:00
Son NK
ef7fae32b1 remove the "Hi {name}" from email template 2021-01-11 10:23:34 +01:00
Sibren Vasse
31a1f94a5f Implement rate limiting 2020-05-25 11:39:33 +02:00
Sibren Vasse
097ac771b0 Prevent OTP replay attacks by invalidating last token 2020-05-24 19:23:16 +02:00
Sibren Vasse
35bb1645a3 Allow user to disable mfa for browser for 30 days 2020-05-24 19:23:16 +02:00
Sibren Vasse
8c946d7026 Remove token when submitted value is incorrect 2020-05-24 19:23:16 +02:00
Son NK
87d52216cb reformat 2020-05-17 10:35:11 +02:00
Son NK
2e208ed505 display recovery code options on mfa and fido page 2020-05-17 10:27:20 +02:00
devStorm
f7e3320242
model - fido_enabled 2020-05-07 05:32:52 -07:00
devStorm
9b8340f3e0
Black formatted 2020-05-07 02:53:28 -07:00
devStorm
9da6054ec0
Allow to use either OTP or FIDO for 2FA 2020-05-05 05:16:33 -07:00
Son NK
837ab8258e redirect to login page instead 2020-01-03 23:50:34 +01:00
Son NK
4208ba379f Fix user could go to MFA page directly 2020-01-03 23:42:35 +01:00
Son NK
de0368c20f remove redundant code 2019-12-27 16:53:07 +00:00
Son NK
c52f2d1603 Create auth/mfa page used by user who has enabled MFA 2019-12-27 16:53:07 +00:00